McAfee's Artemis Technology, announced on Monday, aims to enable desktop security applications to detect and remove new threats that are only minutes old.
Artemis, which McAfee plans to market within its 2009 consumer products as 'Active Protection', is not focused on hourly updates, or even 15-minute updates, such as those made by rival Symantec. Instead, Artemis offers instant detection, said Dave Marcus, director of security research and communications for McAfee Avert Labs.
McAfee's use of Artemis is similar to Trend Micro's use of cloud-based computing to analyze and produce new signature files within 15 minutes in software on the desktop, then pass suspicious files to a larger, remote database.
Marcus told ZDNet UK's sister site CNET News.com that the difference is that McAfee plans to use a desktop communication channel already built into the product, so existing users will not need to download new software.
The file database maintained at McAfee Avert Labs is much larger than what is possible on the desktop. Marcus said it is responsive to minute-by-minute changes in the threat landscape. The new technology opens a doorway to the larger database.
When asked if Artemis is a listening agent--one that reports desktop activity back to McAfee--Marcus dismissed the idea. He said that, whenever the McAfee software finds something suspicious and not in its signature database, it will ping the larger database back at McAfee Avert Labs to get the signature needed. The files sent back and forth are minuscule, he added.
Marcus confirmed that McAfee would continue to send down daily signature files, but, in the heat of the moment, if a new malware sample is received by a McAfee-protected computer, it will have instant protection from the vast database back at the company headquarters.
This article was first published as a blog on CNET News.com.
Play video
There are currently no comments for this post.