Symantec has unveiled a free beta of Norton AntiBot, a behavioral-based real-time defender meant to catch the kind of threats traditional antivirus products miss.
The beta, which runs only on Windows XP and Vista, will be launched next month as a stand-alone title, said Symantec director of product management Ed Kim. "Over time, we'll roll this into our line, but we wanted to go to market as quickly as possible," Kim said. A price has not yet been set for the final. Integrating AntiBot with its existing consumer software, such as Norton Internet Security or Norton 360, would have taken more time.
AntiBot is based on technology from Sana Security, which sells its own version called Primary Response SafeConnect for US$29.95. "This is very cutting edge stuff from a behavioral detection standpoint," said Kim. "And it's a perfect complement to any existing antivirus or Internet security product. It's an additional level of protection."
Unlike antivirus software, which relies either completely or at least extensively on fingerprint-like signatures to detect and delete malware, behavioral-based defenses monitor the PC for evidence of hinky conduct. Behavioral tools, sometimes dubbed "heuristic," watch for events such as unexpected writes to the Windows registry, a just-spawned process, or a change to a system file. Recently, they've come in vogue as the best defense against botnets, which flood mailboxes with an ever-increasing number and variety of Trojan horses and other malware, hoping that by producing tens of thousands of variations they can overwhelm slow-reacting software.
AntiBot isn't Symantec's first foray into heuristics. In January, it announced SONAR (Symantec Online Network for Advanced Response), a scanner-based behavioral tool that in the interim has been added to Norton 360. AntiBot, however, differs from SONAR in that it's "always on, real-time," said Kim. "The two have the same security philosophy, but SONAR is scan-based."
By slapping "bot" into the product name, Symantec's acknowledging the impact botnets have made on consumer perceptions of current threats, as well as the power of bots. To back up the claim, Kim cited Symantec's most recent data, which reported a 29 percent increase in the number of bot-jacked computers in the second half of 2006.
AntiBot can be downloaded from Sy mantec's site; the product's Status screen states that it's a 15-day trial, but a Symantec spokeswoman said when that term expires users will be able to extend the test time. The beta will expire for good when the final launches in July.