News

Flagship Product Analyzes Red-flagged Apps

• By Jason Turcotte
• September 18, 2006

Security solutions are only as efficient as the data they provide. One software company says when it comes to malware, they have a product that separates the wheat from the chaff, advising enterprises which files should and shouldn’t be on their systems.

Savant Protection introduced an enterprise management edition of a product–operable on both Windows and Linux systems–that doesn’t claim to eliminate security risks altogether but promises to contain the spread of such risks. And, unlike whitelist solutions, Savant offers data that lets chief security officers make educated decisions on which files should stay and which should go.

"This is about mitigating the sprawl of malware. There won’t be a security solution out there that will eliminate all security risks," said Ken Steinberg, CEO and founder, Savant. "You can’t take the human chaos out of the security picture."

With the mobility of apps today, enterprises are more susceptible to malware than ever before. Remotely working employees, office visitors and laptops are a few human factors that put orgs at risk. And hackers have as much access to security solutions as consumers do.

"It’s impossible to know what the next attack vector’s going to be," said Steinberg. "If you do, I want to know what tomorrow’s lottery numbers are going to be."

According to James Hickey, vice president and general manager for Savant, an enterprise’s chief concern used to be how it could maximize data flow 24 hours a day, seven days per week. Now that some financial institutions handle more than hundreds of terabytes of data, and thousands of transactions each day, their concern has moved to the security arena. Enterprises are looking for hassle-free methods for intrusion prevention.

The Savant technology–written on open source AJAX–automatically assigns a cryptographic key to every app within an enterprise. When the software detects a new app on the system a “request for action” reaches the security officer, asking to run always, run once or quarantine the new file. Steinberg says this decision can be ill-advised when IT staff is not apprised of which files are essential to the system. But Savant analysis is said to leave little doubt in their minds.

Since the Savant solution makes each system (within an enterprise) and its apps unique, a business can easily block unapproved, infected apps from entering benign computers. With a key assigned to not only apps, but operating systems, interpreters and scripts as well, programs trying to gain access without the appropriate key are prohibited from running on the system.

Steinberg predicts more and more enterprises will phase out whitelist solutions. Savant’s notable clients include those in the financial, insurance and utilities industries, and the government sector. The pay-per-use product is available now.

"Defense is not a good posture, but you don’t know how to attack hackers because you don’t know where they’re coming from," said Steinberg. "You need to make your castle survivable."