Sophos Behavioral Genotype is a powerful technology that is able to detect malicious behavior even before specific signature-based detection has been issued. This provides zero-day protection to all customers using Sophos’ web, email, endpoint security and control, and OEM products.
Traditionally, protection against malware and spam was created by security vendors collecting samples, and then developing specific signatures. Today this method is simply too slow and inadequate as there are too many targeted threats and they mutate too rapidly. The only answer against these threats is to stop them pre-preemptively and this is what Sophos Behavioral Genotype Technology does.
It identifies malware or spam, even where the particular sample has never been seen before, by recognizing and extracting “genes” (or components of behavior). It then identifies the combinations of these genes (genotypes) that distinguish malware and spam from legitimate applications and messages. Extracted genes are combined to create a genotype using a finely tuned scoring system. By identifying genes from all the malware it has ever collected, SophosLabs™ can identify the characteristics and combinations of genes that appear in malware. It compares this information with data about the genes that are seen in known good files and in this way, minimizes the risk of false positives.
The Sophos Behavioral Genotype Technology rules and detection are configured and maintained by SophosLabs. No additional configuration is required, which means that there is no overhead on administrators' or users' time.
Sophos Behavioral Genotype Technology:
The approach we have adopted ensures that all Sophos customers receive the best protection against both the wide variety and the volume of today's threats whilst at the same time maximizing performance and minimizing footprint.
Independent tests from AV-TEST and Virus Bulletin have shown that Sophos Genotype Technology is the leading proactive protection in the industry. Information about comparative test of anti-virus products on Windows 7 can be found in this Sophos Naked Security article.
If you've spotted an error or would like to provide feedback on this article, please use the section below to rate and comment on the article. This is invaluable for us to ensure that we continually strive to give our customers the best information possible.
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. For technical support post a question to the community. Or click here for new feature/product improvements. Alternatively for paid/licensed products open a support ticket.