Trend Micro Takes Aim At Botnet Menace

botnet

In an interview with CRN, Chen discussed Trend's plans to roll out a new tool next week to help companies deal with the menace of botnets, or legions of compromised, remotely controlled PCs that miscreants use for sending spam and other nefarious purposes.

Recent figures on the growth of botnet infected PCs suggest that Chen's concerns are well founded. In just the past month, the number of botnet-controlled machines has tripled, according to the ShadowServer Foundation, a volunteer watchdog group of security professionals focused on malware, botnet activity and electronic fraud.

With the release of its OfficeScan 8.0 enterprise endpoint security product, Trend has built in a technology that analyzes the reputation of websites to determine if they're associated with botnets and malware.

Using technology gained from its 2005 acquisition of Kelkea, Trend plans to eventually incorporate Web reputation into its entire line of SMB and enterprise products, according to Chen.

id
unit-1659132512259
type
Sponsored post

The Tokyo-based vendor, which earlier this month rolled out a Web reputation browser plug-in called TrendProtect, already uses reputation technology in its antispam technology.

Web reputation technology helps stem the spread of botnets by preventing users from accessing sites that are known to spread the malware used to build botnets, Chen said.

"It's important to have multiple, cross-referencing technologies to optimize security, which is why we're taking reputation technology beyond spam to analyze IP addresses," she said.

While competing products such as McAfee's SiteAdvisor look at content and classify it in a static way, Trend's Web reputation service uses dynamic rules and monitoring to ensure that tracking information is up to date, Chen said. Trend's technology also scans deep within the Website into the page level to perform a more accurate analysis, she added.

"Dynamic rules use reputation information to control devices that are trying to connect to you and can block IP addresses based on reputation," Chen said.

Trend is known for being proactive in its approach to dealing with emerging threats, says Rozie Ruda, business development manager at CDG, a division of Bell Security Solutions, a Trend partner in Calgary, Alberta.

"They aren't constantly adding new product sets through high-profile acquisitions, which allows the company to focus on stopping new threats," Ruda said.

Despite the challenges posed by botnets, Chen believes the problem can be mitigated with a combination of technology and reputation data. With botnets, "You don't know if you've become part of one, and if discover that you have, you don't know what the botnet is being used for," Chen said.

In the next few weeks, Trend will launch a plug-in for users of its popular HouseCall service -" which attracts 30 million users per day -- that will let users scan and remove their machines to see if their PC has been pulled into a botnet.

Meanwhile, Trend's efforts over the past year to build out its channel has resulted in 67 percent year over year growth in the SMB segment, Chen said. Trend rolled out WorryFree, a set of SMB focused security solutions, and added many smaller, 'mom and pop' resellers to sell the product, she said.