AVG Acquires Behavioral Detection Security Company

Czech security company AVG has completed a deal to acquire Sana Security, which specializes in detecting malicious software based on its behavior.

By Jeremy Kirk

Tue, January 13, 2009 — IDG News Service — Czech security company AVG has completed a deal to acquire Sana Security, which specializes in detecting malicious software based on its behavior.

AVG paid cash for Sana but did not disclose the transaction value. Sana's 14 employees will work for AVG. The deal closed last week but was just announced Tuesday, said AVG CEO J.R. Smith.

Other security vendors such as Symantec are taking a similar approach to Sana's, looking at how applications and code behave on a PC in order to defend against the meteoric rise in the number of malicious software programs.

Antivirus products have traditionally relied on signature-based detection of malware. Antivirus software must be updated with files, called signatures, that enable the software to identify when malicious code has infected a machine.

But signature-based detection is less favored now because there are so many different varieties of malware. Virus analysts struggle to create new signatures fast enough.

The newer way is behavioral-based detection, where the security software looks at how code acts on a PC. Sana's technology can detect stealthy programs that start automatically and pick up on unusual network or system activity. Behavioral detection technology is seen as supplementary protection in addition to signatures.

The behavioral technology will detect so-called 0-day attacks, when a hacker exploits a previously undisclosed flaw in a software program, Smith said.

"If anything seems out of the ordinary they flag it, they identity it and they stop it," Smith said.

The behavioral technology will be integrated into AVG's antivirus and Internet security products by the end of June, Smith said. The new feature will not be included into AVG's free product, but the company could consider doing that in the future, he said.

Sana was founded in October 2000. Sana's products are Primary Response SafeConnect, the behavioral detection malware product; Primary Response Identity Protection, used to defend against identity theft attacks; and Primary Response AirCover, a wireless security product.

The company sold the behavioral detection product as a standalone to Internet service providers, which would offer it to their customers, Smith said.

Comments

More from IT Drilldown « Back to Security

Articles

Korea DDOS Virus Mission Shifts to Destroying, Erasing Data

Microsoft Promises to Stymie Hackers Next Week with New Patches

The Botnet World is a Booming World

New Spam Trick: Shortened URLs

IBM Security Software Masks Confidential Info

Verizon Helping Companies Assess Application Vulnerabilities

How to Use Electrical Outlets and Cheap Lasers to Steal Data

As Three Big iPhone Troubles Surface, Apple Dinged for Secrecy

Mobile Security ABCs

Get up to speed on mobile security.

Learn More »

Security Newsletter

Security MarketSpace

White Papers

5 Tips for Data Loss Prevention Solutions

RSA® The Security Division of EMC has identified 5 key considerations to help organizations simplify the evaluation process for selecting a DLP solution that is right for their business. Learn more »

Secure Training Videos to Prevent Theft

Learn how Dream Force extended their marketing reach without being constricted. Learn more »

Prevent Intellectual Property Theft

Learn what the key components were in Hock International's purchasing decision. Learn more »

Webcasts

Managing Client Systems in the Enterprise

Why Data Loss is Increasing--and What You Can Do About It

Maximizing the Business Value of the PC Infrastructure

Reduced IT budgets have CIOs hunting for ways to maximize their PC infrastructure, while saving money and IT staff time. Diane Bryant, CIO of Intel Corp., talks with CIO magazine's Gary Beach about how her organization is addressing these challenges. Learn more »