Panda to Update, Reposition TruPrevent Security Software

By Jim Louderback  |  Posted 2005-03-14 Print this article Print

The TruPrevent refresh is one of Panda's many wide-ranging initiatives targeting individual consumers, SMBs and large enterprises this year.

BILBAO, Spain—In a series of wide-ranging discussions with on Monday, Spanish security company Panda Software revealed its plans to update, reprice and reposition its proactive, anti-malware software product TruPrevent, along with laying out a broad outline of product plans for 2005. The companys TruPrevent product, which promises to intercept and terminate unknown threats before they can infect or spread, was released in August 2004. Designed as an add-on to traditional anti-virus and anti-spyware products, the stand-alone version has not lived up to Pandas expectations. The company is readying a major update, adding new features and capabilities, and it will almost double the products price in the United States.
TruPrevent today is built around behavior analysis, where it conducts real-time analysis of programs as they execute.
The software intercepts all calls to Windows, and then determines whether they are malicious. Although past heuristic-based anti-virus products have drowned in a sea of false positives, none was observed during PC Magazine Labs tests of TruPrevent last fall. Click here for a review of Panda TruPrevent Personal 2005. "We have over 400,000 users, and the false-positive rate is negligible," said Josu Franco, business development manager at Panda Software International S.L. And because TruPrevent reports back to Pandas Labs when it discovers a bad piece of code, it also has dramatically increased the number of worms, Trojans, viruses and spyware programs that Panda has been able to identify, and then has blocked them using more traditional software schemes. "We identified 200 signatures a week last year, and 2,000 signatures a week this year," said Pedro Bustamante, chief marketing officer at Panda Software. The core of the new features includes what the company is calling "genetic scanning" of applications. Traditional anti-virus software compares executables with a database of unique strings gleaned from actual viruses and other malware. Genetic scanning looks for suspicious clusters of instructions, potentially hazardous subroutine activity and other information gleaned from deconstructing program code. "I dont want to tell you too much how it works," said Patrick Hinojosa, Pandas chief technology officer, so as not to help spyware and virus writers circumvent the secret "genetic" algorithms. The genetic scanning capability already has been added to the companys free online scanner, ActiveScan, which can be downloaded here. Panda also plans on adding buffer-overflow detection to TruPrevent. Their technology aims to detect and prevent programs from executing instructions in areas of memory set aside for data. According to Panda, nearly 50 percent of all vulnerabilities today incorporate some sort of buffer-overflow technique. Read more here about buffer-overflow attacks. Theres a high risk of false positives with this type of technique, as many popular applications—including some from Microsoft Corp.—legitimately use this approach. But the company claims that the software will consult its database of legitimate applications before stopping an application that attempts to execute code in memory. The company also is working on technology for TruPrevent that will block other systems on a network from connecting to your PC—unless they are running updated anti-virus and firewall software. This wont stop a determined attack, but it should keep worms from spreading via open networks in coffee shops and college campuses. Next Page: A a new category of malware-detection software?

With more than 20 years experience in consulting, technology, computers and media, Jim Louderback has pioneered many significant new innovations.

While building computer systems for Fortune 100 companies in the '80s, Jim developed innovative client-server computing models, implementing some of the first successful LAN-based client-server systems. He also created a highly successful iterative development methodology uniquely suited to this new systems architecture.

As Lab Director at PC Week, Jim developed and refined the product review as an essential news story. He expanded the lab to California, and created significant competitive advantage for the leading IT weekly.

When he became editor-in-chief of Windows Sources in 1995, he inherited a magazine teetering on the brink of failure. In six short months, he turned the publication into a money-maker, by refocusing it entirely on the new Windows 95. Newsstand sales tripled, and his magazine won industry awards for excellence of design and content.

In 1997, Jim launched TechTV's content, creating and nurturing a highly successful mix of help, product information, news and entertainment. He appeared in numerous segments on the network, and hosted the enormously popular Fresh Gear show for three years.

In 1999, he developed the 'Best of CES' awards program in partnership with CEA, the parent company of the CES trade show. This innovative program, where new products were judged directly on the trade show floor, was a resounding success, and continues today.

In 2000, Jim began developing, a daily, live, 8 hour TechTV news program called TechLive. Called 'the CNBC of Technology,' TechLive delivered a daily day-long dose of market news, product information, technology reporting and CEO interviews. After its highly successful launch in April of 2001, Jim managed the entire organization, along with setting editorial direction for the balance of TechTV.

In the summer or 2002, Jim joined Ziff Davis Media to be Editor-In-Chief and Vice President of Media Properties, including, Microsoft Watch, and the websites for PC Magazine, eWeek and ZDM's gaming publications.


Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel