Redefining Anti-Virus Software

Microsoft Windows users have long been advised to shield their PCs from attacks by using anti-virus software, which principally relies on technology designed to quarantine or delete files that possess certain characteristics of known hostile programs.

But as the anti-virus firms continue to struggle to stand their ground amid a flood of new malicious programs being unleashed each day, a complementary approach to fighting malware is beginning to take root. This approach seeks to identify the universe of known good programs and treat the outliers with extreme prejudice.

Bit9, is on the forefront of this tactic. The Cambridge, Mass., firm was jump-started in 2003 by a grant from the National Institute of Standards & Technology to develop computer immune systems to protect PCs and networks from previously unknown attacks. The company has since indexed approximately 6.2 billion programs available online, scanning each against 28 different anti-virus engines to see if any of them detect the files as malicious. If one of the anti-virus vendors flags it, Bit9 informs customers that the file is suspicious. If two or more AV engines say it's suspect or malicious, Bit9 labels it as such and blocks the application from running, unless the customer overrides the decision.