ESET for security

Founded in Bratislava, Slovakia, ESET has undergone sustained growth over the past 17 years. The company now has customers in over 160 countries across the globe and was able to achieve sales of over $130 million last year.

ESET also has an average three-year growth rate of 99 per cent, with an extensive global distribution network of over 3,900 partners worldwide and offices in the UK, Argentina, the Czech Republic and the US. Today over 70 million customers rely on the company for home or business security.

“ESET has seen a steady uptake over the past years, which has not abated despite the economic downturn,” states Paul Brook, ESET’s chief executive officer for the UK. “Double-digit growth year-on-year is supported by renewal rates and substantial organic growth, and within the UK staffing levels have increased threefold in the last 18 months.

“Our current market share in the UK is smaller than the major vendors. However, winning business is not proving to be problematic and we expect this to increase steadily over the next few years.”

Most people are likely to know ESET for its flagship product, NOD32 Antivirus, which forms the backbone of its portfolio and the foundation for the firms’ smart security software and its award-winning ThreatSense engine.

“ThreatSense combines multiple layers of detection technologies to ensure that threats are detected with a high degree of accuracy,” explains Brook. “It uses traditional and generic signatures to detect known threats and their variants. Passive heuristics finds patterns that indicate the presence of a malicious application. For applications that use encryption or compression to hide their true intentions, active heuristics employs emulation technologies to run the application in an isolated environment, then intelligently weighs a variety of observed behaviours to determine whether the application in question is malicious. We are very proud of its performance.

“These layers of detection capabilities allow the software to stop variants of known threats and even new threats faster than our rivals and the manner in which it operates ensures a low system footprint, enabling these advanced processes to run in the background with minimal impact on system speed or resources.”

The focus on fast identification and neutralisation of threats is key in an environment that has seen the creators of malware become more sophisticated and professional with each passing year. Many attacks are made on a ‘by order’ basis and the gathering of personal information is more lucrative than ever before.

“Where there used to be hobbyist virus authors writing proof-of-concept malware that might or might not get out into the wild (and more often than not wasn’t intended to do more than replicate), there are organised gangs using samurai (hackers-for-hire) and malware coders who may be freelancers, but are mostly in it for the money,” observes Brook.
“Similarly, the malware tends to have solid commercial value: banking trojans and password stealers for phishing and other direct financial fraud, agent software that enables the sale or rent of botnet services for purposes such as Distributed Denial of Service attacks (DDOS), click fraud, and various forms of spam and fake security programs which also have a fraudulent agenda. There are still hobbyists around, but most of the proof-of-concept code is for other platforms such as smartphones, which probably offer fewer opportunities for huge profits at the moment.”

Adaptability is one of the key characteristics of malware developers, and so for many security companies, the emphasis must be on observing legitimate web trends and anticipating any possible future threats. Another problem for security vendors is that as soon as a loophole is identified and patched, many hackers will immediately act on the identified loophole, in an attempt to catch users who are slow to update their software.

“Threats based on social engineering will continue to live long and prosper though zero-day vulnerabilities and drive-by downloads will still offer a useful entry point for some kind of attack,” Brook notes. “We expect to see a continuing shift away from attacks on operating system vulnerabilities towards weaknesses in applications –that will be much harder to track. Because changes in threats and defensive software tend to drive each other, we prefer not to speculate too much publicly on the technical possibilities. There is enough innovation in malware creation without vendors adding value.”

So, with the future as a primary concern for the security industry, what plan does ESET have for the coming years ahead?

“In the short-term, we have an increasing range of products on the horizon, including ESET Mobile Anti-virus for Symbian and ESET Mail Security 4for Microsoft Exchange
Server,” says Brook. “Alongside these software packages, and other products, our key focus is to provide increased level support for both end users and our channel alike. Ultimately, we are clear that our products deliver exceptional performance, both in terms of speed and detection, with a low footprint and we intend for it to stay that way.

“Predicting the future is not an easy thing to do, especially in this day and age. More and more people are coming on board with ESET and we would expect to be a universally recognised name, both by businesses and consumers, within the next five years. Last year, Forbes wrote that ‘ESET may be the most effective virus scanner you have never heard of’ –we are expecting that to have changed within the next few years.”