reducing risk through incremental malware detection
DESCRIPTION
Reducing Risk Through Incremental Malware Detection. Prevx November 2007. Incremental Detection. Every day we test 3 rd party products to measure the incremental detection we can offer our customers. Actual data from November 5 th , 2007. Reducing Risk Through Incremental Detection. - PowerPoint PPT PresentationTRANSCRIPT
Reducing Risk ThroughIncremental Malware Detection
Prevx
November 2007
Incremental Detection
Every day we test 3rd party products to measure the incremental detection we can offer our customers
Actual data from November 5th, 2007
Reducing Risk Through Incremental Detection
• The previous slide illustrates the results from our 3rd party product tests for November 5th, 2007
• The following slides show the backup information available on the samples used for the tests. All of the test samples were first seen and harvested in the wild on Nov 5th, 2007.
• This information is available daily, free of charge, to security vendors, industry analysts and major corporations to enable them to independently verify or challenge our testing.– To register for access to this information click here:
• http://www.prevx.com/register.asp
Reducing Risk Through Incremental Detection
Detected Undetected
Actual data from Nov 5th, 2007
MD5
Reducing Risk Through Incremental Detection
Reducing Risk Through Incremental Detection
Detected Undetected
Actual data from Nov 5th, 2007
Reducing Risk Through Incremental Detection
July 17th,2007
Reducing Risk Through Incremental Detection
This is a new version of the Trojan.Gorhax information stealer which infiltratedthe US Department of Transportation and many major US Corporations in July,2007.
Reducing Risk Through Incremental Detection
Detected Undetected
Actual data from Nov 5th, 2007
Reducing Risk Through Incremental Detection
• Our daily test results show every sample tested– Which vendors detected each sample– The MD5 hash of each sample– The Prevx summary of the sample’s observed
behavior– The identity of the sample as seen in the wild
• Incremental detection test results plus history back to July 2007 is available 24 hours a day online, free of charge
Reducing Risk Through Incremental Detection
• How does Prevx consistently see so many new malicious objects that are undetected by many other vendors?– Every Prevx product shares knowledge of suspicious software
seen by our client base
– Prevx learns about 50,000+ new executable objects every day from thousands of new and existing Prevx CSI and Prevx 2.0 customers
– Prevx receives 3 Gigabytes of new unique suspicious samples every day
– Prevx has a massively powerful, scalable and automated research facility that determines 7,000 to 10,000 new malicious objects every day which improves geometrically with volume
Reducing Risk Through Incremental Detection
• Is it true that other vendors could claim they detect malware that Prevx doesn’t?– Yes, it is. However, as other vendors do not
make their test data available as Prevx does it is difficult to quantify.
– We focus our testing on demonstrating the incremental detection that Prevx can offer to a company already using another vendor’s product
Reducing Risk Through Incremental Detection
• How does Prevx make its incremental detection available?– Prevx CSI: a small, ultra-fast on demand malware detection
available free to consumers and business• http://www.prevx.com/freescan.asp
– Prevx eSAC: a pre-transaction malware screening allowing banks, brokerages and eCommerce web sites and their customers to reduce online fraud
• http://www.prevx.com/esacannouncement.asp – Prevx 2.0: powerful anti-malware protection and cleanup
• http://www.prevx.com/antimalware.asp – Prevx CSI+: CSI plus powerful disinfection, remediation and
cleanup• Available November, 2007
– Prevx NAC Plugin: Incremental malware screening for those seeking faster more powerful detection
– Prevx OEM: Incremental detection and remediation technologies
Reducing Risk Through Incremental Detection
Malware Volumes Are Growing Exponentially
Reducing Risk Through Incremental Detection
• Prevx CSI proved that out of 300,000 PCs screened in October 2007 at least one in six PCs had one or more active infections
• Malware volumes are rising exponentially
• In the month of October 2007, more new malicious objects were seen for the first time than existed prior to 2003
• Managing the increase in malware volumes is key to detection rates for all vendors
• Prevx has designed its automated malware research facilities to thrive in this environment as a result our incremental detections are improving month on month
Reducing Risk ThroughIncremental Malware Detection
“Prevx….. it’s incremental”
http://www.prevx.com
Sample screen shots of Prevx CSI follow
Prevx CSI Incremental Malware Detection
Prevx CSI is 600Kb, requires no installation and screens any PC or Server for active malware infections in less than 1 minute. In October 2007, 300,000 users screened their PC with Prevx CSI. One in six PCs had at least one active malware infection.Prevx CSI is compatible with Windows XP, 2000, 2003, Vista and all popular securityapplications.
http://www.prevx.com/freescan.asp
Prevx CSI Incremental Malware Detection For Businesses
PC1
PC2
PC3
Report Group
To access the free Prevx CSI Incremental Detection Scanner For Businesses:Click Here: http://www.prevx.com/registration.asp
Prevx CSI Incremental Malware Detection For Businesses
PC1Report Group
PC1
Prevx eSAC Pre-TransactionIncremental Malware Detection
eSAC uses CSI for pre-transaction malware screening allows banks, brokerages, eCommerce web sites and their customers to reduce online fraud by warningboth parties of the presence ofactive malware infection beforecredential/information exposure
Prevx eSAC Pre-TransactionIncremental Malware Detection
Prevx eSAC Pre-TransactionIncremental Malware Detection
Prevx eSAC Pre-TransactionIncremental Malware Detection
For further information about Prevx
CSIeSAC
and Prevx 2.0
http://www.prevx.com/contactus.asp