The explosion of cyber-attacks is at such high levels that traditional antivirus approaches are futile. The daily flood of new threats is forcing traditional security vendors to continually update their signature/protection files, which are reactive by nature. They quickly become outdated and ineffective against the short-lived, targeted, stealth attacks that are the hallmark of today's cybercriminal organizations.
The Webroot Intelligence Network (WIN) was purpose-built as a revolutionary approach to next-generation threat protection. WIN integrates billions of pieces of information from millions of sensors to create the world's largest malware detection net. The next-generation threat intelligence produced by WIN is available to Webroot partners through Webroot BrightCloud® Security Services for proactive protection for their customers against both known and never-before-seen attacks.
The Webroot Intelligence Network is not just a cloud-based data repository – it's the most powerful, real-time threat analysis engine of its kind. The massive data processing capacity, coupled with our proprietary implementation of the most advanced machine learning technology available and a powerful contextual analysis engine, has enabled Webroot to accurately classify and score unsurpassed numbers of URLs, IPs, files and mobile apps to keep ahead of exponential proliferation of threats facing your customers.
A key differentiator for Webroot is our industry-unique approach to machine learning. Most security vendors today use either Bayesian Networks or Support Vector Machine (SVM) models to populate work queues for human analysis, which aren't scalable or even particularly accurate. Webroot uses Maximum Entropy Discrimination (MED) for highly accurate and scalable web threat analysis. Here is a brief explanation to outline the differences in complexity of the three machine learning technologies used within the security industry, and the level of accuracy associated with each one.
Through MED, the Webroot Intelligence Network can currently classify 2,500+ URLs per second at an error rate of less than 2% (versus an average human error rate of 5-15%).
Webroot utilizes global teams of multilingual web analysts to analyze the relatively small number of websites where machine learning technology cannot achieve a high enough degree of determination confidence. Human analysts evaluate these corner cases and then feed each of them back into the machine learning model to further improve it, continuously improving accuracy.
WIN also leverages a powerful contextual analysis engine that takes previously disparate data feeds and correlates it for deep insight into the landscape of interconnected URLs, IPs, files, and mobile apps. Mapping the relationships between these different data points enables Webroot to provide partners with highly accurate and dynamic intelligence that is always up to date, with virtually no false positives.
For example, a seemingly benign IP may not show up as a risk on other vendors IP reputation lists, but because that IP has been tied to other known malicious URLs, IPs, files and/or mobile apps by our contextual analysis engine, the BrightCloud IP Reputation Score is influenced via this correlated intelligence, keeping your customers safe from what could be a never-before-seen attack.
To-date, the Webroot Intelligence Network includes:
By combining contextual intelligence and behavioral analysis to overcome the pace of malware innovation, the next generation of threats is rendered obsolete the moment a cyber-attack appears on a WIN connected network or device. Webroot partners keep ahead of the growing volume and sophistication of threats by accessing highly accurate and actionable intelligence through BrightCloud Security Services in real time. Because the Webroot Intelligence Network leverages powerful cloud-based analysis and doesn't rely on stagnant signature files: