Helping Your Customers Go Beyond Signature-Based Security

Your clients face a barrage of security threats every day.

Unfortunately, many of them are probably using legacy, signature-based endpoint security systems. Those products struggle to keep up with the rapid evolution of malware and the increasingly ingenuity of attacks. They have become ineffective in today’s cybersecurity environment. Consider the following:

  • Market research firm IDC reported in 2012 that “signature-based tools … are only effective against 30-50 percent of the current security threats.”
  • Gartner weighed in on the topic, describing signature-based malware detection as “limping along on life support.”
  • In a white paper, Symantec referred to signature-based approaches as “useless in encounters with new malware.”
  • In a May 2013 CIO magazine article, Simon Hunt, CTO of endpoint solutions at McAfee, stated “We are seeing about 150,000 new pieces of malware every day… we’re purely on the defensive.”

Tellingly, the CIO article ran under the following headline, “Signature-Based Endpoint Security on Its Way Out.” That’s a sobering declaration and one that may unnerve your customers. But MSPs and Resellers can provide their clients with an alternative to signature-based security. Webroot® SecureAnywhere® cloud-based endpoint security technology addresses the weaknesses found in archaic, signature-based solutions.

Here’s how it works:

Conventional antivirus and anti-malware products rely on signature databases that reside on each client device. The client-constrained signature database is inherently limited. Webroot SecureAnywhere, in contrast, employs the Webroot Intelligence Network (WIN), which exists in the cloud. WIN serves as a vast malware detection net, pulling in billions of pieces of information including data from customers, test laboratories and security vendors that cooperatively share intelligence.

Customers install the Webroot SecureAnywhere client on the devices they want to protect. From the point when Webroot SecureAnywhere – Endpoint Protection is installed, all suspicious processes are closely monitored, analyzed, and resolved in real time through WIN. Since threat intelligence and malware detection lives in the cloud, the Webroot client is extremely lightweight (less than 1 MB).

In another departure from conventional products, Webroot uses predictive intelligence to monitor the behaviors of applications and executables running on customers’ systems. When the Webroot client software detects questionable behavior, it queries WIN to determine whether the behavior has been previously observed. If the behavior hasn’t been encountered before, Webroot taps a range of heuristics that search for particular attributes characteristic of malicious activity.

If Webroot and its heuristics capability can’t definitively label an activity as malicious, the solution lets the questionable software run in a “sandbox” — a type of secure virtual machine. Webroot monitors the executable’s behavior in the sandbox and will capture the hash value for that file and upload it to WIN.

If an infection occurs on a Webroot-protected device, the process of virus removal is faster and easier compared with conventional endpoint security software. SecureAnywhere Business Endpoint Protection, for example, uses rollback remediation to undo every action a malicious piece of software executed. The device is returned to its prior state. For additional detail, please consult the new Webroot white paper, Lowering MSP TCO for Endpoint Security Solutions

MSP Benefits

While clients benefit from Webroot’s security approach, so do MSPs. Webroot SecureAnywhere offers a less labor-intensive alternative to traditional antivirus products that rely on desk-side support for troubleshooting. The rollback process, for instance, can be handled remotely so an MSP can support its customers without dispatching a technician onsite. The rollback remediation saves MSPs the cost of a truck roll, while freeing technicians to focus on more profitable activities.

Overall, Webroot lets MSPs offer endpoint security solutions on a more cost effective and profitable basis. Webroot’s cloud approach eliminates the cost of deploying and maintaining hardware at the customer’s site. The technology also offers MSPs the advantage of efficient, Web-based management.

Learn more about Webroot’s MSP Partner Program!

This guest blog post was contributed by Webroot. Webroot is a Gold sponsor of Kaseya Connect; visit them in our Sponsor Pavilion.

Scare Up New Business: Make Your Customers Afraid of the Dark

The Dark Web is the seamy underbelly of the internet. It is where bad actors lurk and do business withRead More

Bluekeep patch vulnerability

NSA Urges Legacy Windows Users to Patch BlueKeep Vulnerability

The National Security Agency (NSA) has jumped into the fray recently with an advisory urging Microsoft Windows administrators and usersRead More

ABC Financial

ABC Financial Wins the 2019 Techie Awards for IT Department and IT Admin of the Year!

At the Connect IT Global conference in Las Vegas, Kaseya announced the winners of the 2019 Techie Awards. Among theRead More

Woman using mouse on computer

Introducing Kaseya VSA’s 1-Click Access

As mentioned in our previous blog, Going Beyond Passwords for Better Security, technicians need a more effective way to accessRead More

Connect IT Asia-Pacific - Don't Miss the Premier IT Management Event of the Year - Join Us in Sydney 1-3 October 2019 - Register Now