14 DAY TRIAL // Stephen Trilling, vice president of Symatec Research Labs confirmed the fact that Symantec is working on reputation-based security systems for both websites and files. He also said that this project has been under development since last year.
The reputation-based security is considered to be promising, as it might be quite reliable against unknown threats. This area of security systems is also considered to be quite a new one but McAfee has already deployed a technique known as SiteAdvisor that is based on testing the websites for malicious code or spam. Google is already using a blacklist-system for malicious Websites which is generated by searching the Internet in a way quite similar with McAfee's SiteAdvisor.
Trilling also declared Symantec might bring some new ideas into this technology but declined to talk about specifics. He only mentioned that the data generated by Symantec's users could be the basis of the evaluations. The reputation information will be somehow taken out of users' patterns of downloading in an automated way. But whether this system to derive reputation data from users' downloading is already developed or still to come, no one knows yet.
Currently Symantec's latest web security technology is called Canary and it works by blocking sites from downloading malicious codes. But Canary has nothing to do with the reputation-based security systems.
One thing is for sure - the estimated 50 million antivirus software users Symantec has will be enough to generate a quite reliable reputation data. At least that's what Adam O'Donnell, senior research scientist with Cloudmark, thinks. The scientist of the Cloudmark, a company already selling reputation-based e-mail filtering, has also mentioned that despite the large number of users that might generate reputation data for Symantec, other challenges will need to be absorbed by Symantec. For example "issuing a response to the various inputs in a timely fashion."