Transcription
Webroot SecureAnywhere SolutionsSecurity without compromiseThe Enterprise Security Perimeter has Changed DramaticallyWebroot protects the three vectors of vulnerability that all customers must be sure to secure.Corporate NetworkTraditional EndpointsMobile EndpointsWebroot Intelligence NetworkcaptureanalyzeContextual databaseCommon Technology PlatformCommon Technology Platformclassifypublishinternet1 Thursday, October 02, 2014 Webroot Inc. Proprietary and Confidential Informationfilemobile
Endpoint Security2 Thursday, October 02, 2014 Webroot Inc. Proprietary and Confidential Information
What’s wrong with today’s AVs? Micro release cycles overwhelm and defeat signaturebased detection technologies– Signatures require samples for analysis– Most malware variants target less than 50 PCs APTs pare very carefully crafted and executed– Leveraging zero-day exploits– Using custom built tools and backdoors for the attack Spear-phishing is extremely effective– On average only 12 phishing emails needed forgreater than 95% chance of compromise success Signature-based AVs lack visibility across the breadthof threats to be effective– 62% of breaches go unidentified for months– Platform-specific solutions provide inconsistent levels ofprotection– All are slow to react to new/unknown threatsSource: AV-Test.org March 20143 Thursday, October 02, 2014 Webroot Inc. Proprietary and Confidential Information
What are the common problems with endpoint security?Support &RemediationBad GuysMulti LayerHigher WallsSignatureProtection(Bigger Clients)Good Guys(You) Attacks are professional, targeted, smart, fast and persistentExisting signature-based AV is bulky, hogs system resources and only partly effectiveNew protection layers to combat ineffectiveness are prone to causing conflicts and areoften difficult to manage Remediation is ineffective Support and is painfully slow, time-consuming and generally unresponsive Even with 100% test result AV endpoints are still getting infected!REALITY CHECK - ARE ANY ENDPOINT AV SOLUTIONS DELIVERING?4 Thursday, October 02, 2014 Webroot Inc. Proprietary and Confidential Information
Next generation endpoint infection prevention 5 Deploys and protects in 5 secondsNo conflicts - installs alongside existing securityLightning fast scans – never slow endpoints downAlways up-to-date security -- zero definition updates neededProtection at point of infection -- not traditional point of detectionReal-time security intelligence assessment of unknown files and processesAutomated monitoring/roll-back/remediation for highest efficacyNo on-site management hardware/software to operate or maintainFull remote user/endpoint management via cloud-based management consoleOffline mode prevents infections from removable media (CD/DVD, USB, etc.)Thursday, October 02, 2014 Webroot Inc. Proprietary and Confidential Information
Webroot SecureAnywhere : How It Works - GoodCloud Predictive IntelligenceGOODNew FileHas WIN seenthis file before?Workstation protectedby WebrootFile HashesExecute6 Thursday, October 02, 2014 Webroot Inc. Proprietary and Confidential InformationYes!GOOD
Webroot SecureAnywhere : How It Works - BadCloud Predictive IntelligenceBADNew FileHas WIN seenthis file before?Workstation protectedby WebrootFile HashesBlock7 Thursday, October 02, 2014 Webroot Inc. Proprietary and Confidential InformationYes!BAD
Webroot SecureAnywhere : How It Works - UnknownCloud Predictive IntelligenceUNKNOWNHas WIN seenthis file before?New FileFile HashesWorkstation protectedby WebrootNoUNKNOWNPseudoexecutionon localmachine.Analyzescategories ofbehaviorsEmulationHas WIN seenthis behavior before?Behavioral Analysis& CategoriesYes!BADBlocked8 Thursday, October 02, 2014 Webroot Inc. Proprietary and Confidential Information
The paradigm shift to collective cloud-based intelligenceHighly effective infection prevention Cloud-hosted security intelligence- As new threats are identified ALL users protected in real time Platform agnostic security framework- PC, Mobile, Mac, and Web – ALL draw from one pool of real-timesecurity intelligence User-sourced big data analytics- Endpoints act as the eyes and ears of the intelligence networkensuring targeted attacks and micro variants are discovered- Leverage popularity to expose and rapidly identify new threats Mitigation strategy for missed infections- Browser and user session security- Heuristics to proactively block malicious behaviors- Smart outbound firewall- Journaled system changes for auto-remediation9 Thursday, October 02, 2014 Webroot Inc. Proprietary and Confidential Information
Webroot Intelligence NetworkThe most powerful real-time threat analysis engine in the worldSemi-open proxy farms; exploithoneypots; naïve user simulation etc.Webroot Intelligence NetworkFORcaptureBrightCloud Security Services APIInternetSensor NetworkanalyzeGlobal ThreatDatabases150TB and growing daily of actionablethreat datacontextual databaseSecurityPartnersVeliq, PaloAlto, SourceFire, SOTI, Cisco,NEC, Microsoft, eCustomers plus Partners provide sensorintelligence from 30 million endpointsinternetfilemobileContent/URL ClassificationWeb ReputationIP ReputationReal-Time Anti-PhishingFile ReputationMobile App Reputation1. Input2. Cloud3. Big Data4. Services5. LoopMillions of customer &partner nodes act asGlobal Internet sensornetworkInfinitely scalable &geo-redundantAdvanced cloudarchitectureAutomated machinelearning & 150TB of constantly addedthreat dataPowered by WIN cloudsecurity serviceportfolioBroad market coverageReal-time feedbackloop CollectiveIntelligence growsmore effective10 Thursday, October 02, 2014 Webroot Inc. Proprietary and Confidential Information
Webroot Intelligence Network Stats13 Billion URLs4 Billion file behavior records740 Million IP addresses460 Million domains8.3 Million mobile applications8 Million sensors11 Thursday, October 02, 2014 Webroot Inc. Proprietary and Confidential Information
ValidationAs Endpoints Continue To Be Added, Support Issues Decline!Overall MessagesMessages AnsweredMessages Dismissed12 Thursday, October 02, 2014 Webroot Inc. Proprietary and Confidential Information
Revolutionary System PerformanceProduct NameWebroot SecureAnywhere Business - Endpoint ProtectionESET NOD32 Antivirus BusinessMicrosoft Security Center Endpoint ProtectionSymantec Endpoint Protection Small Business EditionKaspersky Endpoint SecuritySophos End User Protection – BusinessMcAfee Complete Endpoint Protection – BusinessTrend Micro Worry Free Business Security StandardOverall ScoreAs %out of 104977069675551484793%67%66%64%53%49%46%45% WebrootSecureAnywhere solutions remove theperformance shackles oflegacy AVs January 2014 - PassMarkSoftware scores Webroot97 out of 104 The highest ranking ever! Objective tests of key performance metrics Higher is better True like-for-like benchmark on how a solution impacts systemperformance Measures impact of common usage of AV software on a daily basisPassMark is taken into consideration in Gartner Magic Quadrants.Webroot SecureAnywhere Business Endpoint Protection vs. Seven Competitors (February 2014)13 Thursday, October 02, 2014 Webroot Inc. Proprietary and Confidential Information
Webroot SecureAnywhere Business - Endpoint Protectionat a glance EndpointProtectionIssuesIncreasing Risksfrom Breaches& InfectionsPoor SystemPerformanceand ProductivityToo Complexand Difficult toManageToo Much UserRisk/UncertaintyAbysmalRemediationand SupportKey features & capabilitiesExtremely fast and easy to deploy 750KB, 5 secondsNo conflict client software compatibilityDoesn’t slow endpoints or hinder productivity - 2minute full scansNo definition update collective protectionHighly effective unknown malware preventionNext generation predictive malware intelligence - Webroot Intelligence NetworkPowerful, adjustable policy-based heuristics Advanced, Age & PopularityMulti-Shield defence-Identity; Privacy; Web; Real-time; Rootkit & InfraredUnique real-time anti-phishing detection‘Smart’ automated outbound firewallJournaling; roll-back & automatic infection remediationOnline and offline protectionSimple, feature-rich web-based management consolesStandard web-based consoles for simple deploymentsGlobal Site Manager console for complex & MSP deploymentsComprehensive remote user policy enforcementPowerful remote agent commands & application overridesSystem optimizerResilient distributed cloud architectureLocal language support and remediationOptional Android & iOS support14 Thursday, October 02, 2014 Webroot Inc. Proprietary and Confidential Information mprovedManageability &ProductivitySignificantlyLower TCO
Why Webroot?15 Thursday, October 02, 2014 Webroot Inc. Proprietary and Confidential Information
We now work in a rapidly changing IT landscapeChanges that will continue to re-shape our security landscapeEmployeesTools Over 1.3b mobile workers by 2015 1.5 devices per mobile subscriber 38% of companies expect to stopproviding devices to workers by 2016 87% of employees use personaldevices at workSource: IDC 2012 Cisco VNI Update, netcraft, CIO Insight, Giga OM/GSM Association 201216 Thursday, October 02, 2014 Webroot Inc. Proprietary and Confidential InformationApplications 80% of new software sales arecloud-based 3% of legacy apps have moved tothe cloud
Technology evolution is changing & creating new threats with massive implications for the IT security landscapeThe Threat Environment HasChanged RapidlyConsumer Driving IT Roadmap Rendering Traditional“Rack & Stack” IneptFirewallNo. of Threats Over 220,000 or80 million newmalware strainsseen in 2013. Over 137 millioncyber securityattacks worldwidein 2012 87% of employeesuse personaldevices at workThe “Multi Threat” Multiple vectors Multiple stages MultipleenvironmentsOver 5 million people useBox.net without their ITdepartment approvalNature of Threats Targeted Persistent SophisticatedBad Actors Nation States Organized Crime HacktivistPeople seek externalapplications to manage emailIPS / IDSWeb FilterAnti-XUsers turn to off-networkspreadsheets to manage dataChallenges to traditional security models17 Thursday, October 02, 2014 Webroot Inc. Proprietary and Confidential Information
Transformation through innovationSignificant transition from just 3 years ago Largest Privately Held Security Company In USA 140M in Legacy, me too product salesLimited IP – lots of other vendors’ tech in our products#7 security player in marketWebroot Transformation Committed to developing, building, and owning 100% of our own IPFocused on 3 core markets – Consumer, Business, and Strategic OEM AlliancesFocused on uniquely solving the security threats & issues faced by our customersTransitioned to a common client-cloud infrastructure platform for all of our offeringsWebroot Today?18 Thursday, October 02, 2014 Webroot Inc. Proprietary and Confidential Information
The leader in cloud-based security software as a serviceInvestors - Mayfield,Accel, TechnologyCrossover VenturesFY13 Revenue 110M400 Employees#1 in Retail MarketShare in North America30 million users protectedMore customers in 1st. year offering cloud SaaS than SalesForce.comWebroot SecureAnywhere Endpoint, Mobile & Web securityWebroot BrightCloud Security ServicesWebroot BreachLogic Endpoint Agent100% Webroot IP19 Thursday, October 02, 2014 Webroot Inc. Proprietary and Confidential Information
Dramatic changes in the threat landscape High volume: 6 million new malware samples identified each monthTargeted; financially motivated, low-volume and sophisticatedState-sponsored cybercriminals, corporate espionage, hacktivismStealth data exfiltrationOver a hundred different attack vectors to choose fromZero-DayThreatsSpearPhishingHide & DelayedTrojans20 Thursday, October 02, 2014 Webroot Inc. Proprietary and Confidential InformationTypoSquattingHTTPSCommand s
The most dangerous threats - the long tail dilemma The most dangerous threats are:– Zero-hour threats– Typically associated with brand new malware or phishing sites– Aren’t around long enough or in any volume to be identified by other securitysolutions– Don’t have malware signatures, or– If malicious sites, appear and disappear within hours, staying under the radar 21 Thursday, October 02, 2014 Webroot Inc. Proprietary and Confidential Information
Traditional security approaches haven’t kept paceThe Customer Dilemma: Legacy Defenses Don’t WorkOn-Premise Solutions Cannot Dynamically Adjust to New Security ThreatsIPSFW Block IP/PortsNo visibility into exploitsApplication control Attack signature-baseddetectionShallow application analysisHigh false positivesWeb Proxy Legacy technology madeirrelevant in currentenvironmentSubstandard managementcapabilitiesWill Not Cannibalize Existing ProductsElimination of box AV Signature-baseddetection with limitedbehavior analyticsAnti-Spam Relies largely on antivirusSignature-based detection(some behavior)No true spear phishingprotectionMalicious Attacks Still Getting Through4 in 5 emails sent are malicious32% of mobile attacks steal data and someone to manage itBut threats still get in22 Thursday, October 02, 2014 Webroot Inc. Proprietary and Confidential Information1 in 3 social media links hide maliciouscontent85% of malicious sites are found onlegitimate web hosts
Webroot SecureAnywhere solutions at a glance First IT security vendor to move endpoint malware processing to the cloudto limit the performance impact on devices and users First IT security vendor to develop a fully correlated real-time securityintelligence network that protects individually as well as collectively First IT security vendor to build a disruptive SaaS threat intelligenceplatform that allows real-time protection across customers upon firstdetection First IT security vendor to apply real-time analytics-driven approach todetection and automatic remediation preventionBottom line: faster, proactive, more effective threat protection23 Thursday, October 02, 2014 Webroot Inc. Proprietary and Confidential Information
What Customers say about WebrootSome recent unsolicited customer testimonials: Great product - February 7th 2014Does the job and does it well. Support is excellent! Extremely Impressed – February 7th 2014We have used several other endpoint products over the last three years includingSymantec Endpoint Protection and Kaspersky Endpoint Security. None of them come closeto what we've seen Webroot do in its first month on our workstations. The client itself istiny and very impressive, finding infections on machines that Kaspersky reported as beingprotected. Scanning is quick and effective. There is no noticeable lag on any machinesrunning the software. The web-based management interface is slick and responsive. It'snice to be able to get into and manage all our PCs without having to first remote into ournetwork. Fast, Reliable, and Doesn't Slow PC's 6th February 2014Great product! Incredibly easy to install and manage as an Admin. Removing andreassigning licenses as computers need to be retired is a breeze also. Works well with theancient XP and on Windows 7. The previous anti-virus client we were using had its virusdefinitions expire a few years ago so there was a myriad of bad news on a good number ofour PC's; Webroot seems to have caught them all. Our network is functioning better thanit has in a long time! My favorite feature of Webroot is the notifications I can get via email.As soon as a virus is detected I am notified via email so I can run a deep scan and"counsel" the employee on safe internet usage or find out what was going on that causedthe problem.Customer Stories - YouTube24 Thursday, October 02, 2014 Webroot Inc. Proprietary and Confidential Information“Webroot scans 30times faster thanSymantec and itfound an infectionthey missed formonths”Ty SmithIT Administrator, Doris, Inc.“Our average scantime has been cutfrom 2 hours for awhole machine toapproximately45 seconds.”Sean LambertonDivisional IT ManagerGladedale Group
The leader in cloud-based security software as a service FY13 Revenue 110M 400 Employees #1 in Retail Market Share in North America More customers in 1st. year offering cloud SaaS than SalesForce.com Webroot SecureAnywhere Endpoint, Mobile & Web security Webroot BrightCloud Security Services Webroot BreachLogic Endpoint Agent 100% .
