Free Search Engine Identifies Unknown Windows Files
To help ease their minds about what exactly is on all those corporate PCs, administrators can download a utility at Bit9's Web site to tap into the firm's 4-terabyte database.
Bit9 Inc. on Monday will launch a free search engine to identify unfamiliar software applications and executables found on any computer running the Windows operating system.
Users will be able to download a utility at Bit9's Web site to tap into the firm's 4-terabyte database at http://fileadvisor.bit9.com. The database holds approximately 25 million unique files and 250 million records to source and identify the software. Bit9 expects to triple the data the end of the year.
To keep up to date Bit9 collects and catalogs file data on commercial software and drivers from the Web, the National Institute of Standards and Technology (NIST)the National Software Reference Library (NSRL), IBM Corp., and other resources.
Unknown applications or executables are identified in the database by a "cryptographic hash, a mathematical algorithm that runs across the content of the file," said Bit9 Inc. vice president and co-founder John Hanratty, who also co-founded Synernetics, acquired by 3Com, and Agile Networks, scooped up by 3Com. "Any virus worth its chops will come in and rename itself as a legitimate name, for example, a file system."
FileAdvisor provides details on the file originator and the commercial software package it's contained in. Hanratty said the utility uses the cryptographic hash because it's common for malicious code to change its name so it appears harmless to the users.
Bit9 also will introduce the ParityCenter service to integrate with Bit9 Parity. The software provides network visibility to closely monitor unknown files as they are downloaded onto machines in an enterprise before they affect computers.
The problem is that "bad" always changes, said Hanratty. ParityCenter identifies that an executable file is of an unknown type, and keeps it from propagating.
While it's important to monitor unwanted software, IT professionals also "want the ability to control unauthorized and unlicensed software," he said. "They're spending as much money in virus and worm protection, as they are to clean up unauthorized utilities."
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Infographic: The State of DevOps in 2017Is DevOps helping organizations reduce costs and time-to-market for software releases? What's getting in the way of DevOps adoption? Find out in this InformationWeek and Interop ITX infographic on the state of DevOps in 2017.
IT Strategies to Conquer the CloudChances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.