The explosion of malware is at such high levels that traditional antivirus approaches are futile. The daily flood of new malware is forcing antivirus vendors to continually update their signature/protection files, which are reactive by nature, quickly becoming outdated and ineffective against the short-lived, targeted, stealth attacks that are the hallmark of today's cybercriminal organizations.
The Webroot Intelligence Network (WIN) was purpose-built as a revolutionary approach to next-generation threat protection. WIN integrates billions of pieces of information from tens of millions of sensors to create the world's largest malware detection net. The next-generation threat intelligence produced by WIN is available to Webroot partners through Webroot BrightCloud® Security Services for proactive protection for their customers against both known and never-before-seen attacks.
The Webroot Intelligence Network is not just a cloud-based data repository – it's the most powerful, real-time threat analysis engine of its kind. The massive data processing capacity, coupled with our proprietary implementation of the most advanced machine learning technology available, has enabled Webroot to accurately classify billions of web pages and keep ahead of exponential malware proliferation.
Most security vendors today use either Bayesian Networks or Support Vector Machine (SVM) models to populate work queues for human analysis, which aren't scalable or even particularly accurate. Webroot uses Maximum Entropy Discrimination (MED) for highly accurate and scalable web threat analysis. Here is a brief explanation to outline the differences in complexity of the three machine learning technologies used within the security industry, and the level of accuracy associated with each one.
Through MED, the Webroot Intelligence Network can currently classify 2,500+ URLs per second at an error rate of less than 2% (versus an average human error rate of 5-15%). In addition, WIN has the capacity to classify websites twice as quickly as they are created on average.
Webroot utilizes global teams of multilingual web analysts to analyze the relatively small number of websites where machine learning technology cannot achieve a high enough degree of determination confidence. Human analysts evaluate these corner cases and then feed each of them back into the machine learning model to further improve it, continuously improving accuracy.
Because the Webroot Intelligence Network is cloud-based, and doesn't rely on stagnant signature files:
The Webroot Intelligence Network includes:
By combining contextual intelligence and behavioral analysis to overcome the pace of malware innovation, the next generation of threats is rendered obsolete the moment a cyber-attack appears on a WIN connected network or device. Webroot partners keep ahead of the growing volume and sophistication of threats by accessing highly accurate and actionable intelligence through BrightCloud Security Services in real time.