Symantec has announced a free public beta for its new Norton AntiBot software. As its name implies, this stand-alone software attempts to identify malware that might be residing on your system by analyzing your system behavior.
According to Symantec:
AntiBot is meant as a supplement to antivirus software, not a replacement, and doesn’t use signatures as traditional antivirus products do. Instead, it examines how a program behaves – where it runs from, what Registry changes it makes, what Internet sites it may attempt to contact, and so on.
The main difference here compared with many other traditional virus and spyware software is that Norton AntiBot does not use signature updates. To find out what I think about signature-based updates, I wrote a piece a while ago about its ineffectiveness in the world of zero-day exploits. Check out The Death of the Anti-Virus Software.
The final version of Norton AntiBot is planned to be released around July, so check it out.
Do you think Norton AntiBot deserves a place in your corporate network as part of a layered-defense strategy? Or is it just another piece of bloat-ware to suck your IT budget? Join the discussion.