You’ve all been there before. You’re having dinner with friends and out come the baby pictures. Inevitably, you are listening to a set of parents who are gushing about the fact that their child is the next Fabio or Christy Brinkley and THEN you see the picture…
Well, I find myself in the position today of being the doting parent. Only in this case, the “child” is a major overhaul of our flagship product, BOUNCER V6.0. With this new release the “child” has grown into an adult. You’ll have to pardon my metaphor here, but I believe building a product is, in many ways, like watching your kid grow up. With V6, we’re realizing the vision we developed for the product when I joined CoreTrace more than 3 years ago.
Why is this release so special? As I’ve said many times before, the historical “knock” against whitelisting (largely propagated by blacklist-based antivirus companies with a revenue stream to protect) was the notion that the management overhead outweighed the significant security benefits. At CoreTrace we’ve focused like a religion on “operationalizing” application whitelisting. By this I mean being able to realize the security advantages of whitelisting while at the same time becoming increasingly transparent to the end users and actually easing the burden on the IT shop. The best of both worlds, if you will.
With whitelisting, that means making it very easy and simple to add and subtract applications from the “whitelist”. With V6, we do this by adding “self-approval queues” to our already best-in-class “Trusted Change” mechanisms (even the names of these new user privilege options are cool –”AllowQ” and “BlockQ” — with the “Q” meaning “queue”). In addition, we’re adding “Application Intelligence” to our product so that the BOUNCER admin can quickly determine if they want to ban or allow applications that are requested through these queues. Not only does our new CoreTrace Software Intelligence (CSI) service include millions of “known good” applications, it also even includes millions of “known bad” pieces of malware. That is right; it provides intelligence based on blacklisting! We have always felt that whitelisting and blacklisting would coexist — we fundamentally believe that the primary enforcement mechanism will be based on whitelisting (for efficacy and performance reasons) and blacklists will be used in a supporting capacity (like ensuring that any *known* malware is identified, stopped and removed from all systems).
Add in a slick new web-based interface and enterprise-class scalability improvements (including a software-only solution, with the management servers shipping as virtual appliances) and it’s recipe for me whipping out my wallet and showing some pictures. In fact, you can go here for more detailed info on BOUNCER V6.
We’ve been able to preview this release with a great many customers, partners, and analysts. In all cases, I asked for brutal honesty and feedback. The reactions have been overwhelmingly positive. Can’t wait to get this into production environments.
You know, it’s pretty cool when your baby really ISN’T ugly…