Exploit Prevention Labs’ SocketShield

Exploit Prevention Labs, a company that I have never heard of prior to today, has just released SocketShield, an application that supposedly is capable of blocking zero-day exploits from penetrating a workstation.

SocketShield is the world’s first dedicated zero-day exploit blocker. Using a unique combination of research technologies, a deep understanding of anti-malware techniques, and skilled coding, the software is able to block exploits from entering your computer, regardless of how long it takes for the vendors of vulnerable applications to issue patches - or how long it takes for you to install those patches.

As the name implies, SocketShield works at the socket level. Sockets are the points of entry used by your computer to allow programs to be downloaded from the web and other sources; these sockets can be opened and closed to enable or prevent downloads. SocketShield uses the knowledge gained through its multiple research channels to determine whether any download is an exploit and to close any socket that a known or suspected exploit is attempting to use.

Certainly sounds like an intriguing tool that I am very interested in test-driving. A free trial is available, which I intend to download and install this week sometime. Look for an upcoming article that details the software and its capabilities.

McAfee’s ‘Falcon’ to Come in Four Flavours

McAfee has something up their sleeve with their new “falcon” suite of security applications. According to ZDNet Australia, is appears that ”falcon” will come in four flavours.

The four editions will vary in the number of security features, giving consumers the option to buy a less comprehensive package. Offering various editions also allows McAfee to try to sell its customers a more expensive option at a premium price. Microsoft’s OneCare and Symantec’s Norton 360 are pitched as one size fits all.

Marc Solomon, director of product management at McAfee, said in an interview that all four McAfee products would include the basic security features — antivirus, anti-spyware and a firewall. Additionally, all editions include SiteAdvisor, which adds ratings to Web search results, and PC health tools for tasks such as hard drive defragmentation, he said.

McAfee has some decent basic security software that is good both at home and in an enterprise environment. It should be interesting to see where this new suite will fit in to their current offering.

TrueCrypt

TrueCrypt is an open-source freeware disk encryption application for Windows and Linux. The encryption is on-the-fly and even goes so far as to offer plausible deniability in the event that an adversary forces you to reveal the password. If you are in need of securing documents then this might be just what the doctor ordered.