Included Tools
VFind™
VFind™ is the malware scanner and pattern analysis tool in the ToolKit, and is unlike any other anti-malware program in
existence. It was the first anti-virus scanner for UNIX, the first heterogeneous scanner and the first scanner to
incorporate a full virus description language, VDL. VFind™ determines the file type by direct examination of the file's contents.
This makes VFind significantly more powerful than other anti-malware products.
The VFind™ Security ToolKit Family of computer security products offers so much more than just virus scanning.
Our VSTK family of products supports all UNIX type operating systems including UNIX, Linux
(all versions), Solaris, AIX, HPUX, and others. CyberSoft may be able to support any operating system upon request.
Our anti-malware includes a virus scanner with a fully published, and accessible, pattern analysis
language, as well as a cryptographic integrity tool for baseline management. The VFind ToolKit provides tools to deal with
hidden threats, self-repair tools and more. Our products are easily integrable with any other program.
VFind Real-Time Scanner
Actively monitor directories for changes by extracting, inspecting, and scanning new and modified files in real-time.
Cryptographic Integrity Tool
The Cryptographic Integrity Tool (CIT) detects malware, hackers, sabotage and baseline configuration violations
from any source. Using cryptographic change detection, we are able to reduce help desk turnaround time from hours to minutes.
An end-user calls stating the system doesn't work...they claim they didn't change anything, and a proposal is due
out the door by noon. Is it a user error, an attack, or sabotage? CIT will never lie and cannot be tricked!
Universal Atomic Disintegrator
The Universal Atomic Disintegrator (UAD) solves two difficult problems — identification and decomposition.
Decomposition of a file to it's smallest indivisible parts is a difficult problem. First the program must have
infallible identification of the file in order to decompose it. This is not a problem for UAD, which identifies
the file by direct examination of it's contents.
Loopback Head and Loopback Tail
Loopback Head & Loopback Tail (LBH & LBT) ensure that unchanged (but infected) files are re-analyzed by VFind™. LBH reads
filenames from a user-customized database; LBT uses the VFind™ output to create a database suitable for use with LBH.
AVA
AVA is a system which provides automated, accurate, and rapid responses to cyber threats in the event of a cyber attack or
other major event. Additionally, it provides continuous monitoring of the cyber landscape, identifying new threats and automatically
adapting malware definitions to identify them. This service is always included with your active maintenance and support
subscription.
VFind™ Daemon
The VFind Daemon provides user applications, virus scanning, and detection services at a high level of performance. Running
as a Daemon process, it eliminates the need to re-initialize the scan engines upon each request. All files are processed as
they are received, improving response time and minimizing the effect of malware scanning on the main application.
VFind Daemon file scanning and virus detection services, are accessible to any application running on a user's system. It's
multi-threading capability enables it to scan requests from multiple applications concurrently. Applications can access
VFind Daemon services through an easy-to-use message interface. The Simple Virus Scanning Protocol (SVSP) is a text-based,
request/response interface that gives applications full access to VFind Daemon services. SVSP includes commands, that enable
the program to set scanning options on a per-request basis and, to specify the file to be scanned. Requests can be tagged so
that the subsequent responses can be matched. This allows the anti-malware application to submit multiple scan requests, and allows it
to match the asynchronous responses. A client program is also provided to further simplify accessing and using VFind Daemon.
VFind Daemon can also support the interfaces for other available malware scanning Daemons, such as: ClamAV's and clamd.
This makes it possible to incorporate VFind Daemon into an existing system with minimal software changes, and enable
applications to migrate towards utilizing VFind's additional capabilities, at the leisure of the user.
The multi-threading capability allows VFind Daemon to scale gracefully and take advantage of systems with multiple
processors. The thread number used by VFind Daemon, is configurable and can be set to match the available computing power.
