Immunet Blog

On August 19th of 2009 Immunet Protect was unveiled to our Community with version 1.0.10. Our product was the first cloud-based free Companion Anti-Virus product on the market. It seems like only yesterday that we published the software, but twelve months have flown by and now we’ve come upon our first birthday. It's been a tremendous year for us and our whole team would like to thank you and the rest of our Community for the success we've experienced since August 19 of 2009.

Our year has been thick with achievement and our entire user Community has driven nearly all of it. As a small contender in the Anti-Virus world we rely on word of mouth to build our global footprint and this comes from directly from you, our end user. It's difficult to overstate this; we started as and remain a Community driven project. To illustrate our successes this year, I'll break down 3 quick areas where you helped us excel:

1. Strength in numbers

In our first week of deployment we saw a little over 1000 users join our Cloud.Our first 6 months saw us hit 75,000 new users into our Cloud. The last 6 months have seen us gain an additional 385,000 new users! As I write this we are at slightly over 460,000 users in our Cloud, all working together to stop threats from impacting one another's systems. If our growth rates continue on our current trajectory we have a good chance of seeing 1,000,000 users in the not too distant future.

We are also now protecting users in 192 countries around the globe. We service users in nations as large as the United States and as small as the Vatican City. We are showing up everywhere and all of this is driven by you and other users like you in our Community.

2. Coverage

When we released in 2009 we covered a little over 3,000,000 million threats. Today we protect against 14,474,614 specific threats and many more variants of those same threats. On average we actually stop cold over 17,000 attempted infections in our Community daily.

3. Software & Community

We initially released Immunet Protect 1.0.10 with a simple user interface, a single engine and a series of configuration options. It was a clean, basic Anti-Virus product, and we were very proud of what we had produced.

With heavy Community involvement serving as a guide for additions and changes we've since shipped 16 more releases on the 1.0 code base. We then shipped a brand new product with version 2.0 and are now at version 2.0.15. In total we have shipped 2 major releases and 30 minor releases in the last 12 months. Our product now has 4 engines and a Community focused new User Interface complete with a new commercial stand alone Anti-Virus offering (Immunet Protect Plus) which offers Offline support and advanced complex threat removal. We have produced all of these features while *still* shipping our Free product under 7.5 megabytes in size.

As our first birthday passes us we are already looking ahead to our roadmap over the next year and the next 1,000,000 users. You will see new languages supported in our product, leaps in detection abilities and completely unique protection features in the product in the next 12 months. Without giving too much away I think you’ll be pleased with the changes we have planned.

Finally, if you're one of our users from the Community Forum I would like to extend a special thanks to you. Your help during our day-to-day operations of the company is critical - you make us possible. If you are not actively having a say on our future, please feel free to join us at our Forum and let us know where you think we need to be headed. Thanks so much for your help so far, we depend on it, please keep up the good work!


Best Regards,
Al Huger

VP of Engineering & Co-Founder
Immunet Corp.




I often get asked what makes Immunet’s approach to detecting threats different than the mainstream Anti-Virus companies.  In a nutshell, our goal is to find threats which are in small parts of our community, analyze them and then protect the whole community from them as fast as possible, often in near real time.

We do not focus on obscure threats, or threats which circulate outside of our community. We are not big fans of the 'boil the ocean' approach to doing Anti-Virus. It works well for reviewers (who test with everything under the sun) but it rarely really helps your community. There is a reason people are still getting viruses and it's time we rethink our (the industry) approach to tackling this problem.

As to 'how' we convict files. All of our current approaches entail communication back and forth with the cloud so that rarely is a decision made in 'decision support isolation’. This allows you to work with the most current, up to the minute, information that we have. Here are some of the approaches we use:

1. Generic detection of threats through broad hashing. We look for things that look 'like' threats we know of and try to further analyze them for conviction so we can protect the community. This can also be called a 'heuristic' engine if you like.  Our generic engine is ETHOS; we have another planned for May, which is called SPERO.
2. Context conviction, this is where we make decisions based off the data we receive about a file in field. From community collected data we can make assumptions about whether a file is a virus or not. For example, did our AV stop working after it was installed? Did the system start to see other viruses after it was installed? Questions like this will often lead to answers, which make us highly suspicious of a file.  
3. One-to-One conviction, this is where there is a known threat we've collected from the community, through collection trading or gathered from web crawling. For each of these collected (and verified malicious files) we generate a signature. When users do file look-ups this signature is sent to us, if it matches a known threat we convict the file as a virus.

There are a few other ways as well and each of those approaches above could be a daylong chat on their own but that's the mile high view today (March 7, 2010).

Clif Sipe over at Techie Buzz just gave Immunet Protect 1.0.25 a very thorough review that is worth a read. You can find the review here. The upshot is that we recieved a 4/5 rating from Clif who has been watching the product for a few months now.

Immunet Protect Beta 1.0.24 was recently put through its paces by the folks over at Malware Research Group (MRG). MRG is doing a well thought out monthly review of 30 anti-malware products to see how well they detect fresh, real world, active Rogue Anti-Virus programs.  The report titled “Rogue Software Infection Prevention Test, January” showed Immunet Protect Beta performed quite handily. In fact, we beat out both Microsoft Security Essentials and Avira  at detecting these in-field threats. It’s great vindication for our community (and the development team of course..), particularly given we are in beta with some ways to go before all of our detection engines are deployed!

All,

The updater files for migration to 1.0.25 are now posted. The updaters will install the new product, uninstall old product if you have it and then load your new drivers. Migration can be done from any Immunet build from 1.0.14 up to current (1.0.24). You will be prompted for a reboot as we are replacing drivers with this install. Windows XP SP2 is not supported, only XP SP3 and up. Vista SP1 + and Windows 7 are also supported.

The primary changes in 1.0.25 are:

• Fixed an installer issue where some driver failures were occurring on non-native English OS installs.
• Fixed an 'Offline Mode' issue related to DNS under certain platforms.
• Increased efficacy of the ETHOS engine and reduced it's memory footprint.
• Fixed an issue with the local system cache which causes some look-ups to fail.

The Immunet Protect Beta 1.0.25 32 bit Updater is:Here
The Immunet Protect Beta 1.0.25 64 bit Updater is:Here

Our intention is for this to be our last update for the product until our April release.

All,

The updater files for migration to 1.0.24 are now posted. The updaters will install the new product, uninstall old product if you have it and then load your new drivers. Migration can be done from any Immunet build from 1.0.14 up to current (1.0.24). You will be prompted for a reboot as we are replacing drivers with this install. Windows XP SP2 is not supported, only XP SP3 and up. Vista SP1 + and Windows 7 are also supported.

The Immunet Protect Beta 1.0.24 32 bit Updater is: Here
The Immunet Protect Beta 1.0.24 64 bit Updater is: Here

Next week or the week after we will be shipping 1.0.25 which is purely a bug fix release. We will also ship updaters for this coming build.