Tom Sanders in California
17 Oct 2006
Enterprise security vendor eEye is preparing to unveil a free version of
Blink security software for consumers next week.
Blink offers a single application that among things protects against
buffer overflow and phishing attacks. It also offers intrusion
prevention, application white listing and location specific security
Consumers will be asked to share data on attacks that target their
computers. The company's chief executive Ross Brown said that the
company aims for the software to act as the world's largest honeypot,
allowing the firm's security experts to collect samples of live exploits
and malware as soon as they become available.
"I need a one million man strong honeypot," Brown told vnunet.com.
A honeypot is a computer that is set up to collect security data by
attracting online attacks. The information is used to analyse new attack
and attack methods. They work on the premise that attackers will cast a
wide net, distributing malware through spam email messages or by
scanning random systems for common security vulnerabilities.
The technique however has lost its value in today's world, Brown told
vnunet.com in an. Instead of going after a wide range of targets,
criminals are increasingly using targeted attacks where malware is sent
only to a few recipients within a company. If malware succeeds to evade
security researchers, attackers will remain successful at exploiting
software flaws and using new attack methods.
In addition to building a honeypot, Brown expect that the free consumer
version will drive sales of his enterprise software that is listed at
$60 per seat. The consumer product will mostly appeal to power users who
work in IT departments. The company hopes that their experiences will
cause them to promote the software at work.
Brown prides himself on the fact that none its enterprise customers has
been hit by a remote exploit since June 2004 and claims that the tool
will mitigate against most zero day vulnerabilities, allowing users
additional time to properly test and deploy software patches.
It remains to be seen however how much traction the software will get in
the consumer market.
Several of the software's features however are designed specifically for
enterprises and will find a limited appeal with consumers. The
application for instance offers to disable external USB storage devices
and hard drives from accessing a device.
Blink Personal is based on Blink 2.5 which started shippping last
September. The consumer version will officially be launched on October
23 and is available for download from eEye's website.
Visit the InfoSec News store!