For Immediate Release

SANA SECURITY INTRODUCES ACTIVE MALWARE DEFENSE TECHNOLOGY CENTER

SAN MATEO, Calif. – October 3, 2006 – Sana Security, Inc., a security software company, today unveiled its Active Malware Defense Technology (Active MDT) Center, the information security industry’s first malware information center with extensive forensic analysis of threats detected though real-time behavior heuristics technology. The threat information provides an early warning for known and unknown threats to personal identities and mission-critical data, affording visibility into high-impact changes in the threat matrix. Enterprises are empowered to take a proactive stance with business critical systems by assessing the level of risk imposed by malicious threats, such as Trojans, rootkits, adware and spyware. Because the Active MDT Center data is real-time, it can be utilized to constantly fine-tune an organization’s layered security approach, and proactively address data security and compliance.

“Stringent regulatory requirements mandated by the government insist that all security measures are strictly enforced to safeguard sensitive data. With the broad spectrum of information-stealing malicious threats that exist today, it is a constant challenge to identify the most effective means of meeting these standards,” said Namarr Strickland, chief information security officer for Fulton County, Ga. “If a threat is not immediately identified, there is a high risk of vulnerability between when the attack occurs and when security postures are adjusted. Leveraging services that can detect zero-day threats in real-time complement an existing anti-virus solution, providing alerts on evolving threats as they are discovered so that businesses can augment their security architecture accordingly and prevent potential data theft.”

In an active content world, enterprises and consumers are granted the opportunity to participate in social collaboration on the web. However, this trend also opens up new prospects for vulnerabilities. As malware continues to grow in speed and complexity while infiltrating these areas, the gap of time that exists until a solution is available becomes increasingly detrimental to the security of digital data. With the Active MDT Center, Sana’s customers have visibility beyond their single enterprise into a broader universe of threat information. Active MDT Center’s multi-faceted data includes information on the stealthy components malware tries to install, zero-day malware that does not yet have a signature from anti-virus (AV) vendors, and common threats of all severity levels found by Sana Security anti-malware solutions installed worldwide. This information center shows the most frequently detected malware variants, breaking them down by category and frequency to help users adjust security postures for a head start in the remediation of these threats. By cross-referencing threat data produced by Active MDT Center against existing AV protection, enterprises can gauge the breadth of risk imposed by malicious software and implement security safeguards accordingly.

At the core of these capabilities is Sana’s patented and award-winning Active Malware Defense Technology, built into its Primary Response suite of security products. The technology is designed to assess multiple behavioral characteristics of a system, detecting when malware is present by identifying what the malware does as opposed to what it is. The combination of behaviors between programs are tracked and examined to determine the presence of malicious software. Upon detection, multiple components acting together are completely removed to prevent reinstallation and eliminate the chance of survival during reboot. For example, Active MDT running on one test machine in Sana Labs removed 503 malicious files.

To enable enterprises across a wide variety of industries to stay ahead of the threat curve with a current defense-in-depth strategy, Active MDT Center provides critical information including:

• AV vendor malware detection metrics to assist in auditing and implementing safeguards
• Latest malware to be found by Sana that does not yet have a signature to help assess risk and implement counter-measures
• Latest malware submitted to Sana tracked by date and severity to revise security postures through constant learning
• Detailed forensics, including file characteristics and associated files, to help identify at-risk resources

On September 22, the automated forensic analysis generated by Sana Labs revealed a glimpse into the impact of sneaky malware and its alarming effects impacting system security:

• 41 different varieties of malware had gone undetected by traditional AV solutions since May 12
• Major AV vendors took up to 21 days to detect malware, after it had been identified by Active MDT Center
• Popular AV solutions missed up to 68 percent of malicious threats in their initial scan, and up to 54 percent afterward
• The most common categories and variants of malware were attributed to stealthy Trojans

As of September 13, 2006 Sana Labs had recorded 160 malware samples that still had no signatures available—some of which were over six months old. Win32Goldun.kb, identified on July 4 and classified as a high severity threat, still did not have a signature from any AV vendor after more than 70 days. On average, signatures for major AV vendors took an astounding 18 days before being released. Sana Security’s Active MDT Center makes users aware of known, unknown and zero-day threats as they are discovered, providing 100% attack coverage for the “Active MDT Zone”—the vulnerability gap between a signature or patch’s availability, and when it is fully deployed within the enterprise.

“Traditional antivirus and personal firewall solutions are no longer sufficient to protect endpoint systems against the explosion in malicious code variants and targeted application-level attacks and we can't keep our systems patched as quickly as new vulnerabilities are announced,” said Neil MacDonald, vice president and distinguished analyst, Gartner. “Signature-based approaches are increasingly ineffective and must be combined with other styles of protection for proactive prevention. The best strategy for proactively preventing intrusions on hosts combines multiple styles of protection, reactive and proactive, for a comprehensive intrusion prevention system.”

“Sana Security views Active MDT Center as the next level of strategic malware protection for our customers,” said Jeremy Pickett, security practices manager, Sana Security. “With threat information that is always current, businesses can adjust their defenses on the fly to accommodate the constantly evolving malware attacks that potentially threaten data security and business continuity.”

Availability and Pricing
The beta version of the Active MDT Center is available by invitation. Entry into this beta program can be requested by contacting Sana Security at AMDTC_beta@sanasecurity.com.  

About Sana Security
Sana Security creates award-winning security software that is autonomous, aware of environment change, adaptive to new threats and active in preventing attacks before they do harm.

Sana Security’s anti-malware software is designed to provide immunity against threats, both known and unknown. Unlike reactive, legacy solutions that require updates, signatures and scanning, Sana’s products offer enterprises, small businesses and consumers instant and constant protection against threats, increasingly complex attacks, data compromise and identity theft.

Sana Security, together with its research organization Sana Labs, is headquartered in Silicon Valley, California with offices in global business and technology centers. For more information, visit www.sanasecurity.com or contact the company by phone at 650.292.7100.

© 2006 Sana Security, Inc. All rights reserved. Sana Security, Primary Response and the Sana Security and Primary Response logos are trademarks and/or registered trademarks of Sana Security, Inc. All other trademarks are the property of their respective owners.