Channel, Networking

Webroot 2016 Threat Brief: Understand Your Adversary

Webroot CTO Hal Lonas
Hal Lonas

With the arrival of the latest Webroot Threat Brief, MSPs will see confirmation of what many among their number have already experienced in today’s security environment: “2015 was yet another record year for cybercrime, during which more malware, malicious IPs, websites, and mobile apps were discovered than in any previous year," according to Hal Lonas, chief technology officer at Webroot. "It comes as no surprise that the cybercrime ecosystem continues to thrive, given new innovations and little in the way of risk for those who choose to participate.”

In fact, the threat landscape has become so toxic that some MSPs might feel delivering comprehensive protection to their clients has become unachievable. As Lonas observes, “The continued onslaught of hacks, breaches, and social engineering scams targeting individuals, businesses, and government agencies alike has caused many in the security field to ask if it’s truly possible to defend against a persistent attacker.”

Fortunately, the recently-released Webroot 2016 Threat Brief explains why highly effective endpoint protection is still a feasible goal, and more significantly, the steps required to make that goal a reality.

Preemptive Threat Intelligence is Key

Lonas underscores the importance of understanding your adversary and the techniques they employ for their attacks. For example, Webroot uses this insight to better identify attacks as they occur, while also neutralizing new threats by restricting access to the systems and networks they are trying to infect. The cornerstone of this approach is in leveraging preemptive threat intelligence derived from systems that collect, analyze, and classify data, and then disseminate it to the endpoints and network appliances under protection.

Utilizing this model, Webroot is able to provide up-to-the-second, highly accurate intelligence that can outpace the speed of cybercrime. That intelligence is then used to deliver automatic, real-time protection to millions of users around the world. What’s more, that protection continues to grow in breadth and efficacy as new endpoints are added and more data is collected.

The central mechanism underpinning this methodology is the Webroot Threat Intelligence Platform, a big data security architecture that acts as the backbone for all Webroot endpoint solutions and threat intelligence services. Purpose-built as a revolutionary approach to next-generation threat protection, this platform integrates billions of pieces of information from millions of real-world endpoints, globally distributed active and passive sensors, validated third-party databases, and leading security partners to create the world’s largest threat detection net.

The massive data processing capacity used in
this platform, coupled with Webroot’s proprietary implementation of the most advanced machine learning and contextual analysis available has enabled the Webroot Threat Intelligence Platform to:

  • Accurately monitor the entire IPv4 space and in-use IPv6 addresses, to continuously update a dynamic list of approximately 12 million malicious IP addresses at any given time
  • Classify and score billions of URLs and detect phishing sites in real time
  • Analyze behaviors to classify over one million new files a day as seen across millions of Webroot customer endpoints
  • Assess the risk of millions of mobile apps, including over 12 million new and updated apps in 2015

More to Come

The Webroot 2016 Threat Brief also contains in-depth analyses of polymorphic malware and potentially unwanted applications (PUAs), patterns of IP addresses associated with malicious activity, the value of classifying URLs and judging their reputations, and more. We’ll be covering those topics and more in upcoming posts so stay tuned!

Want to find out if Webroot has what it takes to protect your customers? See for yourself with a no-risk FREE trial. You don’t even have to uninstall existing security.

Want to learn more about how Webroot partners with MSPs to delight customers, lower costs, and boost profits? Learn more.

Webroot offers cloud-based, real-time internet threat detection solutions for MSPs and their customers. Read all Webroot guest blogs here.