Sophos, a provider of IT security for leading companies, today
announced the availability of its Host Intrusion Prevention System
(HIPS), which proactively identifies and blocks programs that
behave suspiciously before they execute. Sophos's Behavioral
Genotype Protection, which has been fully integrated into all of
Sophos's anti-virus solutions, can detect unknown spyware and
malware without a false positive problem and without the need to
install any additional software.
Sophos's Behavioral Genotype
Protection has been developed by the experts at SophosLabs™, Sophos's global
network of research and development centers. Unlike competing
products, which monitor running code and intercept suspicious
behavior once it has occurred, Sophos's HIPS technology completely
prevents malware from executing, identifying it at the gateway, on
fileservers and at the endpoint. The malicious code is intercepted
before it can cause any harm.
"Financially-motivated hackers are distributing new malware at a
greater speed than ever before. Organisations need a strong defence
which can proactively detect unknown threats as they emerge," said
Munford, CEO of Sophos. "The beauty of Sophos's new technology
is that there is no need to roll-out new software. For no
additional cost, customers can benefit from the power of our
Behavioral Genotype Protection on every single operating system
platform that we support. It's a simple solution to a complex
Sophos's proactive protection is based on its unique product
engineering. With Sophos, enterprises are able to manage security
updates with a single management console and universal client for
both security and general desktop management. The new HIPS
technology uses the existing Sophos scanning engine, which is
present in all versions of Sophos endpoint, server and gateway
products. With this integration, companies have the tools to combat
the problem of unknown malware for no extra charge.
"The Behavioral Genotype Protection built into Sophos's
solutions is finding new malware every day that can sail past
up-to-date versions of competing anti-virus products," continued
Munford. "We can provide high precision in our detection of unknown
malware without the false alarm problem that other vendors struggle
Natalie Lambert, analyst at Forrester Research writes in the
Forrester Wave: Client Security Suites, Q3 2006 that "Sophos
Endpoint Security provides a single agent for all of its
functionality. This enables simple deployment of the product
through a push from the console."
"Sophos customers consistently say that working with Sophos
couldn't be easier. Furthermore, the SophosLabs' researchers work
with all types of the malicious code and therefore see correlations
between different types of code and create signatures that treat
the entire threat," continued Lambert.
Sophos's Genotype technology has proven to be world class in its
detection of emerging malware threats. The technology was capable
of proactively detecting the Sober-Z worm, the biggest malware
outbreak of the last 12 months, a full 20 days ahead of other major
With Behavioral Genotype Protection, Sophos provides
organisations with the following advantages:
- Prevents malicious behaviour from executing in any instance,
whether the code has launched or not.
- Identifies malicious code at the gateway or on fileservers and
deletes it before it has the chance to reach endpoint
- Eliminates false positives - SophosLabs rapidly validates its
rule-sets against terabytes of legitimate code. By comparison,
identifying false positives with runtime HIPS in running programs
is a huge and practically impossible task.
- Scans are performed within the anti-virus engine, eliminating
the need to run or manage any additional software.
Sophos's Behavioral Genotype Protection has been fully
integrated into all current versions of Sophos Anti-Virus. New
customers can download a free
evaluation version of the software.