Reducing Risk ThroughIncremental Malware Detection

Prevx

November 2007

Incremental Detection

Every day we test 3rd party products to measure the incremental detection we can offer our customers

Actual data from November 5th, 2007

Reducing Risk Through Incremental Detection

• The previous slide illustrates the results from our 3rd party product tests for November 5th, 2007

• The following slides show the backup information available on the samples used for the tests. All of the test samples were first seen and harvested in the wild on Nov 5th, 2007.

• This information is available daily, free of charge, to security vendors, industry analysts and major corporations to enable them to independently verify or challenge our testing.– To register for access to this information click here:

• http://www.prevx.com/register.asp

Reducing Risk Through Incremental Detection

Detected Undetected

Actual data from Nov 5th, 2007

MD5

Reducing Risk Through Incremental Detection

Reducing Risk Through Incremental Detection

Detected Undetected

Actual data from Nov 5th, 2007

Reducing Risk Through Incremental Detection

July 17th,2007

Reducing Risk Through Incremental Detection

This is a new version of the Trojan.Gorhax information stealer which infiltratedthe US Department of Transportation and many major US Corporations in July,2007.

Reducing Risk Through Incremental Detection

Detected Undetected

Actual data from Nov 5th, 2007

Reducing Risk Through Incremental Detection

• Our daily test results show every sample tested– Which vendors detected each sample– The MD5 hash of each sample– The Prevx summary of the sample’s observed

behavior– The identity of the sample as seen in the wild

• Incremental detection test results plus history back to July 2007 is available 24 hours a day online, free of charge

Reducing Risk Through Incremental Detection

• How does Prevx consistently see so many new malicious objects that are undetected by many other vendors?– Every Prevx product shares knowledge of suspicious software

seen by our client base

– Prevx learns about 50,000+ new executable objects every day from thousands of new and existing Prevx CSI and Prevx 2.0 customers

– Prevx receives 3 Gigabytes of new unique suspicious samples every day

– Prevx has a massively powerful, scalable and automated research facility that determines 7,000 to 10,000 new malicious objects every day which improves geometrically with volume

Reducing Risk Through Incremental Detection

• Is it true that other vendors could claim they detect malware that Prevx doesn’t?– Yes, it is. However, as other vendors do not

make their test data available as Prevx does it is difficult to quantify.

– We focus our testing on demonstrating the incremental detection that Prevx can offer to a company already using another vendor’s product

Reducing Risk Through Incremental Detection

• How does Prevx make its incremental detection available?– Prevx CSI: a small, ultra-fast on demand malware detection

available free to consumers and business• http://www.prevx.com/freescan.asp

– Prevx eSAC: a pre-transaction malware screening allowing banks, brokerages and eCommerce web sites and their customers to reduce online fraud

• http://www.prevx.com/esacannouncement.asp – Prevx 2.0: powerful anti-malware protection and cleanup

• http://www.prevx.com/antimalware.asp – Prevx CSI+: CSI plus powerful disinfection, remediation and

cleanup• Available November, 2007

– Prevx NAC Plugin: Incremental malware screening for those seeking faster more powerful detection

– Prevx OEM: Incremental detection and remediation technologies

Reducing Risk Through Incremental Detection

Malware Volumes Are Growing Exponentially

Reducing Risk Through Incremental Detection

• Prevx CSI proved that out of 300,000 PCs screened in October 2007 at least one in six PCs had one or more active infections

• Malware volumes are rising exponentially

• In the month of October 2007, more new malicious objects were seen for the first time than existed prior to 2003

• Managing the increase in malware volumes is key to detection rates for all vendors

• Prevx has designed its automated malware research facilities to thrive in this environment as a result our incremental detections are improving month on month

Reducing Risk ThroughIncremental Malware Detection

“Prevx….. it’s incremental”

http://www.prevx.com

Sample screen shots of Prevx CSI follow

Prevx CSI Incremental Malware Detection

Prevx CSI is 600Kb, requires no installation and screens any PC or Server for active malware infections in less than 1 minute. In October 2007, 300,000 users screened their PC with Prevx CSI. One in six PCs had at least one active malware infection.Prevx CSI is compatible with Windows XP, 2000, 2003, Vista and all popular securityapplications.

http://www.prevx.com/freescan.asp

Prevx CSI Incremental Malware Detection For Businesses

PC1

PC2

PC3

Report Group

To access the free Prevx CSI Incremental Detection Scanner For Businesses:Click Here: http://www.prevx.com/registration.asp

Prevx CSI Incremental Malware Detection For Businesses

PC1Report Group

PC1

Prevx eSAC Pre-TransactionIncremental Malware Detection

eSAC uses CSI for pre-transaction malware screening allows banks, brokerages, eCommerce web sites and their customers to reduce online fraud by warningboth parties of the presence ofactive malware infection beforecredential/information exposure

Prevx eSAC Pre-TransactionIncremental Malware Detection

Prevx eSAC Pre-TransactionIncremental Malware Detection

Prevx eSAC Pre-TransactionIncremental Malware Detection

For further information about Prevx

CSIeSAC

and Prevx 2.0

http://www.prevx.com/contactus.asp