CNET también está disponible en español.

Ir a español

Don't show this again


Trend Micro gambles on 'in the cloud' technology

In response to rapidly changing malware, one antivirus vendor is looking to real-time lookup of known and unknown samples.

On Wednesday, Trend Micro CEO and co-founder Eva Chen unveiled a new vision for her company that includes "in-the-cloud" malware analysis.

Unlike the computer viruses of 20 years ago, which were slow to evolve and infected thousands of systems worldwide, malware today evolves rapidly and infects relatively few systems, creating thousands of new variants each day. Chen admits that traditional signature-based antivirus strategies may seem a bit outdated, but argues that pattern matching is still faster than running a full heuristic check of each new malware specimen. Her answer is to throw all the unknown samples up into the cloud for deeper and faster pattern recognition.

For the last few years, Trend Micro has been building robust servers around the world, enabling it to offer more and more software as a service (SaaS) solutions to its medium-size business customers. Now, Trend Micro is planning to include its "in-the-cloud" network service in two new suites for enterprises, and may in the future incorporate some of the technology in its home and small business offerings.

With faster Internet connections available worldwide, Chen argues it's faster to do a suspected malware lookup in the cloud than to initiate and execute a sandbox heuristic environment on the desktop. We're talking milliseconds vs. the 1 to 2 seconds for each sandbox inspection, and over several thousand samples, the time savings add up. Also, all unknown samples could be gathered from around the world, and new signatures could be sent out worldwide.

Chen envisions a 15-minute turnaround from discovery to mitigation of each new malware detected.

On Wednesday, Trend Micro announced two enterprise suites. A Threat Discovery Suite (due in Q3 2008) to find internal security threats on a network, and a Threat Mitigation Suite (due in Q4 2008) to provide analysis and policy review to protect against future threats.