2010年3月7日 星期日

Qualys introduces free malware detection


Qualys has become the first on-demand network and site vulnerability company to launch a free malware detection service, designed to protect websites from malicious activities and stop visitors from being infected by malware.

Under the new free service - QualysGuard Malware Detection - clients can upload details of up to 10 websites, and the Qualys network will check the pages for any infections and untoward activities.

The automated service conducts daily recurring scans that provide immediate insight into malware issues, and delivers alerts to the client when any malware is discovered.

The service is also billed as identifying vulnerable code snippets for quick and easy removal of malware.

Wolfgang Kandek, Qualys' chief technology officer, told Infosecurity that the service will use the company's bank of automated scanners around the world to look initially at the site(s) and compile an initial report.

"From there the project is handed over to bank of virtual Windows XP machines which test the site(s) using Internet Explorer 6, and monitor for anything unusual", he said.

"We're using a complex custom set of algorithms to look for anything unusual, such as malicious writes to the PC registry, or the creation of unusual temporary files to the hard drive", he said.

Is there not a danger that Qualys will lose money as clients opt for the free service, rather than paying for an existing service?, Infosecurity asked Kandek.

"Not really. Offering a free service like this will raise our visibility significantly in the marketplace, as well as give us access to a larger pool of data we would otherwise not have", he explained.

Qualys, he went on to say, conducts many thousands of millions of scans of sites each year, using around 7000 appliances located on the global internet.

"We have the world's largest network of systems testing sites in this way. It's the largest VM enterprise deployment", he said.

QualysGuard Malware Detection is billed as minimising false positives to a near zero rate by using a static and behavioural analysis to accurately identify malware whilst scanning.

The static analysis, says the company, identifies source code typically used in malicious attacks, including encoded JavaScript, web bugs, and character encoding inside of in-line frames.

Behavioural analysis, meanwhile, analyses malicious behaviour that occurs upon visiting the site with an unpatched browser and operating system. The software also monitors the unpatched machine for suspicious behaviour, such as programs being installed and started or files being written to disk.

As part of its announcements at the RSA security conference in San Francisco, Qualys has also launched Secure Seal, which allows website using the firm's detection service to demonstrate to online customers that they are taking proactive steps in identifying and remediating malware and other security threats from their websites.

沒有留言: