Microsoft has released a new threat detection service that it hopes can significantly improve security protection on Linux systems. Project Freta is a free cloud-based tool that is capable of detecting new forms of malware and other types of malware such as rootkits and cryptominers that Microsoft says may go unnoticed on Linux systems. The company notes that such threats often hide in Linux cloud virtual machine images, putting users of the open source platform at risk.
Linux security
Microsoft says that Project Freta offers an entirely new way to detect malware threats, going beyond existing methods that rely on sensors to predict the presence of something nasty. Such methods can often be hijacked or completely ignored by malware authors, meaning a new approach was needed. The Freta project can analyze virtual machines (VMs) to learn new environments and how they are affected by malware, before using this knowledge to detect emerging threats. Microsoft says Project Freta automatically scans images of thousands of Linux cloud virtual machines for new forms of malware and sensor corruption, and supports more than 4.000 kernel versions at launch. This makes it incredibly resilient, which means that malware writers should invest heavily in developing new threats that can bypass new scanning technology. Project Freta users, who will need a Microsoft account to access the service, can also submit a captured image to generate a report of their content, helping to increase the reach and experience of the initiative. "We often view the field of computer security as a field of walls and barriers that keep intruders out," Mike Walker, Microsoft's senior director, New Security Ventures, wrote in a blog post announcing the launch. "With Project Freta, we are inviting readers to think not about walls but about sunlight... Project Freta is a roadmap to trusted cloud-based detection that can help businesses kick-start their regular detection operations and comprehensive undetected malware." Initially only available for Linux systems, Microsoft says it plans to add Windows support for Project Freta soon, as well as artificial intelligence technology that may increase decision-making potential. "We hope that Project Freta will empower administrators and stakeholders and be used globally as it has been used at Microsoft: to ward off advanced intruders and their toolkits," Walker concluded. Via BleepingComputer