Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Is Zero Day a Cash Cow?

Here's the big chicken-and-egg problem of IT security: Traditional intrusion-and-prevention systems rely on a virus signature to identify the attack, but what do you do if you have been targeted by a new, unknown virus whose signature is not yet known? (See Security Approaches Day Zero.)

Increasingly, security vendors are launching products that target the initial effects of an attack, rather than the virus signature. This could be, for example, a PC that suddenly starts sending out thousands of emails after being infected by a virus. Known as "zero day" technologies, these products can then isolate the rogue device before other machines are infected.

Paul Proctor, vice president of analyst firm Meta Group Inc.
says that the market for these types of product is turning into an "arms race," with vendors increasingly looking to add new capabilities.

This week, after three years in the research lab, California vendor eEye Digital Security became the latest firm to enter the zero-day fray. The companys new "Blink" product works by installing a software agent on devices such as laptops, PCs, and servers (see eEye Launches Blink).

The agents, which are managed from a central point in the data center, use a network firewall to prevent unauthorized programs from running on the device. They can also control unauthorized connectivity from other devices and detect non-compliance with security policies, according to the vendor.

  • 1