Is there a magic pill for security?

I always wonder whether there is or whether there will ever be a magic pill for security. A one shot solution to protect from it all. With the direction the security industry is heading and the emergence of new threats, more intelligent, adaptive, and evolving threats, I do not think such a thing exists in the present or even in the future.

Maybe it is human nature, but we mostly tend to be in a defensive nature. We react only when things go wrong. I am not saying this just in the context of computer security. If there was a guy in the organization who thought differently and proposed ideas that are preventive of some sort, management sometimes fail to see the point and disregard it under the grounds of being wasteful of resources. It may also be that the guy failed to present the point across to the management in an understanding manner in the first place, but thats not the point I am trying to make here.

I have been noticing emergence of new technologies in the security arena, and some although not referred as new technologies, people have been coming up with new approaches to deal with viruses, malware and the like.

There have been several news recently on new startups that are whitelisting companies and I myself have posted and entry on this. The latest I came across is relating to malware.

A new startup by some previous Microsoft employees has released a beta version of a realtime malware blocking tool for the browser. It seems that they have entered a market dominated by big players such as McAfee's SiteAdvisor, Symantec's AntiBot, Exploit Prevention Labs' LinkScanner, and Google.

According to the company website, the tool can protect the user against malware while surfing social network sites and blogs (eg. facebook, blogger), watching embedded flash videos (eg. youtube), viewing sites with banner ads and widgets (eg. almost every site), clicking search engine results that unknowingly point to malicious sites (eg. while googling).

According to article on Techworld.com the tool has a multilayer strategy against the malware. The first layer works at the kernel level by monitoring dozens of windows processes and services amongst the API calls to the kernel and suspicious behavior from the browser. This realtime task is done by the identification and interception of the behavior based profiling algorithm.


The second layer protects by using blacklisting based on a database of malicious links and blocks the site.


As I have said before, these technologies aren't new technologies. Blacklisting and anomaly based malware detection has been around for sometime. And these technologies are being researched by academics even today. However I believe this tool is a one of a kind as there approach is different and obviously the implementation will be different from every other product out there.

It is indeed interesting and hopeful to see such attempts by people in the battle against the threats that exist out there. And such attempts are needed despite the many products that claim to be "the" magic pill to solve all your problems.

All images in this article have been taken from the Haute Secure website.
Original news article is from Techworld.com.