As you most likely know by this point, Google has recently built an in-house anti-malware team and brought the team out into the light of day via a new blog. When I read Ryan Naraine’s post about the Google security team, my first reaction was, What does Google know from security? A lot, as it turns out. The company has taken a similar approach to the one Microsoft employed in building its antivirus response team: identify the best people in the field and go hire them. In Microsoft’s case, they lured Vinny Gullotto away from Symantec and Jimmy Kuo away from McAfee, among others. Google is not so much worried about viruses as it is about things such as malicious code hosted on legitimate Web sites, spyware, botnets and other Web-based threats. So the company has brought in Niels Provos, an expert on DoS attacks and worm defense;
So it seems like Google is on the right track, but it’s still unclear to me exactly what the company’s intentions are in regards to security. Will they be releasing Web security tools for users and webmasters to implement? Or will the security folks just be working behind the scenes on in-house projects? It’s probably too early to tell, but if the recent past has taught us anything about Google, it’s that the company doesn’t do anything halfway or without a lot of forethought. That might portend more sleepless nights for security vendors who already have to worry about Microsoft encroaching on their turf and now have the considerable shadow of the Googleplex hanging over them.