Endgame Systems Finds Botnets in the Cloud
Security software provider Endgame Systems raised $29 million in the fall and simultaneously launched ipTrust, a product meant to detect and manage the harm caused by malware and botnets in cloud computing environments, as well as to speed up response times after detection of threats. The software as a service requires no hardware or software purchases and is used in conjunction with a bank's existing security tools as a sort of "insurance policy," says David Gerulski, vp, commercial sales and marketing at Endgame Systems.
The ipTrust software fools the botnets into revealing themselves. Typically, after a botnet infects a computer, it tries to contact its command-and-control server. IpTrust's strategy is to register the domain names these botnets try to contact; thus, when the botnet attempts to communicate with command and control it contacts ipTrust, revealing itself and the IP address of the infected computer. IpTrust does not block traffic, or scan individual computers, instead it is a repository of information about infected computers, Gerulski says. It currently tracks more than 250 million IP addresses that host malware.