Malwarebytes today said it has begun shipping Windows-based software intended to detect and block unknown zero-day exploits. Malwarebytes says the software, called Anti-Exploit, can work as additional protection alongside traditional anti-malware.
“It could be used with Symantec Endpoint, for instance,” said Pedro Bustamante, director of special projects at Malwarebytes. It works by shielding applications running on the computer. If it’s set to guard Adobe Reader, for example, Anti-Exploit will watch what files it might seek to run, and if processes indicate it’s a malicious PDF, for example, Anti-Exploit will “stop the process before the exploit can execute,” Bustamante says. Anti-Exploit is based on technology acquired when Malwarebytes bought Zero Vulnerability Labs last year.
Malwarebytes hopes Anti-Exploit will be seen as the zero-day protection equivalent of “FireEye for the endpoint,” Bustamante says, though he adds a more direct competition to Anti-Exploit is probably Bromium’s endpoint protection technology, which works somewhat differently through a hypervisor process. Anti-Exploit shields applications in order to stop them from executing malicious code without relying on whitelisting, blacklisting or sandboxing.
+ ALSO ON NETWORK WORLD Annual cost of cybercrime near $400 billion | Malwarebytes offers enterprise anti-malware detection and prevention +
Anti-Exploit is available for editions of Windows beginning with the much-older XP to the current 8.x version. There are both consumer and business versions of Anti-Exploit, with the consumer version costing $25 per year and the business version, which can work with the existing Malwarebytes management console, costing about $30, though less with volume discounts.