The survey, which looked at the response to 16 variants of the Bagle, MyDoom and Netsky viruses between January and March 2004, concluded that Panda Software had offered a solution in half the time it took some of its competitors to respond. On average, the company provided its clients with the corresponding vaccine in 2 hours and 20 minutes.
Traditional antivirus systems are reactive; they need to be able to identify the virus or threat in order to head off an attack. Human intervention is therefore required and when a new virus appears reaction time is fundamental to keeping users' computers protected against new threats. Latest fast-spreading global virus epidemics or those that use special techniques, like Sasser, Mydoom or SQLSlammer have made it clear that reactive antivirus solutions are not enough to deal with new Internet threats.
Traditional solutions are still highly effective against the majority of IT threats that appear everyday. However, the kind of worms mentioned above present a real danger. It is now then necessary to have solutions that can anticipate the problem and 'think' for themselves. Panda Software has invested years of development work along these lines and has now prepared a suite of technologies that can detect and eliminate unknown viruses and intruders. TruPrevent Technologies (
PandaLabs: key points of Panda Software's laboratory
PandaLabs is Panda Software's laboratory and is charged with reacting rapidly to any new threat and providing clients with a solution. It is run by a team of experts that works round the clock, all year round seeking out new damaging applications and developing, as rapidly as possible, the antidotes needed to keep users' computers out of the reach of these threats.
The PandaLabs team is supported by the international technical support network that Panda Software has implemented worldwide. Its main tasks include:
- Reception of suspicious file through multiple channels: worldwide network of sensors, incidents and inquiries, industry forums, etc.
- Analysis. After receiving files which, due to their characteristics or behavior, could pose a threat to computers, PandaLabs technicians study and analyze their content. This is done using inverse engineering, i.e. disassembling the code to find out the actions it carries out, how it behaves, its infection potential...
According to Luis Corrons, the head of PandaLabs: "This is the most complicated phase of the process, since it is often hard to identify whether an item is dangerous or not, as a certain program can be perfectly legitimate, even though it monitors the system." Of all the incidents and suspicious programs received by Panda Software every day, only two percent actually pose a real threat.
- Detection and disinfection. If a suspicious program is considered a threat after it has been analyzed, PandaLabs works on the most reliable method for detecting and disinfecting it in a real environment. To do this, they set the virus loose in a computer and track its behavior, then, they generate the corresponding antidote. The vaccine incorporates an identifier for the virus -which is known as its signature-, and the routine for disinfecting it. When this process is complete, the antidote is automatically incorporated into Panda Software's solutions so that it is available to all users via the Internet. On average, as highlighted by the recent independent survey, it takes 2 hours 20 minutes from the receipt of the dangerous code to the publication of the antidote.
Panda Software was the pioneer of the concept of antivirus protection as a customer service, and was the first to provide 24 hour - 365 day tech support and daily updates. "At the moment, this concept is even more important, as malware poses a greater threat due to its capacity to spread wider and more rapidly across networks and systems worldwide," explains Corrons.
About Panda Software
Panda Software (
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.