By shifting malware detection away from signatures and behavior to whether any kind of code exists where it’s not supposed to be, the SoleGATE Security Platform from Solebit has the potential to disrupt both endpoint security and sandboxing.
The one thing that all malware has in common is that it’s comprised of computer code. But in cybersecurity, so is everything else. Lots of companies have tried to make the distinction between good and bad code, whether by comparing samples to the signatures of bad files, setting programs into a sandbox and seeing what they do, or applying artificial intelligence and machine learning to behavioral analytics while examining how a file acts. None of those methods has been entirely successful, and some, like signature-based protection, are almost completely outflanked by today’s most advanced malware.
That is the environment that Solebit and its SoleGATE Security Platform is wading into. The company might just have found a foolproof way to identify malware, any kind or flavor, known or unknown, and block it before it even gets into a network. It does this by taking a new approach to detection that ignores heuristics, behavior or signatures. It simply presumes that there is no legitimate reason for executable code to be present within a data file, and blocks entry to any file that breaks that zero-tolerance rule.