DriveSentry
Encyclopedia
DriveSentry is an antivirus
program, developed by DriveSentry Inc, to protect Microsoft Windows
users from malware
. It is available free for personal (non commercial) use, though with restricted functionality.
, the company also has major operations performed out of Nottingham
, England
. Originally centered around drive firewall technologies, DriveSentry Inc developed and patented the world's first firewall for disk drives. Since 2005, DriveSentry Inc has expanded into the competitive field of AntiVirus
solutions.
and on demand virus scanner, and uses the following methods to determine if an application contains a virus before allowing it to run:
DriveSentry partners with Offensive Computing and Frame4 Security Services to collect and analyse malware samples for the database list, partnering in this way ensures that the database is fed by multiple sources and therefore offers redundancy.
Although DriveSentry's basic features are available for free, its more advanced features such as automatically updating its white and blacklists have to be paid for via a one-off payment.
technologies are having an increasingly hard time keeping up with the latest virus, trojans
and other malicious threats
. The popularity of the Internet
and the ease at which data can now spread, allows threats to propagate faster, requiring traditional antivirus products to play "catch-up" with new zero day threats. The techniques of using white/blacklisting and community feedback, may offer greater security
However, this functionality does come at a cost - specifically, whitelisting only allows pre-vetted software to be executed, and prevents all other software from running, even if it is harmless. DriveSentry avoids this issue by allowing the user to be prompted if programs don't appear in the black or whitelist. This then forces responsibility on the end user to determine what is good or bad. DriveSentry attempts to help the user by monitoring the action of the program and calculating and displaying a threat rating.
Furthermore, malicious software which has been included on the whitelist can still be executed.
Antivirus software
Antivirus or anti-virus software is used to prevent, detect, and remove malware, including but not limited to computer viruses, computer worm, trojan horses, spyware and adware...
program, developed by DriveSentry Inc, to protect Microsoft Windows
Microsoft Windows
Microsoft Windows is a series of operating systems produced by Microsoft.Microsoft introduced an operating environment named Windows on November 20, 1985 as an add-on to MS-DOS in response to the growing interest in graphical user interfaces . Microsoft Windows came to dominate the world's personal...
users from malware
Malware
Malware, short for malicious software, consists of programming that is designed to disrupt or deny operation, gather information that leads to loss of privacy or exploitation, or gain unauthorized access to system resources, or that otherwise exhibits abusive behavior...
. It is available free for personal (non commercial) use, though with restricted functionality.
Company overview
DriveSentry Inc, founded in 2005, is a computer security company. Headquartered in Mountain View, CaliforniaCalifornia
California is a state located on the West Coast of the United States. It is by far the most populous U.S. state, and the third-largest by land area...
, the company also has major operations performed out of Nottingham
Nottingham
Nottingham is a city and unitary authority in the East Midlands of England. It is located in the ceremonial county of Nottinghamshire and represents one of eight members of the English Core Cities Group...
, England
England
England is a country that is part of the United Kingdom. It shares land borders with Scotland to the north and Wales to the west; the Irish Sea is to the north west, the Celtic Sea to the south west, with the North Sea to the east and the English Channel to the south separating it from continental...
. Originally centered around drive firewall technologies, DriveSentry Inc developed and patented the world's first firewall for disk drives. Since 2005, DriveSentry Inc has expanded into the competitive field of AntiVirus
Antivirus software
Antivirus or anti-virus software is used to prevent, detect, and remove malware, including but not limited to computer viruses, computer worm, trojan horses, spyware and adware...
solutions.
Detection methods
DriveSentry provides a realtimeReal-time protection
Real-time protection, on-access scanning, background guard, resident shield, autoprotect, and other synonyms refer to the automatic protection provided by most antivirus, antispyware, and other antimalware programs, which is arguably their most important feature...
and on demand virus scanner, and uses the following methods to determine if an application contains a virus before allowing it to run:
- Whitelisting: Programs are first checked against a list of known trusted and validated applications and files. These "whitelisted" files are allowed to run without restriction.
- BlacklistingBlacklist (computing)In computing, a blacklist or block list is a basic access control mechanism that allows everyone access, except for the members of the black list . The opposite is a whitelist, which means allow nobody, except members of the white list...
: Only if programs are not present on the whitelist are they then checked against an updated database list of virus signatures; those files whose MD5 signature is on the list are automatically moved to quarantine area if they attempt to gain access to system or data. This is technique as used by practically all antivirus products as the first line of defence. - Heuristics If the programme is not on either list its behavior is compared to that of previous encountered malware.
- Community Statistics: DriveSentry also collects and stores user statistics based on access decisions made by the user, which is shared amongst all other users.
DriveSentry partners with Offensive Computing and Frame4 Security Services to collect and analyse malware samples for the database list, partnering in this way ensures that the database is fed by multiple sources and therefore offers redundancy.
Although DriveSentry's basic features are available for free, its more advanced features such as automatically updating its white and blacklists have to be paid for via a one-off payment.
White/Blacklisting
Articles in computing publications discussing new malware protection technologies - such as whitelisting - claim that traditional antivirusAntivirus software
Antivirus or anti-virus software is used to prevent, detect, and remove malware, including but not limited to computer viruses, computer worm, trojan horses, spyware and adware...
technologies are having an increasingly hard time keeping up with the latest virus, trojans
Trojan horse (computing)
A Trojan horse, or Trojan, is software that appears to perform a desirable function for the user prior to run or install, but steals information or harms the system. The term is derived from the Trojan Horse story in Greek mythology.-Malware:A destructive program that masquerades as a benign...
and other malicious threats
Malware
Malware, short for malicious software, consists of programming that is designed to disrupt or deny operation, gather information that leads to loss of privacy or exploitation, or gain unauthorized access to system resources, or that otherwise exhibits abusive behavior...
. The popularity of the Internet
Internet
The Internet is a global system of interconnected computer networks that use the standard Internet protocol suite to serve billions of users worldwide...
and the ease at which data can now spread, allows threats to propagate faster, requiring traditional antivirus products to play "catch-up" with new zero day threats. The techniques of using white/blacklisting and community feedback, may offer greater security
However, this functionality does come at a cost - specifically, whitelisting only allows pre-vetted software to be executed, and prevents all other software from running, even if it is harmless. DriveSentry avoids this issue by allowing the user to be prompted if programs don't appear in the black or whitelist. This then forces responsibility on the end user to determine what is good or bad. DriveSentry attempts to help the user by monitoring the action of the program and calculating and displaying a threat rating.
Furthermore, malicious software which has been included on the whitelist can still be executed.