Symantec shows off security research and development projects

At Symantec Research Labs, Symantec's internal research and development arm, there are a number of projects underway which are likely to emerge as products and services within the next 18 months. Sanjay Sawhney, the senior director of research, product development, recently showed off three projects the company is developing:

Social Network Analysis for Permissions

In this project, the goal is to be able to provide recommendations to network managers about how network users could best be categorized in "roles" for what's known as role-based access control (RBAC) so that groups of users can be assigned similar appropriate network and application permissions. RBAC, however, can be hard to figure out in large organizations. Symantec is testing how components in its data-loss prevention (DLP) tool can be put to use to mine user activity to discover collaboration between informal groups, look at events and input from file systems, SharePoint, configuration and Microsoft Active Directory, for example, to derive a sense of the "internal social network" of the organization. "In a period of activity, you can build a social-network graphic," says Sawhney. This visual display, along with RBAC recommendations, should be able to help network managers make RBAC-related decisions -- and identity the users that are simply "anomalous cases" that don't easily fit into an RBAC scheme.

IN THE NEWS: Getting forensics data off smartphones, tablets can be tough, experts say

Mobile Application Risk Scoring

Symantec is coming up with tools for evaluating whether apps are malicious or simply not to be trusted because what they actually do is completely different from what they declare that they do. At this point, "this project is mainly about Android and HTML5," says Sawhney, because Apple iOS presents certain technical challenges due to Apple's tight control. The cloud-based app analysis is becoming available to consumers via Norton Security for Android, and the idea is to expand this for enterprise use, perhaps tying it to an enterprise app store. The project seeks to do run-time analysis of apps in an emulator to check not only for vulnerabilities or malware but also the "gray area" where apps behave in what might be an undesirable way, such as tracking the user or other invasive behaviors -- the "creepiness thing," as Sawhney puts it. "You could shut them out if you wanted."

Personal Cloud Search

It's typical these days to have myriad social-networking and public email accounts, and with Personal Cloud Search Symantec is coming up with a search-engine service that lets users retrieve content and contact information across all their accounts though one personal-information management portal. For it to work, the user would need to share passwords for these social networking and email accounts to be searched, says Sawhney. "It is based on the user being able to trust us," he acknowledges, since Symantec's search capability would be doing the work on the back end. The idea is that "personal cloud search" would be an encrypted search in which Symantec would not be able to know what was being searched for, and the personal-information search information wouldn't be mined for content -- unlike what Google admits are its commercial practices today. Sawhney says Symantec's personal cloud search may first debut in the context of Norton online backup in the future.

Ellen Messmer is senior editor at Network World, an IDG publication and website, where she covers news and technology trends related to information security. Twitter: @MessmerE. Email:


Read more about wide area network in Network World's Wide Area Network section.

Join the CSO newsletter!

Error: Please check your email address.
Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Ellen Messmer

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts