V technology is gradually dying and being replaced by alternative and far more effective IT security technology based on whitelisting. You could view this as an inevitable development, given the horrible inadequacies of AV technology, or you might want to pin the credit on the AVID (AntiVirus Is Dead) campaign which has repeatedly drawn attention to the inadequacy of AV technology and championed whitelisting technology that actually works. Actually it doesn’t matter much either way.

I have identified two trends that are in progress at the moment.

1) The first is that the major AV companies are now actively looking round for whitelisting technology to acquire, so we can expect to see some of the whitelisting start-ups get eaten. Rumor also informs me that there are also some internal projects underway in some AV companies to develop whitelisting products to compete with the vendors that have such technology; SecureWave, CA, Bit9, AppSense, et al.

In respect of this one almost feels sorry for some of the AV vendors. The majors like Symantec, McAfee and Trend Micro have the muscle and market clout to survive and possibly even thrive in the advancing demise of the AV industry, but the smaller vendors have nowhere to go. The writing is on the wall, and it’s being read.

2) New whitelisting start-ups keep appearing - not surprising really because the technology is fast gaining traction and it was validated in a big way when CA came out with its CA HIPS product. (In case you didn’t know CA is, in revenue terms, the second largest IT security software vendor after Symantech).

The latest whitelisting vendor to emerge is SignaCert. I’m quite partial to this company primarily because its executives expressed the same fundamental view of IT security that I have. Actually, when you get down to it, it’s not about malware and hackers, it’s about “software authentication”.

SignaCert, for its part, has been collaborating with major vendors (Intel, Sun, Juniper networks, Cordys, XenSource, PGP and many others) to assemble an “authentication database” for authenticating software. SignaCert provides the authentication platform that complements the database. It is the first whitelisting vendor to make the leap and think in terms of authenticating software for all platforms - not just Windows where the major pain is experienced.

When I initially started the AVID campaign it was because, having thought about it, I concluded that AV must have a limited lifespan simply because it didn’t attempt to authenticate software it only attempted to recognize bad stuff. (It was only later that I discovered how ineffective AV technology actually is). Mention the concept “software authentication” to an AV vendor and you are likely to get a blank stare. It isn’t what AV vendors do.

However software authentication is necessary for many reasons; to prevent people from running the wrong versions of software, to prevent them loading their own software without permission, to prevent people from running software for which your company has not bought a license or to prevent them running it on a machine for which it is not licensed. Software authentication IS the issue. If you have effective software authentication it stops malware stone dead AND it helps manage the software resource in a productive way.

So there is a new AVID hero. It is called SignaCert. Now there are 6 whitelisting companies . By the way, I’ve been sent information which leads me to believe that there may be a seventh one. If it proves true, I can’t say I’ll be surprised. What we are watching here is a major IT security trend in motion.