Webroot Security Suite Offers Cloud-Based Detection

Fahmida Y Rashid eWEEK USA 2014. Ziff Davis Enterprise Inc. All Rights Reserved.,

Webroot has rewritten its security suite adding cloud-based features to analyse malware in real-time

In an effort to protect users across multiple machines and mobile devices, Webroot has revamped its entire security suite. All PCs, and mobile devices including tablets and smartphones can be protected using a single Web interface and installing lightweight agents on each device, Webroot said.

The appearance of advanced malware and online threats means users cannot just install and regularly update a security product on the PC and expect to be protected. Users are doing more online, using multiple devices and connecting with other users on various social platforms. The security protection needs to expand to include the entire ecosystem the user interacts with, according to Webroot.

“To beat cybercrime today, it’s all about speed,” said Mike Malloy, executive vice president of products and strategy.

Rethinking Security

Webroot overhauled its security suite, which includes Webroot SecureAnywhere Antivirus, Webroot SecureAnywhere Essentials, and Webroot SecureAnywhere Complete. The changes are not just cosmetic, as the company rewrote the software from the ground up and packed in new cloud-based features and included mobile apps for users on the go.

Webroot incorporated technology that came with recent acquisitions into the revamped suite. Technology from Usable Security that handled identity management and password management are now in SecureAnywhere Complete. Domain and IP address classification, reputation and scoring capabilities from BrightCloud are part of the suite.

The core of SecureAnywhere is based on the technology acquired from UK company Prevx in November, 2010. Most of Webroot’s password services have been licensed from the password management experts at LastPass.

Webroot decided the best way to keep users safe was to take advantage of the world’s largest collection of malware, Malloy told eWEEK. There was no need for the security program to bring down the entire virus database and store it locally on the user machine. The client could be “ultra-small” and connect to the database remotely when needed, according to Malloy.

The security software installed on the protected device analyses the file that it has detected and sends a hash of the file to the cloud service, Malloy said. The cloud service takes the hash and compares it against its database and if it is recognised as safe, the “all-clear” is sent back to the software to indicate it is not malicious. If the cloud service does not recognise the file, it sandboxes the file sample and unpacks or executes it. Based on the observed behaviour, the cloud service then either flags the file sample as either recognised or malicious, Malloy said.

If It Runs, Check It

Webroot designed the software to analyse every file that ever tries to run on the computer or mobile device. Recognised files, such as operating system files, will be easily detected and flagged as safe. But because it analyses each file’s hash, if the malware is masquerading as an operating system executable or a DLL file, the scanner would not be fooled because the hash would be different, according to Malloy.

Once the file has been analysed, the description and the new hash is stored in the cloud and the next time one of the Webroot-protected systems come across this file, the database can skip the second layer of analysis.

“Real-time protection against malicious URLs and web domains changes the game; we’re warning users and IT administrators about a malicious site before anyone using our service can connect with it and every second counts,” Malloy said.

The suite can range from basic malware protection for one PC to protecting up to three PCs and three mobile devices. Webroot SecureAnywhere Essentials costs £39.95 and offers 2GB of online storage, file shredder, firewall and browsing tracks wiper. The basic Webroot SecureAnywhere Antivirus is priced at £24.95 and offers a malware scanner, prevents browsers from loading harmful Web sites and locks down settings so that malware cannot change them.

The premium version, Webroot SecureAnywhere Complete, retails for £49.95 and offers 10GB of online storage, password synchronisation capabilities, Android and iOS apps to manage mobile devices, the ability to sync between mobile systems and desktop computers, a password generator, online shopping and banking protection, and automatic log-in.