OpenSBI

From SpybotWiki
Jump to: navigation, search

OpenSBI is an initiative by Safer-Networking to make Spybot - Search & Destroy a more open platform for malware fighting. There are five main components to the OpenSBI initiative:

  1. Spybot - Search & Destroy - all releases since version 1.6 fully support OpenSBI files as an additional source of detections.
  2. FileAlyzer - our file analysis tool offers dozens of functions to create detection patterns for files. RegAlyzer and RunAlyzer also have OpenSBI Editions with support for creating OpenSBI code.
  3. OpenSBI Edit Lite and OpenSBI Editor - a full text editor for OpenSBI files, including syntax highlighting, import of InCtrl5 and HijackThis logs, and context sensitive help. Formerly a stand-alone product, it has become part of Spybot itself.
  4. This Wiki - a documentation wiki with hundreds of pages explaining the usage of the OpenSBI file format.
  5. The Community - integrated into our support forums is a system that allows you to share your OpenSBI files with other Spybot-S&D users, and comment theirs.

Some advantages we created this for are

  1. Diversity - everyone can create detection templates for any software, without depending on a central authority to acknowledge its threat.
  2. Neutrality - we cannot be bought to remove detections from our database, but if you do not believe us, you can simply publish your own rules against some malware.
  3. Continuity - OpenSBI ensures that you'll get updates as long as someone is interested in updating the database (which does not mean we intend to do less work in adding new detections).