(Time to pay some bills, so here’s some shameless propaganda.)
Our CounterSpy Gateway SDK, used primarily by hardware appliance vendors to secure systems against spyware, is a powerful tool to protect corporate networks against spyware. We ship it for both Linix/Unix and Win 32 environments, and have a number licensees for the technology.
Today, we announced that we’ve added IDS/IPS functionality to the SDK, providing this functionality through a Snort-compatible engine. This allows an appliance or proxy vendor to incorporate signature-based antispyware detection along with a complete IDS/IPS solution to comprehensively detect inbound (and outbound) threats. (If you’re not familiar with IDS and IPS, a brief explanation is that IDS (Intrusion Detection System) looks for unauthorized access or behaviour that might signify an attack on a system. A related technology, IPS (Intrusion Prevention System) makes access control decisions based on application content.)
This functionality was developed by Sunbelt’s Dr. Yong Tang, who wrote his doctoral thesis on “Defending against Internet Worms” (you can read his paper here).
Our antispyware threat database continues to grow as our research team continues their work — it’s approaching a million threats (incidentally, I’ve found there’s quite a bit of confusion in the market as regards to our past relationship with Microsoft. To clarify for all, we don’t get signatures from Microsoft — and haven’t in almost a year, as the relationship was ended early to the satisfaction of both parties).
You can find out more about the CounterSpy Gateway SDK here, and our corporate press release is here. Interested parties can contact Chad Loeven, our VP of Business Development by email.
Alex Eckelberry