Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Immunet Protect - Cloud and Community Malware Protection - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Immunet Protect - Cloud and Community Malware Protection

This past week I have been using Immunet Protect as an additional layer of protection with my antivirus to hopefully gain an edge against malicious code. This software was recently launched Aug 19, (still in beta) and can be used as a standalone or an add-on with your existing anti-virus product. It is always a good idea to have multiple layers of protection and Immunet Protect works quite well with other antivirus and super-charge your existing AV with cloud-based AV protection.  If you don’t have an existing AV product, Immunet Protect provides a base level of protection from several million threats.

An interesting concept about Immunet is the fact that it is moving the desktop into the cloud where it harness its power with your friends, family and the broader community by collecting information on what is safe and not safe from its community. This method of detecting malware will revolutionize the way virus detection and prevention is done because it reduces the publishing delay to zero. If someone in the community encounters a threat, everyone else will get protection against that threat. While you are online, your system always queries the cloud to determine whether something is malicious before making a decision.

It is lightweight and only uses between 10 to 20 MB of RAM and the best part of it, it is FREE. I would recommend it to family, friends, students, etc. as an another layer of defense against malicious code.

If you want to try it out, get it here but first, check out the basic installation requirements here.
 

Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot org

Guy

424 Posts
ISC Handler
Their site says "Immunet Protect provides protection by harnessing the collective wisdom of the security products that you already run"
How does that work? How can they interface with the products already on our PCs? I have been trying Panda's cloud product and have removed it to try Immunet.
Michael

32 Posts Posts
One thing I noticed right away (although I haven't completed a reboot yet) is that the Security Center in Windows 7 RTM reports that Immunet is not turned on, and that it must be turned on manually." However it is on in the scanner.

Hopefully that is something they'll resolve soon.
Anonymous
Posts
Michael - Immunet Protect sees when other security products detect or block threats. This information is sent up to Immunet. We track this information for reporting purposes and are still determining whether or not this information can be used directly to generate detections. At minimum it is a contributing factor in determining whether or not an application is suspicious.

Patrick - We are aware of the Windows 7 security center issue and are working on resolving this for a release in the near future. Thanks for trying it out!
Anonymous
Posts

Sign Up for Free or Log In to start participating in the conversation!