The Unknown Threats

Unknown threats are the greatest enemy to security. Every virus starts its life as an unknown application. Allowing an unknown application unrestricted access to your network is akin to allowing a total stranger into your home.

  • Question: How many strangers, people you don't know of, live in your home?
  • Answer: None, of course. If you saw an unknown person in your house you would ask them to leave and if they did not you would call the cops.
  • Question: How many unknown applications live in your network?
  • Answer: You don't know, of course. But your legacy antivirus program does allow unknown files to be saved on your network's computers.

If you don't allow unknown persons in your house, why are you allowing unknown files on your network? Mmmmm?

You cannot afford to allow unknown executables to live in your network with unfettered access. It is just not healthy! To deal with unknown files, you have to diagnose it as such. A file can have one of three states.

  • Known good: The file is known to be valid and not a risk,
  • Known bad: The file is a known threat and must be dealt with accordingly.
  • Unknown: The file is not on our lists of good or bad. It may be safe or it could be malicious. We just do not know.

Conquering the Unknown Files

Conventional protection can deal appropriately with files that are known to be good and those known to be bad. Unfortunately, they do not have an adequate solution when confronted with the vast number of files that do not fall neatly into either category, unknown files.

A percentage of these unknown files are malicious. After all, an estimated 50,000 new malware threats are unleashed don the world each day. Your scanner will not know all of them.

If your default is to allow unknown files to run, eventually one will harm the system. That's why conventional protection fails. It can't repeal the laws of probability. The percentages will catch up to you eventually. Malware will infect your system if you use it long enough. That's the simple truth.

Comodo R&D has developed a new technology called the auto sandboxing. Sandbox is a virtual runtime environment, where the unknown files can be processed and executed without invading other activities of the system. Comodo makes a clean sweep in securing PCs, networks, websites and individual's information, by incorporating sandboxing in all its products fullfilling the shortcomings of blacklisting and whitelisting.