Webroot, the market leader in endpoint security, network security, and threat intelligence, announced its BrightCloud® Streaming Malware Detection platform is now available for integration by network infrastructure and security appliance providers. This innovative new technology uses advanced fifth-generation machine learning to detect malicious files at the network perimeter while in transit, enhancing the ability of network and security solutions to detect and block both known and never-before-seen malware.
Webroot drew upon more than ten years of machine learning expertise to create BrightCloud® Streaming Malware Detection, which is able to identify more than 90 percent of zero-day, polymorphic, and traditional malware within milliseconds.
- The solution detects up to 42 percent more zero-day malware than other antivirus programs, and detects them up to 25 days sooner, reducing the risk of zero-day malware infiltration
- BrightCloud® Streaming Malware Detection is able to make determinations in milliseconds—up to 40 times faster than signature-based solutions—by processing roughly 17 files per second, per thread with the ability to run multiple threads. For example, it can process more than 10,000 files in one minute using 10 threads.
- It’s highly accurate and can be tuned to minimize false positives based on risk tolerance.
- BrightCloud® Streaming Malware Detection optimizes network bandwidth and usage of existing security infrastructure by working upstream from slower sandboxing and signature-based antivirus technology.
- The solution utilizes advanced machine learning production models to make local, on-device file determinations, improving speed and accuracy. The model is updated daily to stay ahead of the latest threats.
- BrightCloud® Streaming Malware Detection successfully detected the May 2017 WannaCry ransomware variants with 94 percent accuracy 12 days before other major antivirus vendors could properly flag it as malicious.
Malware Remains Key Security Concern:
- More than 85 percent of malware infections occur via web browsing, according to Webroot’s June 2017 Quarterly Threat Trends report. Basic internet use is a high-risk activity for every organization, regardless of size or sector, underlining the importance of stopping malware before it reaches the network.
- While the frequency of malware has remained steady, the number of individual malware or potentially unwanted application (PUA) variants has increased at least 15 percent each year.
- From October 2016 to March 2017, more than 95 percent of new malware and PUA files were only observed on a single PC, according to the Quarterly Threat Trends report. Approximately 0.4 percent of new malware and PUA files were seen on more than 10 PCs. This emphasizes how unique malware and PUA files are today.
- According to the Quarterly Threat Trends report, more than 60 percent of companies have been affected by ransomware, with the financial and retail sectors having been hit the hardest.
Use Cases – BrightCloud® Streaming Malware Detection integrates seamlessly with Webroot technology partners’ network and perimeter security devices including:
- Next-Generation Firewalls (NGFW)
- Network Intrusion Detection Systems (IDS)
- Network Intrusion Prevention Systems (IPS)
- Web Gateways
- Unified Threat Management (UTM) devices
- Web Proxies
- Network Sandboxes
- Online File Share and Sync solutions
Hal Lonas, Chief Technology Officer, Webroot
“Every week we discover new malware variants wreaking havoc around the globe. Businesses need the ability to stop malware and PUAs in real-time at the network perimeter, before the malicious files can spread throughout a network. BrightCloud® Streaming Malware Detection adds yet another tool to help our technology partners quickly and accurately detect threats at the network perimeter, which can stop the next WannaCry from even entering their customers’ networks.”