Symantec has developed a product built on community-based reputation that is designed to fight evolving malware.
Named Ubiquity, Symantec claimed that it enables the company to harness the anonymous software usage patterns of more than 100 million customers' PCs to deliver protection against micro-distributed, mutating threats.
It said that as malware has evolved, so should the protection. Therefore the Ubiquity product adds a new layer of protection that amplifies Symantec's existing defence-in-depth approach, which also includes signature-based protection, intrusion prevention and behavioural and heuristic detection capabilities.
A security rating is derived for each file based on information about the context of the file, such as where it came from, how old it is and its adoption patterns across Symantec's user population. It said that while attackers can easily mutate a malware file's contents to make it invisible to traditional signatures, they have far less control over these crowd-based demographics.
Also, as it has ratings for virtually every legitimate application on the internet, Symantec claimed that Ubiquity is one of the world's largest whitelist of trusted software and this data allows it to make more informed decisions about what files to block.
Following deployment in the Norton 2011 consumer security products and more recently in Symantec Hosted Endpoint Protection, Symantec is readying Ubiquity for rollout across a wide range of enterprise products over the coming year, starting with Symantec Web Gateway.
Stephen Trilling, senior vice president of security technology and response at Symantec, said: “There is no other malware protection technology in the world that has the capability of Symantec's Ubiquity. By harnessing the anonymous software usage patterns of more than one hundred million customers, Ubiquity allows Symantec to compute a unique safety rating for virtually every software application on the internet. This gives us the ability to protect our customers against targeted, mutated malware that would otherwise evade traditional virus fingerprints.”
Alongside this, Symantec has also introduced a mobile security and management strategy for enterprises to help support devices such as the iPad, iPhone and Android phones.
In addition to existing support for Windows Mobile, Symbian and BlackBerry, new features include remote wipe, password policy enforcement and device inventory.
Finally, it has also announced the launch of a new version of its encryption software that utilises the technology acquired from PGP earlier this year. Including support for Symantec data loss prevention capabilities and Intel anti-theft technology, it is planning to launch PGP Whole Disk Encryption later this year as part of its Symantec Endpoint Encryption Device Control and the newest version of Symantec Endpoint Encryption Full Disk Edition.
Bryan Gillson, senior director of product management at Symantec, said: “As security threats continue to evolve and confidential information proliferates to a wide array of endpoints, Symantec has innovated to address the new needs in the market.
“Symantec's goal is to provide effective, easy-to-use information protection products with the management capabilities needed to address today's stringent privacy and compliance regulations.”