News Stay informed about the latest enterprise technology news and product updates.

Microsoft acquires rootkit detection vendor

Rootkit detection vendor Komoku, which does the bulk of its business with the Department of Defense, will be wrapped into Microsoft's Forefront and Windows Live OneCare software.

Microsoft acquired rootkit detection vendor Komoku Inc., in a deal that would wrap the vendor's technology into Microsoft's Forefront line and Windows Live OneCare, security software.

Rootkits are just getting nastier and enterprises have to have the weapons to fight them.
Andrew Jaquith,
senior analystYankee Group Research Inc.

The deal was completed on Wednesday. Financial terms of the acquisition were not announced.

Founded in 2004, Komoku developed advanced rootkit detection products. The vendor has been working under the radar in its niche space, being awarded a number of government contracts with the Department of Defense, Department of Homeland Security and the U.S. Navy.

Security vendors have been starting to add rootkit detection capabilities into their software suites. McAfee added rootkit detection to its suite late last year. Antimalware vendor Sophos also has a rootkit detection feature.

Shining a spotlight on rootkits: In this tip, contributor Scott Sidel discusses rootkit attacks, and unveils several free software tools that can help to assist security professionals in the rootkit detection process.

Building malware defenses: From rootkits to bootkits: There's an evolving form of malware on the scene that can silently and maliciously wreak havoc on operating systems.

Enterprises are consistently showing interest in security against rootkit infections, said Andrew Braunberg, a senior analyst at Sterling, Va.-based Current Analysis. Adding the feature to Microsoft's Forefront line is a natural transition, he said.

"It's a newer feature showing up in some vendor product lines, so in many ways Microsoft is moving forward quickly on this," Braunberg said.

Microsoft said the Komoku name and product line would be retired as the company winds down its affairs after closing. Komoku's staff would be wrapped into Microsoft's Access and Security Division.

"I'm excited about the Komoku team joining Microsoft and building on our successes in detecting sophisticated rootkits for customers," said William A. Arbaugh, president and chief technology officer of Komoku as well as an associate professor of computer science at the University of Maryland at College Park.

In addition to technology, Komoku's talent may have made it an attractive acquisition target, said Andrew Jaquith, a senior analyst at Boston-based Yankee Group. The firm's staff is well rooted in the university research community and connected to government agencies. Arbaugh is known as a rootkit expert and was a member of Defense Advanced Research Projects Agency's Information Science and Technology (ISAT) study group.

"It's clear that the antimalware race has been heating up," Jaquith said. "Rootkits are just getting nastier and enterprises have to have the weapons to fight them."

Dig Deeper on Malware, virus, Trojan and spyware protection and removal

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.