The new Sanctuary system comprises a lightweight client driver, which runs real-time checks of the details of executable binary files against a policy database. This holds a white list of approved executables, authorized applications and user permissions. It helps block any software that has not been approved for use, and defends against viruses and worms.
To ensure only approved executables are opened, the system generates an SHA-1 algorithm to identify each file. This approach is said to be a much more secure method of intrusion protection than those that rely on the recognition of file names, or the size or type of files coming into mailboxes and onto desktops. It also complements the workings of traditional anti-virus scanners used to defend against viruses and worms.
The Sanctuary system can also be used to lock down systems, according to some agreed group policy, or individually user-by-user. File downloads, online games, or use of unlicensed software can also be restricted by the system, all controlled using a central console and pre-set policy statements.
For the last three years the company has sold a system known as SecureEXE.
We have worked to refine the approaches we use to control access rights, CEO Gerard Lopez said. The new product improves end-point security without any loss of flexibility. Users can open and use any application or any downloaded file, but only if they are authorized to do so.
Customers of SecureWave include Commerzbank, Fujitsu Services, Mercedes-Benz and NATO. The Luxembourg-based vendor, which claims to have been operating in break-even mode for its last 15 months of trading is said to be debt-free and open to the idea of acquisition. Lopez said that he has had offers for the company, and that he considers discussions with three interested vendors still to be live.
The market has started to put a high value on end-point security software-makers. Check Point Software Technologies Ltd last year bought Zone Labs Inc for $205m to beef up its offerings in end-point security with the Integrity software that allows companies to enforce security policies such as patch level and anti-virus signature status on desktops across their network. Similarly, its rival Cisco Systems Inc swapped approximately $154m in stock for Okena Inc and its threat protection system for endpoints. That software identifies and prevents malicious behavior before any damage is caused, by intercepting all operating system, file system, configuration, registry, and network requests.
The SecureWave system can also limit read/write activities and control the use of key-fob USB memory sticks, which are increasingly popular with people wanting to carry files or documents between office and home. They constitute yet another channel for viruses and the transfer into the enterprise network of other types of malware.
This article is based on material originally published by ComputerWire