AVG has belatedly introduced behaviour-based anti-malware protection to its line of paid-for security products.
AVG Internet Security 8.5, released on Monday, adds behaviour-based security technology to existing pattern-based detection. The technology comes from the recent acquisition of Sana Security. Sana's technology will also be available as a standalone product, called AVG Identity Protection, which will be priced at $19.99, and can work with other vendors' anti-virus products.
Many of the leading AV engines have relied for years on generic detection and heuristic technology, which is another way of describing behaviour-based detection, to identify malware. Paul Burke, newly-appointed VP of product management at AVG, said the difference with AVG was that its technology incorporated supplemental analysis and back-end lookups to avoid problems such as false positives.
Blocking malware on the basis of its behaviour, rather than recognising its signature, is a straightforward enough concept but one mired in rival marketing claims that are sometimes difficult to unravel. AVG's use of the term Identity Protection adds reference to a buzz word but boils down to technology that shuts down banking Trojans if any attempt is made to log keystrokes, for example.
AVG Identity Protection gives computer users an additional layer of protection on top of their existing security software. IDP is specifically focused on helping to prevent thieves from using carefully-targeted attacks to steal passwords, bank account details, credit card numbers, and other digital valuables.
It uses a technology called behavioral analysis to make sure all the programs running on a user's computer are operating the way they should. If it spots something suspicious that could indicate an attempted ID theft attack, it shuts that activity down, preventing any possible theft from happening.
AVG quotes a user base of 80m, and though it doesn't say what percentage uses the better-known free version, it's safe to say it's the vast majority. AVG's free product also got a boost with the 8.5 rev of the product, adding safe-surf to existing anti-virus, anti-spyware and safe-searching capabilities.
Both the safe-surf and safe-searching software flow from AVG's acquisition of the Linkscanner technology from Exploit Prevention Labs. LinkScanner Search-Shield, which places safety ratings next to search results, debuted with AVG 8.0 and caused severe problems for webmasters tarnished by AVG's black list.
The LinkScanner Search-Shield component scanned every result on a page returned by a search, using a user agent that was deliberately almost indistinguishable from a surfer visiting a site using Internet Explorer. This "traffic-spewing" behaviour distorted site visitor statistics, especially for sites with high search engine ranking, while simultaneously sucking up extra bandwidth.
AVG responded to criticism by changing the technology so that it didn't pre-scan every page returned by a search query, instead relying on a local blacklist, and pre-fetching and scanning only those links selected by a surfer.
The added safe-surf component, which users of the paid version of the product have enjoyed since last year, brings in-line protection into the mix and because it analyses only sites users are actually about to visit doesn't pose the same potential problems as the unmodified safe-search feature.
In another catch-up development, AVG added centralised anti-spam protection to its small-business targeted Exchange Server product. ®
- Black Hat
- Cybersecurity and Infrastructure Security Agency
- Cybersecurity Information Sharing Act
- Data Breach
- Data Protection
- Data Theft
- Identity Theft
- Palo Alto Networks