Security Bytes

Oct 6 2010   7:44PM GMT

Qualys buys Nemean Networks for behavior-aware malware detection

Robert Westervelt Robert Westervelt Profile: Robert Westervelt


The acquisition expands Qualys’ IDS signatures and increases its threat data.

Vulnerability management vendor Qualys Inc. announced the acquisition of Madison, Wisconsin-based Nemean Networks LLC in a deal that could result in faster signatures for attacks identified in the wild.

Nemean Networks’ core technology was developed at the University of Wisconsin (UW)-Madison. The technology automatically generates protocol behavior-aware signatures to identify malicious attack activity. Nemean uses raw attack data from honeynets to develop an attack signature for specific groups of attacks.

Nemean said its technology can capture large-scale malicious activity. It uses an algorithm to conduct Bayesian analysis and detect anomalies or attack patterns in traffic.

The small company wrapped its technology up into what it called a Network Situational Awareness System. The IDS relies on sensors that apply the Nemean signatures to an enterprise’s traffic stream to detect malicious activity.

Qualys said it plans to use the technology to develop Intrusion Detection System (IDS) signatures for Snort and other open source tools. The company now owns exclusive rights to Nemean’s technology including all patents.

Qualys said the technology can identify malicious attack activity with unprecedented accuracy. The technology also includes a Honeynet system, which captures malware attack data that can be shared with the security community.

Paul Barford, CEO and founder of Nemean Networks will become Qualys’ chief scientist.

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: