Just to remind you of the improvements in Outpost Security Suite Pro and Outpost Antivirus Pro:
- Continual signature-flow: The new engine allows increased frequency of malware database updates: three times a day on weekdays – twice with antivirus signatures and once with antispyware. Tip! Just tweak Outpost’s settings to opt for updates on an hourly basis instead of the default daily updates.
- Smart updates: Version 5.0 of the anti-malware engine (anti-virus + anti-spyware) automatically updates itself as needed at the same time as the regular malware database updates (no separate product update is needed).
I’d also like to tell you about another important technology we’ll make visible in the Outpost 7.0 anti-malware module - HAX. HAX is designed to improve the accuracy of our detection, and has been in development for quite a long time. Outpost 7.0 will put this formerly hidden mechanism in the anti-malware's on-demand scan settings center stage, as you can see in this screenshot:
HAX’s full name is Heuristic Analyzer for eXploits, and it’s specifically designed to detect potentially harmful packed objects such as ZIP and RAR files as well as suspicious encrypted and protected files.
Packed objects can be monitored using both signature and heuristic, or non-signature, methods. The signature-based approach employs an updated base of packer definitions. The heuristic method builds on a static classifier which receives such input data as:
- Characteristics of PE (portable executable) structure
- Section chart check
- Results of import chart analysis
- Assessment of file section entropy
That's it for now. Feel free to subscribe to Outpost 7 series and learn what's up and what's new while we develop Outpost 7 solutions. Your comments are always welcome!
Pavel Goryakin, Agnitum