McAfee on Monday announced that it has acquired the ValidEdge anti-malware sandboxing technology from LynuxWorks in order to add a new type of malware detection to its network and endpoint products.
The first integration of sandboxing into its product line is expected in the second half of this year.
Pat Calhoun, senior vice president and general manager of network security at McAfee, said the ValidEdge technology works by running code inside the safety of a sandbox so that malicious activity associated with malware can be detected in a replicated operating system without risk to the customer’s network. Augmenting McAfee’s current line of host and network defence products with sandboxing will provide the basis for what is being called McAfee Advanced Threat Defence.
The move by McAfee comes as competitors such as Sourcefire and FireEye have also implemented forms of sandboxing for malware defence, says Jon Oltsik, senior principal analyst at Enterprise Strategy Group.
Calhoun said some competitors have taken the approach of cloud-based use of sandboxing for malware detection but McAfee’s approach with ValidEdge will be toward providing on-premises technology for sandboxing.