Security

6Scan believes quarantining malware is the best way to neutralize it

Above: 6Scan chief executive Chris Weltzien

Image Credit: Richard Byrne Reilly

LAS VEGAS — Every security play will tell you to your face that “we’re different.”

In the case of 6Scan, a small malware outfit that has a unique approach to isolating that unnerving computer threat, the boast may finally be right.

6Scan’s approach is definitely unusual. Some security plays tend to focus on one or two facets, like protecting the outer firewall or residing inside the browser to thwart attacks. 6Scan encompasses much more. 6Scan’s software “finds, fixes, protects, and predicts.”

While that may be a good thing, the novelty here is that 6Scan actually “quarantines” viruses.

“We started looking at vulnerabilities on websites and found that 10 percent of sites we scanned were infected,” said 6Scan chief executive Chris Weltzien.

6Scan is a bit of a mystery. The helpful Weltzien declined to say how much money the company had raised, where those funds came from, and how it was faring, customer-wise. I was assured it’s doing well. It has offices in Israel and San Francisco. 6Scan has its roots in Israel, where some of the best-trained programmers come from.

Their pedigree is airtight.

“Our story begins at Matzov, the Israeli military unit responsible for defending confidential communications from hackers — the Israeli counterpart of America’s NSA. After spending years designing security algorithms and testing products for vulnerabilities, we became the go-to people for help with securing, well, pretty much anything.”

6Scan set out to build the ultimate quarantine antivirus, reckoning that it was perhaps the best offense, and defense, against redirects and so-called drive-by downloads. The key was that Weltzien and his small team of engineers discovered the that by quarantining the virus, they could reverse engineer it — and thus control its behavior.

So, what’s the advantage of the quarantine approach?

“We look at the content on the app layer. We see traffic as an application. That said, how can we reduce that window? We can see the malicious code going out to the server and we block it,” the energetic Weltzien said.

Crucially, 6Scan disables the malware’s ability to co-opt into a DDoS, disabling the capability of the worm to communicate its nefarious commands to the server. To date, 6Scan claims it IDs, and killed, over 6 million infections.

“So, we can see who the malware is calling to and how long its been there. We can scan and disable the malware before it fills the gap,” Weltzien said with conviction.

“We’re giving them a tool to protect themselves.”

0 comments