Security firm 'detonates' copies of suspicious files to sniff out malware, botnet attacks
Network World - HBGary on Monday introduced an appliance that sits at the perimeter of the enterprise network to watch for possible incoming malware and outgoing traces of botnet infections.
Called Razor, the appliance uses a "virtual-machine system" that takes all files and copies them to inspect for malware by "detonating" the file copies in a sandbox to examine whether any document contains malicious content, according to HBGary CEO Greg Hoglund. It also watches for malicious command-and-control activity, and can automatically block further traffic associated with a malicious site.
PRODUCT NEWS: Appliance automates malware detection
Hoglund says the Razor appliance uses the same Digital DNA and Active Defense technology found in HBGary's end-node products. In deploying Razor at the perimeter, the idea is that if malware is detected in transit, an alert would be sent to the enterprise security information management point, with the goal of examining the machine where it's headed. The method does not rely on "static signature-based security," says Hoglund, adding customers feel this is no longer enough.
Interest in non-signature-based protection methods is on the rise. Razor is intended to compete with the detection approaches used by FireEye and Damballa, which do not rely on malware signatures. The announcement of HBGary's Razor comes on the heels of yet another new product to compete in this arena, the Spectrum appliance announced by NetWitness earlier this month.
Razor, which starts at $23,500, is now in beta and expected to ship in the February time frame.
Read more about wide area network in Network World's Wide Area Network section.
- Best iPhone, iPad Business Apps for 2014
- 14 Tech Conventions You Should Attend in 2014
- 10 Desktop Apps to Power Your Windows PC
- How to Add New Job Skills Without Going Back to School
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts