Malwarebytes preps enterprise edition of PC-cleaning software

  • (Network World)
  • — 30 July, 2011 00:46

Malwarebytes this fall expects to release an enterprise-grade anti-malware platform that it says doesn't compete directly with traditional antivirus software because it relies more on observing how the malware acts and less on seeking code signatures.

Founded in 2004, the company's roots are in malware removal, but since then it has made a name for itself with its free Malwarebytes Anti-Malware introduced in 2008 that it says can detect malicious code that antivirus software misses.

The company also sells a $24.95 Pro version of the product that it claims has been downloaded more than 100 million times.

MORE: Researcher: Threats from zero-day exploits overhyped

But now the company is developing a management platform to wrap around the product to make it more suitable for use in large businesses where deploying, managing, updating and getting reports from large numbers of machines is important.

Company executives say customers have deployed as many as 25,000 Malwarebytes clients, and written their own scripts to and tools to help deploy and manage them. The enterprise version will lift that need.

The company's core expertise is cleaning up infected computers, says Andreas Antonopoulos, an analyst with Nemertes Research. "Traditional malware systems are not very good at removing malware from infected systems," he says.

It remains to be seen whether enterprises will find that expertise valuable enough to pay for an enterprise license, Antonopoulos says. "It depends on how [each enterprise] handles infections."

Some businesses might not want to remove malware, preferring instead to wipe an infected machine clean and doing a bare-metal reinstall of the operating system and applications, he says. This option would be most attractive to organizations that are routinely building new desktops for employees anyway and have the resources to wipe and rebuild, he says. That way the organization can be sure the malware is gone, whereas removing just the malware leaves some uncertainty as to the effectiveness of the removal.

On the other hand, businesses with limited staff, money and expertise might not be able to wipe and rebuild. "The cost and time to rebuild is very, very high," Antonopoulos says.

The platform is effective enough that Kaseya, an IT SaaS provider, uses Malwarebytes to support its anti-malware module. Kaseya customers who buy the service can issue changes and monitor Malwarebytes clients via the Kaseya dashboard, says Jeff Keyes, the company's director of security.

He says customers were seeking a way to remove malware that was slowing down their corporate computers. "Their machines were loaded with crap, and they didn't want to spend time cleaning it up," he says. Once the software cleans the machines, customers leave it on to catch reinfections, he says.

Kaseya also sells antivirus services powered by Kaspersky and AVG, but Malwarebytes catches malware that the others don't, Keyes says.

That's because Malwarebytes looks not just for code signatures but also for what the malware does, says the company's founder and CEO Marcin Kleczynski. So if the code morphs, the Malwarebytes behavioral signature will still catch it. "Regardless of how the code changes, it will still detect the behavior," he says.

The company gathers samples of malware, checks whether traditional antivirus products can detect it and based on the results gives it a priority. If none do or just a few, Malwarebytes creates a signature for it right away, he says.

The software also blocks IP addresses known to spread malware, he says.

The company relies to some extent on the community of users that frequent its malware forum for finding new instances of malicious behavior, Kleczynski says.

Read more about wide area network in Network World's Wide Area Network section.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Tim Greene

Network World
Topics: security, Nemertes Research, anti-malware, antivirus, malware
Comments are now closed.

Latest News Articles

Most Popular Articles

Follow Us

GGG Evaluation Team

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Steph Mundell

LIFEBOOK UH574

The Fujitsu LifeBook UH574 allowed for great mobility without being obnoxiously heavy or clunky. Its twelve hours of battery life did not disappoint.

Andrew Mitsi

STYLISTIC Q702

The screen was particularly good. It is bright and visible from most angles, however heat is an issue, particularly around the Windows button on the front, and on the back where the battery housing is located.

Simon Harriott

STYLISTIC Q702

My first impression after unboxing the Q702 is that it is a nice looking unit. Styling is somewhat minimalist but very effective. The tablet part, once detached, has a nice weight, and no buttons or switches are located in awkward or intrusive positions.

Resources

Best Deals on GoodGearGuide

Compare & Save

Deals powered by WhistleOut
WhistleOut

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?