Some industry watchers may still question why Symantec moved to acquire storage software maker Veritas for $10.2 billion in 2004, but the fruits of the companies' combined labors are already proving the deal as a winner, according to executives with the massive security firm.
As part of a recent media tour aimed at highlighting innovation ongoing within the security giant, Mark F. Bregman, CTO at Symantec, said that the Veritas merger has armed the company with a wealth of strategic opportunities.
While some industry and financial analysts have wondered aloud when Symantec would begin marketing technologies that were borne as a result of the two companies' merger -- the types of products that Symantec Chief Executive John Thompson touted at the time the deal was announced -- Bregman and Stephen Trilling, vice president of research and advanced development at the firm, said that jointly-developed tools are already in customers' hands.
The executives said the best example of technologies made possible by the marriage of the vendors isn't a standalone point product as some observers might have expected but instead an application that helps Symantec's existing antivirus products ward off sophisticated rootkit attacks.
Labeled as Raw Disk Scan, the application -- shipped as a feature of Symantec's corporate AntiVirus and Norton consumer anti-malware packages -- combines a hard drive scanning technology built by Veritas with the security company's own malware detection and removal tools to hunt down and eliminate rootkits.
The Veritas software used in the application allows the technology to directly read sector data from device hard drives and then reconstruct the files for malware scanning without ever needing to access a machine's operating system.
Traditional security applications have carried out such file scans through the OS, allowing rootkits an opportunity to inject code to cloak themselves and circumvent antivirus systems, said Carey Nachenberg, chief architect at Symantec
"With Raw Disk Scan, we take the most common technique that rootkits and spyware use to hide themselves, what we call file-level stealthing, and bypass all known file-based techniques for those types of programs," said Nachenberg. "It's a great synergy between the two existing technologies that instantly gave us the ability to detect and remove every rootkit we know about today."
While the first iteration of Raw Disk Scan searches for attacks using malware signatures and can't detect previously unidentified rootkits, future versions of the product that do so are in currently development, Nachenberg said.
Bregman said that the technology is a prime example of the type of capability engendered by the Veritas merger that those who question the success of the two companies' marriage might have missed.
"We couldn't do this on our own, and Wall Street sometimes misses that point; many times, the big innovation from this merger will come in core improvements of our products," Bregman said.
"I think the misconception was that people thought they were going to wake up the day after the merger and find a new product category, and maybe we were guilty of setting some of those expectations," the CTO said. "Clearly, some people outside the company thought that was what would happen, but Raw Disk Scan is a great example of how we can leverage the combined technologies to solve important problems today."