A New Approach to Antispyware
Today's powerful spyware can mutate to evade detection and constantly reinstall to avoid removal. Current antispyware solutions employ signature- and/or behavior-based technologies in hopes of fighting these destructive programs. But successfully combating this new generation of spyware requires an entirely new approach: Spyware Profiling™.
Why Other Methods Are Ineffective
Increasingly, spyware authors are interested in criminal financial gain or corporate espionage. They're highly skilled, highly motivated. The spyware they create, such as hyper-mutating and custom-coded attacks, is far more difficult to detect and even harder to remove than yesterday's spyware.
- Hyper-mutating spyware can update itself via the Web or automatically be rewritten faster than a signature that identifies it can be created and distributed. The delayed response provides a window of vulnerability for widespread infection.
- Custom-coded spyware is maliciously aimed at a particular target, such as a corporation, and not the mainstream user community, so no signature to identify it is even created.
The result: Signature-based solutions are powerless against these new spyware methods. What's more, signature files grow ever larger, which makes updating, distribution and management more cumbersome for IT administrators. Despite these significant limitations, antivirus solutions rely entirely on signatures to detect malware.
Though powerful, behavior-based spyware detection is limited, too. It has difficulty differentiating between destructive and constructive behaviors. Also, it's extremely challenging for IT administrators to create standard behavior-based security policies capable of accurately identifying spyware throughout an enterprise. That's why security policies created with behavior-based solutions are either too lenient or too restrictive.
The Solution: Spyware Profiling
The patent-pending Spyware Profiling™ Engine goes further than signature- and behavior-based detection by providing contextual intelligence.
Spyware Profiling™ Engine takes signatures and behavior into account. But more importantly, profiling spyware also examines meta data, such as file size, location, and associated registry entries. The meta data provides far more context as to a program's behavior and characteristics.
For example, what if a program without a user interface attempted to make a function call to launch a Web browser? Such an application could likely be malicious spyware. This activity wouldn't seem unusual to a behavior-based solution, so no action would be taken to prevent it. Only spyware profiling would detect and block this suspicious program as it takes into account behavior in context with the application's attributes.
Tenebril is the first and only antispyware solution provider to offer spyware profiling technology. Spyware profiling goes far beyond signature- and behavior-based solutions to block known and unknown spyware.
Continuous Protection
By constantly monitoring the state, health, and configuration of computers on the network, only Tenebril eliminates the window of vulnerability and provides continuous protection from evasive threats.
To be comprehensive, an antispyware solution must also offer:
- Real-time detection immediately identifies emerging spyware — even programs deeply embedded in the operating system — before it can infect.
- Safe remediation automates and simplifies spyware removal. The contextual analysis provided by the Spyware Profiling Engine assures that only damaging spyware — not legitimate programs that serve a purpose — are removed.
Staying One Step Ahead
Malicious new spyware emerges daily and spreads rapidly. Enterprises are losing billions of dollars from reduced end-user productivity and network bandwidth, compromised IT resources, the loss of proprietary information, and more.
Tenebril provides proactive detection and removal of known and emerging threats — including hyper-mutating and custom-coded attacks that elude other antispyware solutions. Detection is real-time, and remediation is safe, fast, and effective.
Tenebril antispyware technology was designed from the ground up for the enterprise. It's easily scalable, interoperable with other enterprise security solutions, and easy to administer.
With Tenebril antispyware technology, your enterprise saves time, money, and resources — and stays one step ahead of emerging spyware threats.