McAfee Launches Cloud-Based Security

Specifically Artemis, hosted by McAfee Avert Labs, is designed to close the gap between the time that malware is gathered and detected, and the time it takes for a solution to be deployed -- a security gap that's reduced from days or hours to "milliseconds," researchers say.

"The Artemis Technology manages a window that enterprise users are exposed to while malware is being analyzed," said Dave Marcus, director of security research and communications for McAfee Avert Labs. "Artemis is created to minimize that gap."

Instead of relying on traditional threat signature databases, the new in-the-cloud service provides an accelerated reaction to threats with signature files before they're released.

In general, McAfee Avert Labs researchers comb through hundreds of thousands of new signature files every week, Marcus said. When researchers detect a suspicious file on a customer's computer protected by Artemis, the technology connects to McAfee servers in real time to determine whether the threat is malicious or benign.

Consequently, McAfee leverages its collective technology to provide an almost tailor-made solution for the malware victim, Marcus said.

"The malware they experience on their machine is being remediated through Artemis Technology. There is certainly a custom deliver aspect to it," said Marcus. "It makes sense to have this relationship with the victim." Additionally, this interaction occurs without any disruption for the user, and at no cost to customers, Marcus said.

The real-time threat protection was intended as an answer to more traditional signature-based solutions which often contain a lag time between the time the threat is detected and the time when protection becomes available for victims, experts say.

"The traditional signature-based approach to detecting malware is no longer enough," said Charles Kolodgy, research director for IDC's Security Products service in a written statement. "While user behavior has changed, and the threat landscape has evolved, malware detection technology generally hasn't kept pace."

It's a problem that McAfee hoped to address with its new hosted service, Artemis. Avert Labs researchers say that the service was developed over the last year in response to a changing security threat landscape that has increasingly relied on the Web as the primary threat vector to launch malicious, information stealing applications on victims computers.

So far, 2007 has been the most productive year for malware writers, McAfee experts said. And that trend appears to be continuing throughout 2008, as more than 700,000 pieces of malware have been detected since January, the experts said.

Currently a new piece of malware is being detected every 30 seconds, said Marcus. And McAfee researchers maintain that users will see a 300 percent more malicious programs in 2008 compared to 2007.

"Password stealing Trojans -- truthfully that's the most prevalent type of malware we see today. With Artemis, we can adapt to that," said Marcus. "It allows us to really react very quickly to changes in the landscape."