|
The zero-day attack, viruses, worms, and spyware are constantly
evolving as malware writers attempt to circumvent security software. Traditional
signature-based antivirus is reactive. Instead of trying to keep up with them,
ThreatSense® stays a few steps ahead. The ThreatSense® engine is a sophisticated,
well-balanced system of advanced heuristics and malware signatures, providing
the best detection without compromising speed.
For many existing viruses, ThreatSense® includes a traditional form of malware
signatures. ThreatSense® also utilizes next generation generic signatures to
quickly detect known malware families and their future variants. This more adaptive
form of signature specification enhances the ability of ThreatSense® to detect
future variants.
Certain methods of heuristics can detect some basic macro and script viruses.
ThreatSense’s® Advanced Heuristics engine enables detection of malware not specified
in the signature database. It proactively decodes and analyzes executable code
in a protected virtual environment in order to identify increasingly sophisticated
malicious behavior, characteristic of today’s evolving threats. For example,
WIN32 worms, backdoor programs, and trojans. This finely tuned engine catches
more than 90% of so-called zero-day attack worms and viruses, which most other
vendors miss without a signature update.
Archiving & Packing are techniques used by malware writers to circumvent
signature-based detection. ThreatSense® includes a generic unpacking and emulation
technology to decode virtually any hidden malware, in wrappers or modified by
runtime packers. This sophisticated algorithm thwarts virus writers' efforts
to go undetected.
This blended approach to detection leverages the benefits of each technology
and makes NOD32 the fastest, most accurate, and lowest impact solution in the
industry.
An Early Warning System
ThreatSense.Net extends the power of ThreatSense’s® powerful analytics on a global
scale and acts as an early warning system. By automatically (or manually) submitting
samples of new suspected malware to threat lab researchers for analysis, ThreatSense.Net
helps close the window of vulnerability to new threats, including the zero-day
attack.
ESET clients receive notification of new malware outbreaks and tips on how to
protect themselves via this feedback loop as well. Globally collected information
and statistics are made available online at http://www.virusradar.com/.
|
