Anti-malware vendor Kaspersky Lab is planning to build application vulnerability assessment and whitelisting into its enterprise products. The company already has whitelisting features in its consumer products.In a market still dominated by security vendors Symantec and McAfee,
Moscow-based Kaspersky Lab made solid gains in 2008 through its consumer
business.
With 2009 around the corner, Kaspersky is looking to take elements of
its consumer products to enterprise desktops. In an interview with eWEEK,
Steve Orenberg, president of Kaspersky's Americas
operation, said the company wants to make application whitelisting and
vulnerability assessment key elements of its enterprise security repertoire.
It used to be that most of the attacks that companies or anybody would
encounter came through the OS [operating system], Orenberg said. Whats
happened is that the bad guys are using really commonly distributed application
vulnerabilities as attack vectors.
According to Orenberg, addressing this takes a combination of whitelisting
and application vulnerability assessment. The company has already started down
this path with its consumer products, adding the ability to identify
out-of-date applications and directing users of unpatched programs to the
appropriate downloads. As for whitelisting, the company utilizes Bit9s
database of trusted files and applications in the Kaspersky Internet Security
2009 and Anti-Virus 2009 products. Both capabilities are on the road map for
Kasperskys enterprise products in 2009.
Its no secret that whitelisting
has gained traction among security vendors. Symantec CEO
John Thompson has spoken out on the importance of it as an aspect of IT
security, and security rival McAfee announced integration between McAfee
ePolicy Orchestrator and Bit9s technology in October. Application scanning is
going to be in demand as well, said Paul Roberts, an analyst with The 451
Group.
We long ago saw the shift from attacks on vulnerabilities in Windows
components to attacks on common apps like QuickTime, Adobe Reader, Windows
Media Player, etc. Endpoint security vendors need to do more than scan e-mail
attachments and hard drives for the viruses and known malicious codethey need
to be able to be proactive about threats, Roberts said.
Still, with the major security vendors all walking similar paths, Kaspersky
faces the challenge of separating itself from others in the market.
Were going to expand our technology, were going to expand our portfolio,
but its going to be really focused on threat protection as opposed to
ancillary type of technologies, Orenberg said.