BARCELONA: Symantec has launched malware detection software dubbed Ubiquity, which is designed to identify malicious files from day zero and give enterprises increased protection from mutating software.
At its Vision 2010 event, Symantec claimed to have created the largest clean file database, utilising its 100 million customers, which is uses as the basis of Ubiquity.
Ubiquity works by creating a security rating for each file, based on where it came from, how old it is and its adoption patterns across the clean database, the firm said. This means that even if attackers mutate a malware file’s contents to make it invisible to traditional detection methods, it is harder to avoid being detected by Ubiquity, Symantec said.
If a previously unseen file is run against this database and is not found, it is treated as suspicious. Similarly, if it is located but only on machines that have previously been compromised, it is also treated as suspicious, explained Francis deSouza, senior vice president for the enterprise security group at Symantec.
The software effectively adds an entirely new layer of protection on top of the existing signature-based protection, intrusion prevention, behavioral and heuristic detection capabilities used, the firm said.
Symantec claimed that this results in dramatic performance gains, as only files that are identified as risky are scanned.
The data provided by Ubiquity can be also used to allow administrators to control what software enters their users’ environments.
“Ubiquity is the next generation of security technology and we created it to address the problem of custom malware,” deSouza said.
“We can use our scale to help make the very quick determination about whether a file you are seeing for the first time is good or bad.”
Symantec will roll out Ubiquity across a wide range of enterprise products over the coming year, starting with Symantec Web Gateway.
Alterations in capillary blood flow can be caused by body position change
Curiosity rover is in 'normal mode' but not transmitting scientific data back to base
NatWest outage comes a day after Barclays' IT systems shut out customers and staff
The ICO is concerned with AggregateIQ's retention and processing of data used in the Brexit referendum