Product Watch: New 'Razor' Appliance Aims To Catch Targeted Attacks

Host-based stealthy malware detection vendor HBGary has added a perimeter network appliance to help pinpoint targeted attacks.

The new Razor appliance uses the company's behavior-based detection technology for ferreting out malicious PDFs, botnet activity, and targeted cyberespionage activity. HBGary's so-called Digital DNA technology uses physical memory to look for new malware, so Razor grabs executable code found in physical memory and uses the company's cloud-based intelligence for analysis.

"Razor uses sandboxing to capture an executable in transit over the network, such as a PDF, and uses the Digital DNA detection," says Greg Hoglund, CEO and co-founder of HBGary. The captured information gets sent to the console, and the appliance generates a real-time alert. It automatically blocks any other traffic associated with the malware.

Hoglund says that Razor ideally would run with HBGary's endpoint security products. The appliance, which can support 20,000 nodes, would sit where an intrusion detection system (IDS) does, he says. "It's more or less a form of intrusion detection, but with virtual machines, sandboxing, etc., instead of using packet signatures," he says.

Razor, which is currently in beta, will ship by the end of the first quarter and is priced at $23,500.

Have a comment on this story? Please click "Add Your Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message.