Malware is at such high levels (more than 60 million unique samples per year) that protecting an endpoint with traditional antivirus software has become futile. More than 100,000 new types of malware are now released every day, and antivirus vendors are racing to add new protection features to try to keep their protection levels up.
But new features need even more CPU and RAM resources, which reduces performance and usability to even more unacceptable levels. The torrent of new malware is also forcing antivirus vendors to continually update their signature/protection files, with more than 5MB of updates per day being commonplace.
The underlying problem is that even with all these "advances", not all new malware exploits are detected, and machines are becoming infected. Simply put, protection using traditional malware detection techniques is no longer adequate. So many unknown infections are being distributed by cybercriminals that everyone is at risk.
Recent global research by Webroot®* revealed that 83 percent of enterprises were infected with some form of malware in the past 12 months, and other independent surveys show similar and even higher infection levels.
A new malware protection approach is desperately needed. The Webroot® Intelligence Network (WIN™) is the key component of a revolutionary approach to next-generation malware protection. When WIN® is combined with Webroot’s ultra-efficient endpoint agent-Webroot SecureAnywhere® - the resulting solution ensures that both known and unknown infections are removed before they do harm.
The Webroot Intelligence Network integrates billions of pieces of information from multiple sources—including data from customers, test laboratories, and intelligence shared between security vendors–to create the world's largest malware detection net.
WIN incorporates Webroot’s patented fourth-generation Phileas® malicious code identification system, as well as ENZO, our threat-processing system for categorizing every software file with intimate knowledge of more than 125 million executables, including their behavioral characteristics. WIN also uses systems that let us instantly categorize files and their interactions with other files. It uses our Webroot IP Reputation Service to track every malicious IP address on the Internet and provide accurate content classification, threat reputation, and threat vector data. These systems, along with another 50+ terabytes of threat data, ensure that the Webroot Intelligence Network is always up to date and ready to detect any new malware infections.
WIN uses the Internet to connect with Webroot SecureAnywhere® – Endpoint Protection through a secure firewall connection. It identifies and learns about everything installed on a user’s endpoint, and then classifies the files as Good, Bad, or Unknown. During the short "learning" phase, Webroot inventories everything on the user's machine, while automatically stopping bad activities and removing malware.
From the point when Webroot SecureAnywhere – Endpoint Protection is installed, all suspicious processes are closely monitored, analyzed, and resolved in real time through WIN. Its vast intelligence net keeps Webroot users safe from both known and completely new and unknown infections. Even when Webroot SecureAnywhere – Endpoint Protection is not connected to the Internet, it is able to function, detect malware, and take the appropriate steps to stop infections.
No approach to stopping and protecting machines from infection is perfect, however, and false positive mistakes are possible. Webroot SecureAnywhere – Endpoint Protection and WIN minimize these inaccuracies, even allowing a change to be reversed should files be incorrectly categorized.
By combining the hugely powerful cloud interrogation of WIN with a completely new endpoint, Webroot SecureAnywhere – Endpoint Protection is able to stop infections without requiring lots of signature updates. WIN harnesses the collective community of Webroot customers to continuously refine file categorizations, even for low-level and unique malware that normally remains undetected by traditional AV methods.
This capability ensures that all Webroot endpoints are always protected against malware, including viruses, worms, Trojans, spyware, adware, bots, rootkits, and unique zero-day threats.
With its advanced heuristics and behavior-based interception analyzing all files and potential threats in real time, WIN ensures that every user’s window of vulnerability–the time between when a threat emerges and when users are protected –is minimized. And most important, it is this high level of protection against "unknown" malware that makes Webroot SecureAnywhere – Endpoint Protection and WIN so powerful when compared with every other solution.
Other vendors have invested in threat intelligence networks, but they are used as bolt-on supplements to their traditional antivirus solutions. None of these systems delivers or offers the breadth of in-depth capabilities offered by WIN. WIN is purpose architected to be an integral part of the Webroot SecureAnywhere® – Endpoint Protection solution.
When comparing Webroot with competitors’ solutions, the differences and advantages of Webroot’s revolutionary new approach to infection protection quickly become clear:
Download a free trial, or request a demonstration of Webroot SecureAnywhere – Endpoint Protection and its intuitive web-based security policy management console at www.webroot.com