McAfee always checks the sandbox for feline footprints
Subject: General Tech | February 26, 2013 - 01:45 PM | Jeremy Hellstrom
Tagged: mcafee, security, RSA 2013, sandbox
McAfee has been showing off their stuff at RSA 2013 specifically the new heuristic malware detection capabilities which they will be using instead of their current malware signature database which has over 113 million core samples. That signifies a huge change for the antivirus company as it moves to real time monitoring of all the processes on your machine for suspicious activity instead of matching patterns directly. While this could lead to some interesting side effects for verification software such as you find in some games, McAfee claims 100% effectiveness against current rootkits on Intel hardware compatible with Deep Defender, though they did not give many specifics about that test to The Register.
That is not all they are up to, McAfee just purchased Validedge's sandboxing technology to allow them to watch malware as it arrives and infects a machine to allow them to study its patterns. Strangely, The Inquirer mentions that they will be recording the signature so it is possible that it is an exaggeration that they are completely abandoning their signature database altogether and will be using a hybrid database and heuristic monitoring. The first software using this new option will be available in the second half of this year. Also briefly mentioned in the story is a suggestion that McAfee will be able to repair infected computers automatically via the ePO Agent.
"Signature-based malware identification has been around since the dawn of the computer security industry, but McAfee has said it's dumping the system – or rather, adapting it – in an upgraded security suite which will (it claims) virtually eliminate susceptibility to botnets."
Here is some more Tech News from around the web:
- Altera signs up to use Intel's upcoming 14nm process node @ The Inquirer
- HP offloads WebOS to LG for use in televisions @ The Inquirer
- Internet Explorer 10 for Windows 7 @ [H]ard|OCP
- Samsung, Visa in pay-by-bonk tie up @ The Register
- Not so fast, BlackBerry. Now Samsung wants your tasty biz mobe pie @ The Register
- Hacking the International Space Station with a toothbrush @ Hack a Day
- Super single-photon source for quantum computers @ nanotechweb