RealTime IT News

Open Source ClamAV Continues to Thrive at Sourcefire

This past week, the four founders of ClamAV -- Tomasz Kojm, Alberto Wu, Luca Gibelli, and Edwin Török -- announced they were leaving Sourcefire. But the departures are not a sign that the 10-year-old ClamAV project is in trouble, according to Sourcefire executives.

"The group was upfront about leaving and they explained that it was time to move on," Matt Watchinski, vice president of Sourcefire's Vulnerability Research Team (VRT), told eSecurity Planet. "They truly did feel that they had accomplished what they wanted with ClamAV and wanted to try something new. I think that's a common situation with innovators."

Of course, with the former ClamAV leaders moving away, there is always a possibility that they might start a competitive project -- but Watchinski says that Sourcefire is supportive of their former employees future endeavors, whatever they may be.

"As a practice, we always stand confident in our own innovation," Watchinski said.

Sourcefire's innovations are many. The company first rose to prominence as the leader of the open source Snort IPS system, which remains the cornerstone of its technology platform. As for ClamAV, Sourcefire has moved that technology forward in a few different ways.

On the consumer side, Sourcefire integrated ClamAV into the commercial Immunet consumer anti-malware product for Windows. Sourcefire acquired Immunet in 2011 for its cloud-based antivirus technology. That technology has been expanded with ClamAV as a core scanning engine used by over 2 million consumers.

"We also added additional malware analysts for signature creation, so that in field efficacy is much higher, as well as added a ton of backend improvements for content creation and malware classification," Watchinski said. "Externally, for the community, we developed a bytecode engine for more complex detection, improved PDF file support for PDF-based malware, and re-wrote the milter interface for faster gateway scanning and better integration with mailers."

Read the full story at eSecurityPlanet:
Sourcefire Pushes Open Source ClamAV Forward

Sean Michael Kerner is a senior editor at InternetNews.com, the news service of the IT Business Edge Network, the network for technology professionals Follow him on Twitter @TechJournalist.