New Sophos technology stops unknown malware threats before they execute

Sophos, a world leader in IT security, today announced the availability of its Host Intrusion Prevention System (HIPS), which proactively identifies and blocks programs that behave suspiciously before they execute. Sophos’s Behavioral Genotype Protection, which has been fully integrated into all of Sophos’s anti-virus solutions, can detect unknown spyware and malware without a false positive problem and without the need to install any additional software.

Sophos’s Behavioral Genotype Protection has been developed by the experts at SophosLabs, Sophos’s global network of research and development centres. Unlike competing products, which monitor running code and intercept suspicious behaviour once it has occurred, Sophos’s HIPS technology completely prevents malware from executing, identifying it at the gateway, on fileservers and at the endpoint. The malicious code is intercepted before it can cause any harm.

Sophos’s proactive protection is based on its unique product engineering. With Sophos, enterprises are able to manage security updates with a single management console and universal client for both security and general desktop management. The new HIPS technology uses the existing Sophos scanning engine, which is present in all versions of Sophos endpoint, server and gateway products. With this integration, companies have the tools to combat the problem of unknown malware for no extra charge.

With Behavioral Genotype Protection, Sophos provides organisations with the following advantages:

* Prevents malicious behaviour from executing in any instance, whether the code has launched or not.

* Identifies malicious code at the gateway or on fileservers and deletes it before it has the chance to reach endpoint computers.

* Eliminates false positives – SophosLabs rapidly validates its rule-sets against terabytes of legitimate code. By comparison, identifying false positives with runtime HIPS in running programs is a huge and practically impossible task.

* Scans are performed within the anti-virus engine, eliminating the need to run or manage any additional software.




Share this