Bit9 will partner with Microsoft and IBM and use proprietary Web crawling and honey pot technology to obtain malicious code samples. Those samples will then be classified and stored in ParityCenter, a database of 1.3 billion software application signatures that Bit9 uses to identify legitimate and illegitimate programs. Bit9 executives eventually see ParityCenter as a kind of "Google" for software applications, allowing third-party vendors to positively identify both trustworthy and malicious applications, according to Brian Hazzard, director of product management at Bit9.

"We want to be the definitive source of information about applications for customers, malicious or not," Hazzard said.

Adding malicious code samples to ParityCenter will enable Bit9 customers to get a more complete view of what programs are running on their network and whether they are trustworthy or not, then set appropriate policies for each application, he said.

"Not all software is black or white. A lot of it is gray. You've got programs that aren't malicious, but may not be appropriate for the enterprise," Hazzard said. "Or businesses may say 'Software that's released by Adobe or Microsoft is OK if it's signed by the vendors.'"

Up to now, ParityCenter has focused on cataloging legitimate business applications, with "graylisting" used to flag any unauthorized programs. The database has 1.3 billion entries, as of November, with 290 million added in just the last six months, Hazzard said.