Microsoft has created a new threat detection service mainly to secure Linux systems. Project Freta, as they have named it, will be able to detect malware on Linux Systems which, according to Microsoft, could’ve gone undetected before.
Microsoft claims that these malwares have been making rounds on the cloud for a long time and could’ve been a threat to the users of the open-source software.
According to Microsoft, this new threat detecting software works very differently than the malware detection services available before which used sensors to predict the presence something malicious.
These contemporary threat detecting services can easily be bypassed by the malware authors. But in comparison to these, Project Freta uses its ability to learn about the environment it is in, and then create a plan of action by analyzing Virtual Machines.
This just simply means that if a hacker or malware author wants to bypass the security of Project Freta, it needs to apply a little more brain into thinking how to go about it.
Let’s look into the advantages of this software, as listed on the official website.
- Detect novel malicious software, kernel rootkits, process hiding, and other intrusion artifacts via agentless operation by operating directly on captured VM snapshots
- Very easy to use: submit a captured image to generate a report of its content
- Memory inspection means no software to install, no notice to malware to evacuate or destroy data
- Designed for automating IR-like discovery tasks directly into a cloud fabric — though volatile memory snapshots captured from an acquisition tool can also be used for bare iron scenarios where virtualization is not available.
Mike Walker, Microsoft Senior Director, New Security Ventures wrote, “We often think about the field of computer as a field of walls and barriers that keeps intruders out. With Project Freta, we invite readers to think not of walls but of sunlight. Project Freta is a roadmap toward trusted sensing for the cloud that can allow enterprises to engage in regular, complete discovery sweeps for undetected malware”
Microsoft does not plan to stop at this at all. It is thinking about making Project Freta available for Windows as well. There is also scope for Artificial Intelligence to be added to this threat detecting software so that it increases the potential for making decisions on its own.
We see new threats on the internet every day, but that won’t stop us from going online and finding what we have to. Companies like Microsoft make internet a safer place by creating services like these. Shows us exactly how new developers can help the community by making it safer for everyone.