October 06, 2010 IT SECURITY, MANAGED SECURITY SERVICES

Tackling Internet Threats in Less than 60 Seconds

Response times to serious and new Internet threats until now, have often taken hours.

Not anymore!  We recently launched Sentinel Antivirus Engine – a new virus detection and signature service.

Network Box’s Sentinel Antivirus Engine develops its own signatures to protect against emerging viruses within 60 seconds of the threat being seen. It also works with our existing antivirus technology and automatic PUSH updates to provide the industry’s fastest protection against new threats.

We’re constantly seeing huge increases in the number of malicious viruses spreading via email. In fact, we just reported that the U.S. has overtaken India and Russia to become the biggest producer of viruses once more — the U.S. is now responsible for 12.05 per cent of the world’s viruses, up from 4.03 per cent from August, when the U.S. trailed both India and Russia.

The Sentinel Antivirus Engine operates by continually analyzing all the threat information that is received by the company’s proprietary Network Box Security Response system (such as spam traps, virus traps, customer submissions, mail and http statistics, suspect samples, etc).

This information is used to determine that a particular object may be malicious; and the system maintains a confidence level for the likelihood of an object being malicious. Confidence levels are expressed as a percentage (with 0 per cent being a new sample, and 100 being absolute certainty the object is malicious).

Only executable (or objects with the capability to embed executable) code have confidences assigned by the system. It is common to see a new outbreak enter the system with a low confidence level, but for that level to be rapidly escalated upwards as more samples from more sources are seen. Once that happens, the confidence level reaches 100 per cent and a formal signature released.

Security managers can set at what levels they want an object blocked (the default block is 50 per cent, but can be adjusted according to each company’s security requirements).

If you have any comments/questions, we always welcome your input!