Skip Links

Appliance automates malware detection

NetWitness Spectrum spots security threats, policy violations

By , Network World
January 24, 2011 01:25 PM ET

Network World - Security firm NetWitness today announced Spectrum, an appliance for enabling automated malware analysis that works in conjunction with the company's traffic-analysis gear used to spot threats and policy violations.

FIGHTING BACK: Is retaliation the answer to cyberattacks?

The Spectrum appliance is intended to sit at the Internet gateway to examine inbound/outbound network traffic and it can find inbound evidence of "an executable and inappropriate file," or outbound botnet activity, according to Eddie Schwartz, NetWitness chief security officer. "It's another application on top of our infrastructure."

While Spectrum doesn't block suspected inbound malware, it can issue a warning to the security manager about suspicious traffic and enables the NetWitness NextGen equipment to keep track of potential malware code and where it's going in real-time, the company says.

"You can get a profile of how malware moved around the organization," says Schwartz.

Spectrum, which starts at $50,000 and is available, is intended to compete with products from Damballa and FireEye.

Read more about security in Network World's Security section.

Our Commenting Policies
Latest News
rssRss Feed
View more Latest News