Sana Security Inc, a startup previously focused on server intrusion prevention, has announced that it will introduce its first client IPS, and has a host of bold claims about how effective it is and how much management it requires.
The company will launch the Attack Shield product family with Attack Shield WS, for Worm Suppression, a $9.95 program that runs on Windows machines and protects the PC’s memory from code injection attacks.
It puts a shield over the heap and stack memory and only allows authorized access to it, said Tim Eades, VP of marketing at the company. There’s no learning, no signatures, no policies need to be written.
Eades said the software, which sits low in the OS, watching system calls, is 100% effective at stopping code injection attacks, such as those used by worms including Sasser, Blaster and Code Red, and does not produce false positives.
He said that this claim is possible because whilst developing Sana’s server-side IPS software, introduced earlier this year, the company has learned some universal truths about behavior that is exhibited by worms and not by legitimate software.
Later this year or early next year, the second client offering Attack Shield MP, for Malware Protection, will be released. This will focus on blocking Trojan programs from executing on Windows PCs, Eades said.