Free Submission Public Relations & NewsPR-inside.com
 
DeutschEnglish

Get the latest news
with our RSS feed
rss feed
Add to My Yahoo!
More information
Business

CoreTrace's Application Whitelisting Solution Stops 100 Percent of Computer Viruses During DEFCON 16 "Race-to-Zero" Competition


Print article Print article
Refer this article Refer to a friend
© Business Wire 2008
2008-08-13 23:36:04 -

- CoreTrace, Austin JT Keating, 512-592-4100 JTKeating@CoreTrace.com or Porter Novelli Lauren Warthan, 512-241-2256 Lauren.Warthan@PorterNovelli.com CoreTrace, a provider of Application Whitelisting solutions, announced today the results of the "Race-to-Zero" contest held at DEFCON 16 in Las Vegas, Nevada. "Race-to-Zero" contestants were asked to pass various exploits through antivirus engines without detection. CoreTrace's BOUNCER, the only application whitelisting
product utilized in the event, was the single-most successful solution for stopping the malware. CoreTrace's BOUNCER stopped 100 percent of the entered viruses while traditional blacklist-based antivirus solutions detected an average of 60 percent.

"Race-to-Zero" contestants, consisting of both teams and individuals, were asked to pass malicious software and application exploits, remaining undetected, through various antivirus products from companies like McAfee, Trend Micro, Kaspersky and Sophos. The contest utilized ten well-known viruses, some of which have been in the wild for more than a decade. The first contestant to bypass all antivirus engines won that round. Within the "Race-To-Zero" contest, there were several rounds, each increasing in complexity as the contest progressed.

The winning team was a group of researchers from Mandiant (www.mandiant.com) that went by the name of chicagostreetsweepers. chicagostreetsweepers bypassed all the blacklist-based antivirus engines with valid samples in just over six hours. Another team, retem, completed the contest in a little over two hours. Some of their samples were considered "invalid but cleverly out-of-the-box" by the contest organizers.

Overall, the average detection rate of the antivirus engines was 60 percent. For some of the attacks like Netsky.P and MS07-014, the average plummeted to 15-20 percent. Among the blacklist-based solutions, McAfee had the best overall detection at 90 percent, but still only detected 24 percent and 13 percent of Netsky.P and MS07-014 variants, respectively.

In contrast to the blacklist-based antivirus engines, CoreTrace's application whitelisting solution, BOUNCER, prevented 100 percent of the viruses from executing.

"After the blacklist-focused contest was completed, we ran the samples through CoreTrace's whitelisting solution, BOUNCER," said "Race-to-Zero" organizer, Simon Howard. "By not allowing any of the samples to execute on the host computer, BOUNCER stopped 100 percent of the viruses. I strongly recommend that companies add application whitelisting solutions like BOUNCER to their arsenal."

"The 'Race-To-Zero' contest demonstrates the difficulties traditional antivirus programs have in detecting progressively more complex malware," said Toney Jennings, CEO of CoreTrace. "In lieu of blacklisting solutions, many companies are moving toward the next generation of endpoint security, whitelisting, in order to defend their IT networks."

For information about DEFCON 16, please visit: www.defcon.org.

About CoreTrace

CoreTrace is leading the movement to the next-generation of endpoint control solutions. The company develops and sells the most flexible and tamper-proof application whitelisting solution, BOUNCER by CoreTrace(TM). BOUNCER flips the antivirus model by enforcing a whitelist of good applications rather than relying on a malware blacklist. By only allowing approved applications to execute, BOUNCER stops malware -- even zero-day exploits, rootkits and buffer overflow attacks.

CoreTrace is a privately held company based in Austin, Texas. For more information about CoreTrace, please visit: www.CoreTrace.com.

BOUNCER Submitted As Single Whitelisting Application and Outshines
Traditional Antivirus Products


Disclaimer: (c) 2007 Business Wire. All of the news releases contained herein are protected by copyright and other applicable laws, treaties and conventions. Information contained in the releases is furnished by Business Wire's members, who warrant that they are solely responsible for the content, accuracy and originality of the information contained therein. All reproduction, other than for an individual user's personal reference, is prohibited without prior written permission.


Terms & Conditions | About us | Contact PR-inside.com