Kaspersky Lab to Bring Application Assessment, Whitelisting to Its Enterprise Portfolio

Anti-malware vendor Kaspersky Lab is planning to build application vulnerability assessment and whitelisting into its enterprise products. The company already has whitelisting features in its consumer products.

In a market still dominated by security vendors Symantec and McAfee, Moscow-based Kaspersky Lab made solid gains in 2008 through its consumer business.  

With 2009 around the corner, Kaspersky is looking to take elements of its consumer products to enterprise desktops. In an interview with eWEEK, Steve Orenberg, president of Kaspersky's Americas operation, said the company wants to make application whitelisting and vulnerability assessment key elements of its enterprise security repertoire.

"It used to be that most of the attacks that companies or anybody would encounter came through the OS [operating system]," Orenberg said. "What's happened is that the bad guys are using really commonly distributed application vulnerabilities ... as attack vectors."

According to Orenberg, addressing this takes a combination of whitelisting and application vulnerability assessment. The company has already started down this path with its consumer products, adding the ability to identify out-of-date applications and directing users of unpatched programs to the appropriate downloads. As for whitelisting, the company utilizes Bit9's database of trusted files and applications in the Kaspersky Internet Security 2009 and Anti-Virus 2009 products. Both capabilities are on the road map for Kaspersky's enterprise products in 2009.

It's no secret that whitelisting has gained traction among security vendors. Symantec CEO John Thompson has spoken out on the importance of it as an aspect of IT security, and security rival McAfee announced integration between McAfee ePolicy Orchestrator and Bit9's technology in October. Application scanning is going to be in demand as well, said Paul Roberts, an analyst with The 451 Group.

"We long ago saw the shift from attacks on vulnerabilities in Windows components to attacks on common apps like QuickTime, Adobe Reader, Windows Media Player, etc. ... Endpoint security vendors need to do more than scan e-mail attachments and hard drives for the viruses and known malicious code-they need to be able to be proactive about threats," Roberts said.

Still, with the major security vendors all walking similar paths, Kaspersky faces the challenge of separating itself from others in the market.

"We're going to expand our technology, we're going to expand our portfolio, but it's going to be really focused on threat protection as opposed to ancillary type of technologies," Orenberg said.