IT security firm Norman Data Defence Systems this week unveiled a portfolio of sandbox analysis tools designed to help corporate and government IT security departments analyse files in house in order to identify, reverse engineer and debug malware.
While typical antivirus suites provide only a 'yes' or 'no' answer on the question of whether a file is malicious, Norman's SandBox Analyser claims to provide in-house security personnel with in-depth reports on every action that a particular file executes on a particular computer.
Norman claims that on a tested sample set of 19,000 infected malware files, SandBox Analyser fully analysed the behaviour of the files at an average of 13 seconds each.
"This is the first time a data security company has put forensic tools this powerful directly into the hands of in-house security personnel," said Hank Dugan, chief executive officer of Norman Data Defence Systems. "Now, corporations and government agencies can perform their own file analysis instantly and protect their sensitive, classified and proprietary data cost-effectively and without relying on third party anti-virus vendors," he said.
The SandBox Analyser features a fully simulated computer and network within the application and any file loaded into this simulated environment is deceived into behaving normally while each action is recorded.
"Virus attacks are becoming more and more sophisticated, so pressure on security managers to quickly detect, analyse and debug viruses has never been greater. At the same time, organisations are reluctant to spend the money to fully analyse malicious code, which further adds to the risk of damage to their networks," added Dugan.
Norman conquest of malware rolls out sandboxes
By Clement James on Oct 27, 2006 9:43AM