Original URL: https://www.theregister.com/2002/05/22/trend_micro_strengthens_hybrid_worm/

Trend Micro strengthens hybrid worm defences

Malicious attacks

By ComputerWire

Posted in Security, 22nd May 2002 09:41 GMT

ComputerWire: IT Industry Intelligence

Anti-virus vendor Trend Micro Inc is expanding its software and services portfolio on order to respond to hybrid worms and malicious code attacks such as Nimda. The company currently offers pattern file responses and scanning to enable customers to respond to malicious attacks, but it is now reacting to customer concerns to do more to predict and prevent attacks and clean up the aftermath.

Tokyo, Japan-based Trend Micro is adding virus response products with shielding technologies, designed to slow down known malicious attacks, as well as threat-based scanning to more efficiently clean up malicious and modified code.

The new products are part of the company's Enterprise Protection Strategy to manage the outbreak lifecycle, according to Trend Micro's executive vice president of global product and market development, David Rowe. They form the first of three of four releases from the company as it looks to re-architect its entire product portfolio.

"Nimda entered systems with entirely legitimate means of entry," he said. "The firewall didn't stop it and intrusion detection is too slow. It was a worm and not a virus and it changed files, which made clean-up very difficult. Also there wasn't enough information to prevent an attack. The company has to do something to predict worms and malicious code."

Specifically, that means responding to threats from the first moment that information is received by the company's TrendLabs team to post mortem reporting and performance analysis. The company will update its content scanning products to be able to accept policy updates on the fly, enabling users to block malicious content that exploits legitimate means of entry and to slow down attacks.

The OfficeScan system and desktop scanning products will also be enhanced to enable scanning and code clean-up based on attack profiles, improving the efficiency of code clean-up. OfficeScan will also include improved reporting functionality to track system damage, said Rowe. The company is also introducing Damage Cleanup server for LAN-based desktop cleaning and reporting.

New products available now include new versions of Control Manager, InterScan for Windows and ScanMail for Exchange, which both include integration with the company's eManager content security product. Also new is Outbreak Commander, which will enable the management of outbreaks through the central Control Manager. These products will be followed by new versions for InterScan for Unix, ScanMail for Lotus Notes, OfficeScan and Server Protect in October.

While the company is looking to improve its partnerships and integration with firewall and intrusion detection vendors, Rowe said that Trend Micro intends to stick to its position as a supplier of best of breed anti-virus products. "We're not a firewall company and we're not going to go out and buy a firewall company," he said.

© ComputerWire. All rights reserved.