(Time to pay some bills, so here’s some shameless propaganda.)
Our CounterSpy Gateway SDK, used primarily by hardware appliance vendors to secure systems against spyware, is a powerful tool to protect corporate networks against spyware. We ship it for both Linix/Unix and Win 32 environments, and have a number licensees for the technology.
Today, we announced that we’ve added IDS/IPS functionality to the SDK, providing this functionality through a Snort-compatible engine. This allows an appliance or proxy vendor to incorporate signature-based antispyware detection along with a complete IDS/IPS solution to comprehensively detect inbound (and outbound) threats. (If you’re not familiar with IDS and IPS, a brief explanation is that IDS (Intrusion Detection System) looks for unauthorized access or behaviour that might signify an attack on a system. A related technology, IPS (Intrusion Prevention System) makes access control decisions based on application content.)
Our antispyware threat database continues to grow as our research team continues their work — it’s approaching a million threats (incidentally, I’ve found there’s quite a bit of confusion in the market as regards to our past relationship with Microsoft. To clarify for all, we don’t get signatures from Microsoft — and haven’t in almost a year, as the relationship was ended early to the satisfaction of both parties).