How Security Software is Made?

SpyOnTech often shares legal license of various security software for free, even once also reviewed the security software and the result can be read in the Best Antivirus 2012 List. It’s all because SpyOnTech aware about the importance of security software role (antivirus, antispyware, antimalware, etc) for computer user security and safety. But have you think about how security software are made? What are its process? And are they really trustable to secure our computer 24 hours a day and 7 days a week?

To answer above questions, I have looked for information about how security software is made. BitDefender, security software from Romania which will explain how their process to create their mainstay security software: BitDefender Internet Security. Here is interview between 7Tutorials with BitDefender :

What are your steps in creating new version of BitDefender Internet Security Suite?


Not far difference with other software development, we developed the next version after the latest version was released. For example, after releasing 2012 version, so we soon developed 2013 version. In the beginning, we decided what features and changes to be planted in 2013 version.

We identified those new features from various parties, such as reviewers, security experts, and user requests. Moreover, our technical team also give contribution according to their skill. We also analyze other market and security companies. According to those inputs, we finally decided what features to be planted in the next version of BitDefender software. After that, we entered development phases. First of all, we did internal preview for Pre-Beta phase. After that, there will be three other phases. They are:

1. Internal beta : similar like internal preview, but with more users.
2. Private beta : We spread to many users outside the company, but we ourselves selected those users. They can be security expert, experienced users, or anybody who possible to give contribution, suggestion and critic to us.
3. Public beta : We released public beta for 2 – 3 months. We invite whoever want to download it.

Along that beta version, we worked hard repairing and add everytime something new needed. After it is 100% ready to be released, we release it directly to the market. Marketing team, Press Release, and other teams will work hard to echo it to the market.

It seems like not far different with general software development. Was any special challenge in developing security software?

It needed fast responses to guarantee users’ computer security. Commonly, new malware is rare to appear. They commonly are only evolution from the existing malware. So, overcoming them is not quite difficult. However, if there’s a new malware appears, we should quickly find and send update definition to user. We should do it in few hours to guarantee that users’ computers are always be secured.

Besides, we should also develop new feature as the recent condition fast. As example was the release of BitDefender SafeGo. Facebook made many virus spread via Facebook. We should make new feature to stop virus spread through Facebook and soon released the tool/feature. Finally we released BitDefender SafeGo

Talking about BitDefender SafeGo, Do you give it for free or just prepare it for premium user?

We will provide this product whether in commercial Security product or free as Facebook and Twitter app. It helped us to find many new malware fast and conclude it soon. Besides, it can help us in getting customer. A person who satisfied using our free product generally will be attracted by our other new product, and it will raise a chance of new customer for our paid product.

Is there any example about your response speed in protecting your customer?

In addition of providing protection to standard virus, we also try to give full protection to other viruses. As example, if you remember debate about Carier IQ – software which is installed by various smartphone vendor and it can access information (user location, etc) unaware by its user. Eventhough this software is not virus, but so many user worry about it and we want to know whether their data is accessed by Carrier IQ or not. We responded it fast. Our team finally created a new tool, which was BitDefender Carrier IQ Finder only in 3 or 4 hours after the debate appeared.

Where could you find the existence of new malware?

We found information about new malware from various sources, such as:
1. Honeyspot
2. BitDefender SafeGo
3. Data sent by user
4. Cooperation with other security developer
5. Public Malware Database

What is Honeyspot?

Honeyspot is a system which we spread and intentionally we made as ‘victim’. The system is conditioned as easy-target for virus, malware, etc. we kept monitoring the Honeyspot and researching whether any new malware or dangerous activities.

Besides, we intentionally sent various email and made it as easy-target for spammer. Spammers used to broadcast message contained virus, phising url, etc. from them, we analyzed whether any new malware or other dangerous phising sites. Everything would be collected to create our security product updates and keep our product users safe from those dangerous things.

I assumed you’ve already found new malware. What you will do with the malware? How do you know what would the malware does and how to disinfect the system?

We’re not much interesting to find out what malware does. We have interest more to learn whether its attitude is suspicious or not. Whether it is virus or not. Our security software will directly block network access or place it in Quarantine. Our identified malware automatically will be sent to our research lab. Our research team will directly disassemble the virus, understanding what it will do, and update our database definition with information needed.

Talking about your Research Team, can you explain a little about them and their work when disassembled a virus?

They consisted of people whose specialization worked in closed system environment. As example, we don’t want virus they worked become wild and infect all computers in our network. All of our members are security experts with various skills started from encryption to various programming language (including assembly language), understanding internet protocol, hacking technique, etc.

They have duty to decrypt virus code and update database definitions with information needed. Before they were selected as research team, there was long process including training and specialization for 9 months. They were not allowed to work as research team before they graduated the research.

Besides, we want to explain about myth said that there are so many hacker and virus creator recruited by software security companies. It’s not true. In recruiting process, we filtered people who often made malware or other black hat things.

We preferred selecting trustable team member. Every member in our research team is competent to create a virus, even do complex system hacking. But they don’t do it because they believe that it’s not a good way to use their talent. Moreover our company never tolerated any kind of such action.

How long your security product see the latest update definition in your server?


Once in every 45-60 minutes. It’s so important to send update definition as fast as it can. Even in emergency situation, we will send special signal so the product will update definition directly.

Do you cooperate with other security companies?

Yes, we cooperate with them. We work with six other security companies, including F-Secure, G-Data and other companies we cannot mention.


From processes explained by BitDefender, We already found out that managing security software is so complicated and has gone through long process. It needs a lot of work, knowledge in computer, networking, and security. It can be our reason to give our trust about our computer security to those security products. From the length and complicated process, no wonder security software are sold in expensive price.

That’s why, don’t ever waste a chance to get legal license of various security software shared by SpyOnTech. It’s a pity if you missed it ^^.

Travis Brice is a computer technician and also father of two cute children. After 6 years of hard work at telecommunication company, he decides to quit his job and build his own business. Now he also writes for Spyontech on his spare time. He loves to write about operating system, especially Microsoft Windows.

© 2011 spyontech. All rights reserved.