Friday, August 22, 2014

Containment technology of Comodo smothered malware attacks in the bud –

malware preventive isolate instead rely on detection mechanisms

IT security expert Comodo turns the tables:. Instead of setting like other market competitors in terms of virus protection on recognition by means of blacklisting, trusts the manufacturer on prevention and insulation. Only major elements gain access to the enterprise network, unknown be moved using our own developed containment technology in a secure virtual environment. Here they are executed isolated and checked. This leads to a malware shield for the entire IT infrastructure. The containment technology is integrated into all Security Solutions Developer, including the Comodo Endpoint Security Manager (CESM).

With his approach Comodo is one step ahead of the market. Because traditional anti-virus solutions are based on the recognition principle (“detection”), in which they examine elements against a “blacklist”. It contains all known infected files and threats. Based on this “Default Allow” standards (by default allowed access) is determined which programs or files safely or can be allowed to access the system. The problem: All threats must be known so that the protection is ensured reliably. Zero-day attacks that occur for the first time, are possibly not yet registered and are thus executed in the worst case. A blacklist is 100 percent up to date with today’s mass and rapid proliferation of malware not possible.

excluded malware distribution

For this reason, Comodo his next-level security solutions placed on the principle of “Default Deny Protection”. Instead blacklist-checking done a standard defense of all unknown files and applications, assuming that they may pose threats. Only accredited, classified as safe elements are executed. Untrusted files shifts the containment technology in a virtual operating environment and leads them there, shielded from the rest of the system, from. Should it in fact be viruses or other malicious software, they can do no harm in the network or redistribute. Furthermore, suspicious files are automatically uploaded to the Valkyrie Malware Labs from Comodo, a cloud-based behavior analysis to verify the trustworthiness. Find all processes without interruption to the end user instead.

“Only our, default deny ‘approach ensures secure IT environments and brings Endpoint Security to a new level,” commented Karl Hoffmeyer, Senior Channel Sales Manager DACH at Comodo. “Because we look at the facts, translated into reality: No one would simply ask strangers in his house, like conventional antivirus solutions unknown files allow network access. Only confirmed trusted classified whitelist entries or using a permission of the user files and programs are running. All other elements reviewed our technology first. If necessary, the user can operate within the isolation environment with the files – without compromising their computer or even the whole network. The integrity of the operating system and the user data is permanently ensured. “

A YouTube video illustrates the workings of the Comodo principle. On the Comodo site, interested parties can register for free trials of enterprise products.


No comments:

Post a Comment