According to AV-Test.org research there are over 390,000 new malicious programs being reported to them each day. This staggering number of new instances is proof that the old days of “script kiddies” writing bits of code for fun and general annoyance has evolved into an industry of organized internet crime and weaponized by governments to be used in cyber warefare. The pinnacle of these are the zero day threats which are yet undisclosed flaws in widely used systems or software that are being used to exploit systems for the retreval of sensitive, valuable information.
To keep pace, traditional antivirus (AV) tools are dependent on large downloads of threat signatures and resource-intensive scans. They require massive software modules that are difficult to install, while typical endpoint scans seem interminable and interfere with user productivity. In addition, endpoint security providers often struggle to stay up-to-date with thousands of new signatures, causing them to deploy large signature updates daily. This slows processing on the endpoint, frustrates users, devours bandwidth and taxes already overburdened system administrators.
The best way to overcome the shortcomings of traditional antivirus and endpoint protection products is to offload processing-intensive signature matching and behavioral analysis to the cloud. Webroot was among the first vendors to offer endpoint protection, mobile device protection and Web security in a purpose-built, client-cloud architecture.
The resource-heavy signature and pattern analyses are handled by dedicated hosted servers, so Webroot endpoint and mobile security solutions require only a lightweight local client on each endpoint and mobile device, minimizing local scan times and using fewer device resources. Rather than comparing known malicious signatures locally on the device, Webroot SecureAnywhere® creates a hash – or a description of suspicious behaviors – and sends that data to be analyzed by Webroot® Intelligence Network™ (WIN) cloud security services. WIN™ services leverage a 150TB database of constantly updated threat information to analyze files and notify the client of its status; known good files are whitelisted and allowed to execute, while malicious files are blacklisted to be blocked and removed.
The Webroot SecureAnywhere® Business Web Security Service provides an additional layer of protection by blocking malware before it reaches the network and controlling employee access to external Web sites. This solution uses multiple heuristic filters to detect zero-day attacks, identify new phishing and malicious sites, and perform URL and Web content-filtering based on over 600 million IPs across 83 categories.
Managed service providers and IT administrators can use the Webroot Web console or an existing RMM solution to create custom access policies for departments, groups and individuals, and to demonstrate compliance with acceptable-use policies. The built-in quota policy limits bandwidth consumption, time spent online and number of sites accessed.
The integration between Webroot SecureAnywhere® Business Endpoint Protection, Webroot SecureAnywhere® Business Mobile Protection and the Webroot Web Security Service enforces a consistent set of security processes for the business network, no matter how far it extends.