How long has the company been around and involved in the AV Industry?
We have been in this business since the very first days viruses appeared on micro computers, now referred to as PCs. We have been processing virus samples since about 1988.
What is special about Command vs. other AV solutions?
- Award-winning, multi-layered detection - The SDK is based on a Unified platform with multiple detection technologies for maximum protection. Zero-hour detection is ensured by the flexible architecture which enables fast reaction to new threat types. Command AV continually proves its superior detection in product evaluations. For this reason it has been selected by industry leaders, such as Google, Websense and Microsoft.
- Industry leading performance & scalability – The SDK excels at rapid object processing (particularly clean files which are the majority on most systems) and consumes very low resources. The Command engine has numerous proven deployments requiring less than half the servers compared to other solutions. This advantage is especially clear on sites where Command runs alongside a second AV engine. A complete evaluation of Command benefits from integration of the SDK into the OEM environment to illustrate this large resource saving.
- Maximum operational flexibility – The SDK is easily integrated as a standalone AV or with multiple engines. In addition the tiny SDK footprint supports deployment on a wide range of platforms and environments. These advantages have convinced vendors such as McAfee to deploy Command alongside their own solutions. The flexibility of implementation has made Command the choice for a wide range of solutions, from the smallest network appliances and desktop clients to carrier-grade network clouds.
How do you name malware?
As far as naming is concerned we try to be as close as possible to the CARO naming convention. We may append the name of the heuristic detection mini-engine. Therefore the name could be CARO_name!generic or CARO_name!heuristic_mini-engine.
The Commtouch solutions we know are all based in the cloud. Is Command Antivirus a cloud-based solution?
Most virus detections are handled by the Command SDK, which resides locally on the server or device. The SDK utilizes multiple engines to detect viruses based on heuristics, file signatures and other proprietary techniques. However, in some cases the SDK will query the cloud for final verification.
Can you describe the API?
The Command API is similar to Common Object Model (COM). It consists of fewer than ten calls with a range of parameters for optimal flexibility.
What environment can the SDK be integrated into?
The Command SDK can be integrated with any language that provides a C/C++ interface method, such as Python, Java, etc.
How long does the integration typically take?
The SDK is very easy to integrate. Most partners take one to three days to get the SDK integrated.
Does the Command SDK scan compressed archives e.g.: zip files?
Yes. The SDK scans zip files by default and the level of depth can be specified, like a zip within a zip, within a zip, etc. The default scan level is 5.
When scanning an archive does the SDK report on every file within the archive, or just a general answer if a virus was found in one of the files?
The scan engine will iterate and scan through all objects inside an archive.
How big is your database/definition file?
The definition files are between 30 MB to about 50 MB
Can you supply some virus files for evaluation of your SDK?
We never supply actual viruses for test. It is against the CARO (Computer AntiVirus Researcher's Organization) rules. We can supply specific test samples that are not actual viruses but trigger our engine. The EICAR test file can also be downloaded from www.eicar.com. This can be used to test different functionalities in the SDK.
