Anti-malware vendor Kaspersky Lab is planning to build application vulnerability assessment and whitelisting into its enterprise products. The company already has whitelisting features in its consumer products.
In a market still dominated by security vendors Symantec and McAfee,
Moscow-based Kaspersky Lab made solid gains in 2008 through its consumer
With 2009 around the corner, Kaspersky is looking to take elements of
its consumer products to enterprise desktops. In an interview with eWEEK,
Steve Orenberg, president of Kaspersky's Americas
operation, said the company wants to make application whitelisting and
vulnerability assessment key elements of its enterprise security repertoire.
"It used to be that most of the attacks that companies or anybody would
encounter came through the OS [operating system]," Orenberg said. "What's
happened is that the bad guys are using really commonly distributed application
vulnerabilities ... as attack vectors."
According to Orenberg, addressing this takes a combination of whitelisting
and application vulnerability assessment. The company has already started down
this path with its consumer products, adding the ability to identify
out-of-date applications and directing users of unpatched programs to the
appropriate downloads. As for whitelisting, the company utilizes Bit9's
database of trusted files and applications in the Kaspersky Internet Security
2009 and Anti-Virus 2009 products. Both capabilities are on the road map for
Kaspersky's enterprise products in 2009.
It's no secret that whitelisting
has gained traction
among security vendors. Symantec CEO
John Thompson has spoken out on the importance of it as an aspect of IT
security, and security rival McAfee announced integration between McAfee
ePolicy Orchestrator and Bit9's technology in October. Application scanning is
going to be in demand as well, said Paul Roberts, an analyst with The 451
"We long ago saw the shift from attacks on vulnerabilities in Windows
components to attacks on common apps like QuickTime, Adobe Reader, Windows
Media Player, etc. ... Endpoint security vendors need to do more than scan e-mail
attachments and hard drives for the viruses and known malicious code-they need
to be able to be proactive about threats," Roberts said.
Still, with the major security vendors all walking similar paths, Kaspersky
faces the challenge of separating itself from others in the market.
"We're going to expand our technology, we're going to expand our portfolio,
but it's going to be really focused on threat protection as opposed to
ancillary type of technologies," Orenberg said.