Helping Your Customers Go Beyond Signature-Based Security

Your clients face a barrage of security threats every day.

Unfortunately, many of them are probably using legacy, signature-based endpoint security systems. Those products struggle to keep up with the rapid evolution of malware and the increasingly ingenuity of attacks. They have become ineffective in today’s cybersecurity environment. Consider the following:

  • Market research firm IDC reported in 2012 that “signature-based tools … are only effective against 30-50 percent of the current security threats.”
  • Gartner weighed in on the topic, describing signature-based malware detection as “limping along on life support.”
  • In a white paper, Symantec referred to signature-based approaches as “useless in encounters with new malware.”
  • In a May 2013 CIO magazine article, Simon Hunt, CTO of endpoint solutions at McAfee, stated “We are seeing about 150,000 new pieces of malware every day… we’re purely on the defensive.”

Tellingly, the CIO article ran under the following headline, “Signature-Based Endpoint Security on Its Way Out.” That’s a sobering declaration and one that may unnerve your customers. But MSPs and Resellers can provide their clients with an alternative to signature-based security. Webroot® SecureAnywhere® cloud-based endpoint security technology addresses the weaknesses found in archaic, signature-based solutions.

Here’s how it works:

Conventional antivirus and anti-malware products rely on signature databases that reside on each client device. The client-constrained signature database is inherently limited. Webroot SecureAnywhere, in contrast, employs the Webroot Intelligence Network (WIN), which exists in the cloud. WIN serves as a vast malware detection net, pulling in billions of pieces of information including data from customers, test laboratories and security vendors that cooperatively share intelligence.

Customers install the Webroot SecureAnywhere client on the devices they want to protect. From the point when Webroot SecureAnywhere – Endpoint Protection is installed, all suspicious processes are closely monitored, analyzed, and resolved in real time through WIN. Since threat intelligence and malware detection lives in the cloud, the Webroot client is extremely lightweight (less than 1 MB).

In another departure from conventional products, Webroot uses predictive intelligence to monitor the behaviors of applications and executables running on customers’ systems. When the Webroot client software detects questionable behavior, it queries WIN to determine whether the behavior has been previously observed. If the behavior hasn’t been encountered before, Webroot taps a range of heuristics that search for particular attributes characteristic of malicious activity.

If Webroot and its heuristics capability can’t definitively label an activity as malicious, the solution lets the questionable software run in a “sandbox” — a type of secure virtual machine. Webroot monitors the executable’s behavior in the sandbox and will capture the hash value for that file and upload it to WIN.

If an infection occurs on a Webroot-protected device, the process of virus removal is faster and easier compared with conventional endpoint security software. SecureAnywhere Business Endpoint Protection, for example, uses rollback remediation to undo every action a malicious piece of software executed. The device is returned to its prior state. For additional detail, please consult the new Webroot white paper, Lowering MSP TCO for Endpoint Security Solutions

MSP Benefits

While clients benefit from Webroot’s security approach, so do MSPs. Webroot SecureAnywhere offers a less labor-intensive alternative to traditional antivirus products that rely on desk-side support for troubleshooting. The rollback process, for instance, can be handled remotely so an MSP can support its customers without dispatching a technician onsite. The rollback remediation saves MSPs the cost of a truck roll, while freeing technicians to focus on more profitable activities.

Overall, Webroot lets MSPs offer endpoint security solutions on a more cost effective and profitable basis. Webroot’s cloud approach eliminates the cost of deploying and maintaining hardware at the customer’s site. The technology also offers MSPs the advantage of efficient, Web-based management.

Learn more about Webroot’s MSP Partner Program!

This guest blog post was contributed by Webroot. Webroot is a Gold sponsor of Kaseya Connect; visit them in our Sponsor Pavilion.

Doctor typing on keyboard

Is Your Healthcare Organization Prepared for Windows 7 End of Life?

According to a report by Forescout, “About 71 percent of medical devices will be running unsupported Windows operating systems (OS)Read More

Laptop with Windows 8 on screen

It’s Time to Get Started on Windows 7 End of Life Migrations

This January, Microsoft will discontinue all support for Windows 7 and Windows Server 2008, including any type of security patches.Read More

Zero Gravity in Office

Secure Your World – Right the Upside Down

The IT Upside Down can be a terrifying place to be in. Dealing with Demogorgon-sized security breaches and Mind Flayer layeredRead More

How MSPs can use Integrated Cybersecurity Solutions to Grow Profits

Back in the early days of managed cybersecurity services, MSPs only needed to offer things like endpoint protection and firewallRead More

Connect IT Asia-Pacific - Don't Miss the Premier IT Management Event of the Year - Join Us in Sydney 1-3 October 2019 - Register Now