Webroot's enterprise security products consolidate capabilities across antivirus, advanced malware detection, and threat detection and response into a single agent. This approach addresses the challenge of deploying multiple security agents and could allow Webroot to replace traditional antivirus vendors that dominate the enterprise market. Webroot's products use signatureless detection methods and integrate threat intelligence from its BrightCloud acquisition to identify malicious files. A key capability is automated endpoint remediation to undo any changes made by malicious processes. While Webroot has made progress entering the enterprise market, it still faces challenges competing with larger, more established security vendors that offer broader security suites.
BlackBerry Enterprise of Things presentation - Gartner IT ExpoBlackBerry
BlackBerry secures, connects, and mobilizes the enterprise by connecting people, devices, processes, and systems to fully realize a secure “Enterprise of Things.” BlackBerry is no longer about the smartphone, but the smart in the phone and in cars and containers, medical devices and wearables, consumer appliances and industrial machinery, and ultimately the entire enterprise. BlackBerry software secures the Enterprise of Things.
CM Research Corporate Presentation 2014CM Research
Analysing Global Trends in Technology, Media and Telecoms
Our corporate presentation explains how we help CEOs, CTOs and CIOs predict the future of technology, media and telecoms.
International Journal of Computational Engineering Research (IJCER) is dedicated to protecting personal information and will make every reasonable effort to handle collected information appropriately. All information collected, as well as related requests, will be handled as carefully and efficiently as possible in accordance with IJCER standards for integrity and objectivity.
BlackBerry Enterprise of Things presentation - Gartner IT ExpoBlackBerry
BlackBerry secures, connects, and mobilizes the enterprise by connecting people, devices, processes, and systems to fully realize a secure “Enterprise of Things.” BlackBerry is no longer about the smartphone, but the smart in the phone and in cars and containers, medical devices and wearables, consumer appliances and industrial machinery, and ultimately the entire enterprise. BlackBerry software secures the Enterprise of Things.
CM Research Corporate Presentation 2014CM Research
Analysing Global Trends in Technology, Media and Telecoms
Our corporate presentation explains how we help CEOs, CTOs and CIOs predict the future of technology, media and telecoms.
International Journal of Computational Engineering Research (IJCER) is dedicated to protecting personal information and will make every reasonable effort to handle collected information appropriately. All information collected, as well as related requests, will be handled as carefully and efficiently as possible in accordance with IJCER standards for integrity and objectivity.
Enterprise Mobility Applications: Addressing a Growing GapBlackBerry
This new report on enterprise mobility applications highlights the alarming gap between Central IT and line-of-business IT environments. Millennials in particular are showing signs of growing frustration with the devices and software tools available to support them in the workplace. Many are making their own mobility arrangements, through ‘shadow IT’, despite growing regulatory risk. The advent of the ‘Internet of Things’ will further exacerbate the situation as mobile staff seek access to real time data from their phones and tablets.
Our recent survey of over 100 financial service organizations, conducted by Forbes Insights in the UK and North America, indicates that despite current business and employee demand, enterprise mobile applications remain at a very early stage of maturity, with less than a quarter of employees eligible to access such facilities. The implications here are profound, given the need to support mobile working with appropriate tools in every sphere of corporate activity today.
Many employees complain that the only advance over the last ten years has been to ‘mobilize the laptop’. This merely emulates the traditional desktop environment outside the office. Set against this stark background of underperformance in the mobility area, Central IT appears to be preoccupied with legacy issues such as costly infrastructures and aging systems. Our survey reveals that despite having developed policies and tools to address enterprise mobility, Central IT has little visibility of what is actually going on within the lines of business or at the end user level.
Nor does it have the necessary resources currently to respond rapidly to the growing pressures for workplace mobility. External agencies appear to be stepping in to fill this gap, frequently circumventing Central IT. Mobility remains low on the Central IT agenda.
Mobile Security: Preparing for the 2017 Threat LandscapeBlackBerry
For years, security researchers and leaders have warned: “The mobile threat is coming.” Well, in 2016 it arrived in full force. Attackers are finding new, creative means of stealing user credentials and penetrating critical systems via the mobile channel. And healthcare entities—with an increasingly mobile workforce and patient population—are square in the middle of this expanding mobile threatscape, as attackers seek to capture and monetize critical healthcare data.
What are the most prevalent new threats, and what are leading organizations doing to bolster mobile security as we head into 2017?
This interview with BlackBerry VP Government Solutions Sinisha Patkovic, on Mobile Security: Preparing for the 2017 Threat Landscape, was produced for of a recent ISMG Security Executive Roundtable sponsored By BlackBerry.
In this paper, we offer our thoughts
on where we believe Cloud is going from a business perspective and why it’s relevant for your organization. Our aim is to inspire creative thinking and spark dialog. For more perspectives on Cloud and to share your thoughts, please visit http://www.cisco.com/go/cloud.
Maximising value while migrating your Oracle Estate to Microsoft Azurerun_frictionless
This white paper aims to provide organisations moving to the Microsoft Azure cloud with the necessary knowledge and business strategies to navigate these issues. It aims to explain the common misunderstandings and challenges in this area, and reassure enterprise organisations that Oracle workloads can be moved to Microsoft Azure cloud in an equivalent and cost-effective manner.
https://runfrictionless.com/b2b-white-paper-service/
Revealing the Potential and Risks From the Coming Together of IoT, AI, and C...IndianAppDevelopers
With the advancements of technology, security is at risk. In this article, we discuss how the emergence of IoT and AI impacts cloud computing vulnerability.
An annual survey of the IoT developer community that was sponsored by Eclipse IoT, AGILE IoT and IEEE IoT. The report includes developer usage of different IoT standards, technology and industry perceptions.
You don’t need to be born with super-human strength or have mutant abilities. IBM Cloud Security Enforcer can give you the powers you need to be a Cloud Security Superhero.
What matters in security - A highlighterAndre Muscat
Macro and strategic trends in digital security for leaders trying to understand and communicate what matters to be assured and secured. Master the connection between business value and cybersecurity management through a non-technical lens.
Value Journal, a monthly news journal from Redington Value Distribution, intends to update the channel on the latest vendor news and Redington Value’s Channel Initiatives.
Key stories from the December Edition:
• New Dell EMC Solutions Bring Machine and Deep Learning to Mainstream Enterprises
• Fortinet Expands Security Fabric Visibility and Protection to Industrial Internet of Things
• Profitable Partnerships - Rajesh Mathrani, General Manager -
Sales MENA & Director of Operations - Value Distribution
• Oracle: Moving to IaaS Fundamental to Remaining Competitive
• Huawei Launches VR OpenLab Industry Cooperation Plan
• Cambium Networks Announces New Wireless Broadbrand Solutions
• Malwarebytes Releases New Data on the Efficacy of Traditional AV Solutions
• Veeam Releases New Availability Console
• AWS Announces Availability of C5 Instances for Amazon EC2
• Check Point: Cryptocurrency Miming Presents New Threat to Business
Open Source Software Development by TLV PartnersRoy Leiser
Our insights about Open Source software development. Trends, leading brands and practices, success stories, important Exists, Pros and Cons and much more.
Latest Technology news Microsoft is giving every last bit of it's anything but's a $1,500 (over Rs 1.12 lakh) pandemic prize, in attestation of a problematic cash related year that the tech monster just wrapped up. As shown by the report, it's anything but's an inward update, Microsoft is gifting the pay to all staff under corporate VP level that began at the latest March 31, 2021. It will in like way review low upkeep laborers and those for hourly rates. Microsoft's standard individuals official, Kathleen Hogan, declared the blessing to specialists today, and it will apply to all guaranteed experts in both the US and in general," the report said on Thursday. Visit on VARINDIA site to know more about it https://www.varindia.com/
The idea that the Internet of Things (IoT) and the Industrial Internet of Things (IIoT) are fads is quickly fading. Today, the real challenge is how to implement a solution that can adjust to the volatility of a rapidly changing market. The round-table features how does IIoT trends help to illustrate on using a platform-based approach to address such challenges.
Enterprise Mobility Applications: Addressing a Growing GapBlackBerry
This new report on enterprise mobility applications highlights the alarming gap between Central IT and line-of-business IT environments. Millennials in particular are showing signs of growing frustration with the devices and software tools available to support them in the workplace. Many are making their own mobility arrangements, through ‘shadow IT’, despite growing regulatory risk. The advent of the ‘Internet of Things’ will further exacerbate the situation as mobile staff seek access to real time data from their phones and tablets.
Our recent survey of over 100 financial service organizations, conducted by Forbes Insights in the UK and North America, indicates that despite current business and employee demand, enterprise mobile applications remain at a very early stage of maturity, with less than a quarter of employees eligible to access such facilities. The implications here are profound, given the need to support mobile working with appropriate tools in every sphere of corporate activity today.
Many employees complain that the only advance over the last ten years has been to ‘mobilize the laptop’. This merely emulates the traditional desktop environment outside the office. Set against this stark background of underperformance in the mobility area, Central IT appears to be preoccupied with legacy issues such as costly infrastructures and aging systems. Our survey reveals that despite having developed policies and tools to address enterprise mobility, Central IT has little visibility of what is actually going on within the lines of business or at the end user level.
Nor does it have the necessary resources currently to respond rapidly to the growing pressures for workplace mobility. External agencies appear to be stepping in to fill this gap, frequently circumventing Central IT. Mobility remains low on the Central IT agenda.
Mobile Security: Preparing for the 2017 Threat LandscapeBlackBerry
For years, security researchers and leaders have warned: “The mobile threat is coming.” Well, in 2016 it arrived in full force. Attackers are finding new, creative means of stealing user credentials and penetrating critical systems via the mobile channel. And healthcare entities—with an increasingly mobile workforce and patient population—are square in the middle of this expanding mobile threatscape, as attackers seek to capture and monetize critical healthcare data.
What are the most prevalent new threats, and what are leading organizations doing to bolster mobile security as we head into 2017?
This interview with BlackBerry VP Government Solutions Sinisha Patkovic, on Mobile Security: Preparing for the 2017 Threat Landscape, was produced for of a recent ISMG Security Executive Roundtable sponsored By BlackBerry.
In this paper, we offer our thoughts
on where we believe Cloud is going from a business perspective and why it’s relevant for your organization. Our aim is to inspire creative thinking and spark dialog. For more perspectives on Cloud and to share your thoughts, please visit http://www.cisco.com/go/cloud.
Maximising value while migrating your Oracle Estate to Microsoft Azurerun_frictionless
This white paper aims to provide organisations moving to the Microsoft Azure cloud with the necessary knowledge and business strategies to navigate these issues. It aims to explain the common misunderstandings and challenges in this area, and reassure enterprise organisations that Oracle workloads can be moved to Microsoft Azure cloud in an equivalent and cost-effective manner.
https://runfrictionless.com/b2b-white-paper-service/
Revealing the Potential and Risks From the Coming Together of IoT, AI, and C...IndianAppDevelopers
With the advancements of technology, security is at risk. In this article, we discuss how the emergence of IoT and AI impacts cloud computing vulnerability.
An annual survey of the IoT developer community that was sponsored by Eclipse IoT, AGILE IoT and IEEE IoT. The report includes developer usage of different IoT standards, technology and industry perceptions.
You don’t need to be born with super-human strength or have mutant abilities. IBM Cloud Security Enforcer can give you the powers you need to be a Cloud Security Superhero.
What matters in security - A highlighterAndre Muscat
Macro and strategic trends in digital security for leaders trying to understand and communicate what matters to be assured and secured. Master the connection between business value and cybersecurity management through a non-technical lens.
Value Journal, a monthly news journal from Redington Value Distribution, intends to update the channel on the latest vendor news and Redington Value’s Channel Initiatives.
Key stories from the December Edition:
• New Dell EMC Solutions Bring Machine and Deep Learning to Mainstream Enterprises
• Fortinet Expands Security Fabric Visibility and Protection to Industrial Internet of Things
• Profitable Partnerships - Rajesh Mathrani, General Manager -
Sales MENA & Director of Operations - Value Distribution
• Oracle: Moving to IaaS Fundamental to Remaining Competitive
• Huawei Launches VR OpenLab Industry Cooperation Plan
• Cambium Networks Announces New Wireless Broadbrand Solutions
• Malwarebytes Releases New Data on the Efficacy of Traditional AV Solutions
• Veeam Releases New Availability Console
• AWS Announces Availability of C5 Instances for Amazon EC2
• Check Point: Cryptocurrency Miming Presents New Threat to Business
Open Source Software Development by TLV PartnersRoy Leiser
Our insights about Open Source software development. Trends, leading brands and practices, success stories, important Exists, Pros and Cons and much more.
Latest Technology news Microsoft is giving every last bit of it's anything but's a $1,500 (over Rs 1.12 lakh) pandemic prize, in attestation of a problematic cash related year that the tech monster just wrapped up. As shown by the report, it's anything but's an inward update, Microsoft is gifting the pay to all staff under corporate VP level that began at the latest March 31, 2021. It will in like way review low upkeep laborers and those for hourly rates. Microsoft's standard individuals official, Kathleen Hogan, declared the blessing to specialists today, and it will apply to all guaranteed experts in both the US and in general," the report said on Thursday. Visit on VARINDIA site to know more about it https://www.varindia.com/
The idea that the Internet of Things (IoT) and the Industrial Internet of Things (IIoT) are fads is quickly fading. Today, the real challenge is how to implement a solution that can adjust to the volatility of a rapidly changing market. The round-table features how does IIoT trends help to illustrate on using a platform-based approach to address such challenges.
VIPRE Business Takes a Bite out of BloatwareGFI Software
The remedy to bloatware is a better, more efficient product that is specifically engineered to scan, detect and remove myriad security threats without impacting performance and taking a big bite out of the IT capital expenditure budgets. Learn about the scope of the malware problem and strategies that can help you defend against evolving malware threats.
Value Journal, a monthly news journal from Redington Value Distribution, intends to update the channel on the latest vendor news and Redington Value’s Channel Initiatives.
Key stories from the June Edition:
• Microsoft, Dell Technologies collaborate to simplify IoT solutions delivery.
• Oracle delivers next set of autonomous cloud platform services.
• Partner profitability - Ramkumar Balakrishnan, President, Redington Value.
• Fortinet report reveals an evolution of malware to exploit cryptocurrencies.
• Dell Technologies Customer Solution Centre opens in Dubai.
• Redington Value partners with Nutanix to deliver enterprise cloud solutions.
• Huawei’s roadshow focuses on driving digital transformation.
• Veeam announces vision for the Hyper-Available Enterprise.
• Micro Focus announces agreement with Utimaco to divest Atalla portfolio.
• Red Hat launches latest version of Red Hat virtualization.
• Palo Alto Networks Announces Intent to Acquire Secdo.
• Nexthink announces integration with Splunk.
Product security by Blockchain, AI and Security CertsLabSharegroup
Three themes You need to think about Product Security — and some tips for How to Do It
I have been working with software security laboratories and IT security firms for years. I have talked with clients, read and watched dozens of articles/videos and talked with several experts about product security themes, future, technologies.
The three themes are:
Is the blockchain the new technology of trust?
Blockchain has the potential to transform industries. However, some security experts raised questions: If blockchain is broadly used in technology solutions will security standards be adopted? How to protect the cryptographic keys that allow access to the blockchain applications? Although it is true that the potential is huge such as securing IoT nodes, edge devices with authentication, improved confidentiality and data integrity, disrupting current PKI systems, reducing DDoS attacks etc.
AI (Machine Learning, Deep Learning, Reinforcement Learning algorithm) potential in Product Security
Machine learning can help in creating products that analyse threats and respond to attacks and security incidents. There are several repositories on GitHub or open-source codes by IBM available for developers. Deep learning networks are rapidly growing due to cheap cloud GPU services and after Reinforcement learning algorithm’s last success nobody knows the upper limit.
Product Security by International security standards and practices
The present, future, and developmental orientations of independent third party certificates Industry. How can the international standards answer the rapid growth of new technologies and maintain secure applications in IoT, Blockchain or AI-driven industries?
Are IT products reliable, secure and will they stay that way?
I would like to explain Product Security in a simple way. My goal is the introduction of product security for Tech startups, fast-growing Tech firms. Furthermore, I would like to emphasize the benefits of product security certification.
Top 15 AI-enabled cybersecurity companies in 2022.pdfSonaliG6
Several top cybersecurity companies are gaining traction in the fight against corporate intrusions. Various cybersecurity vendors that use artificial intelligence to defend internet-connected systems or other IoT devices exist.
How BlackBerry Brings Android Security To Your Enterprise: White PaperBlackBerry
When Android first made its way into the consumer market, no one could have predicted the impact it would have. Android was an operating system developed with a simple idea at its core: Google’s founders wanted smarter mobile devices that better served their users. Today, that simple idea has helped make Android the most popular mobile OS on the market, with a global share of 66%.
Android’s popularity can largely be traced to its sheer diversity. Almost from the beginning, it has been an open platform, and there are countless devices from countless manufacturers that users can choose between. Therein lies the problem – due to its widespread popularity, Android finds itself targeted by criminals and malware with greater frequency than any other operating system. This means that although the OS is not inherently vulnerable, any vulnerabilities that do exist tend to be exploited if they aren’t patched in a timely fashion. Moreover, because so many different vendors count themselves as players in the Android space, it’s inevitable that some will lag behind with security patching. In the meantime, their devices will remain vulnerable, even as they’re being used to handle sensitive business data.
“Nearly every organization supporting smartphones and tablets must have a strategy to support Android devices, despite some of the security challenges,” reads a recent white paper by J. Gold Associates. “As we moved to a more mobile world over the past several years, the number of potential attack points increased dramatically, and many of them consisted of user-selected and often unsecured devices as a byproduct of BYOD,” the paper continues. “The ability to secure data and prevent corporate breaches consistently ranks among the top issues both IT and general management struggle with on a regular basis. A February 2016 Ponemon Institute survey shows that 67% of companies are either certain or very likely to have had a security breach due to a mobile device.”
Slow security patching is far from the only threat facing Android within the enterprise. To grant themselves additional freedoms and run certain applications, many users choose to root their devices, stripping away core security functionality in the interest of personalization. And though measures such as Samsung KNOX and Android for Work exist to separate corporate and private data, these software solutions can be fooled by a savvy enough user.
That’s where BlackBerry comes in. Security has always been in our blood, and we’ve always made it our priority to protect both our clients and their data. That’s why we’ve made our own foray into the Android device market, bringing our full security expertise to bear.
Open Source Insight: Samba Vulnerability, Connected Car Risks, and Are You R...Black Duck by Synopsys
Open source insight into the Samba vulnerability, four risks in connected cars, and how the General Data Protection Regulation (GDPR) may impact you. Plus much more - read on.
AI Chatbots and IoT infringements are frequent fraud today; many specialists forecast that these threats are quite impactful in the future as well. Companies these days want to pick the proper firewall answer vendors to shield their reputation, data, and backside line. IT managers set firewalls to positive machine needs, making sure no statistics vulnerability. Once implemented, firewall equipment warranty that protection is monitored.
Meltdown and Spectre Haunt the World’s Computers”In early Janua.docxroushhsiu
“Meltdown and Spectre Haunt the World’s Computers”
In early January 2018, computer users all over the world were shocked to learn that nearly every computer chip manufactured in the last 20 years contained fundamental security flaws that make it possible for attackers to obtain access to data that were thought to be completely protected. Security researchers had discovered the flaws in late 2017. The flaws arise from features built into the chips that help them run faster. The vulnerability enables a malicious program to gain access to data it should never be able to see.
There are two specific variations of these flaws, called Meltdown and Spectre. Meltdown was so named because it “melts” security boundaries normally enforced by hardware. By exploiting Meltdown, an attacker can use a program running on a computer to gain access to data from all over that machine that the program shouldn’t normally be able to see, including data belonging to other programs and data to which only administrators should have access. (A system administrator is responsible for the upkeep, configuration, and reliable operation of computer systems.) Meltdown only affects specific kinds of Intel chips produced since 1995.
Spectre is not manufacturer-specific and affects nearly all modern processors. It requires more intimate knowledge of the victim program’s inner workings. Spectre’s name comes from speculative execution, in which a chip is able to start work on predicted future operations in order to work faster. In this case, the system is tricked into incorrectly anticipating application behavior. The name also suggests that Spectre will be much more difficult to neutralize. Other attacks in the same family will no doubt be discovered, and Spectre will be haunting us for some time.
With both Meltdown and Spectre, an attacker can make a program reveal some of its own data that should have been kept secret. For example, Spectre could harness JavaScript code on a website to trick a web browser into revealing user and password information. Meltdown could be exploited to view data owned by other users and also virtual servers hosted on the same hardware, which is especially dangerous for cloud computing host computers. The most worrisome aspect of Meltdown and Spectre is that security vulnerabilities are not from flawed software but from the fundamental design of hardware platforms beneath the software.
There is no evidence that Spectre and Meltdown have been exploited, but this would be difficult to detect. Moreover, the security flaws are so fundamental and widespread that they could become catastrophic, especially for cloud computing services where many users share machines. According to researchers at global security software firm McAfee, these vulnerabilities are especially attractive to malicious actors because the attack surface is so unprecedented and the impacts of leaking highly sensitive data are so harmful. According to Forester, performance of laptops, des.
Meltdown and Spectre Haunt the World’s Computers”In early Janua.docx
451 -Webroot Impact Report
1. Impact Report
Analyst: Adrian Sanabria 2 Mar, 2015
Webroot's enterprise offering stretches across three security segments that have been skirting the issue of consolidation for years. Since most
next-gen anti-malware and incident-response-savvy threat detection and response (TDR – aka ETDR or EDR) vendors hit the market earlier this
decade, one question has lurked: when will this new technology replace traditional antivirus (AV)? Deploying two or even three agents to all endpoints
– for the sole purpose of protecting them from malware and attacks – isn't practical for enterprises in the long run. However, traditional AV vendors still
enjoy 100% market penetration, and the newer players have seemed forever doomed to 'complementary' status – the enterprise equivalent of the
'friend zone.' The question hasn't been whether consolidation would occur, but when and how. The most recent versions of Webroot's products begin
to answer these questions and threaten to bust up traditional AV's monogamy with the enterprise.
The 451 Take
Webroot's willingness to go back to the drawing board on an existing, even successful product line to better compete in the future says much
about the company. Tackling the 'Innovator's Dilemma' has allowed it to compete with existing startup innovations, but with the business
acumen and existing sales/marketing reach of an established business. Webroot's enterprise push is still in its infancy, so it's still too soon to
say whether the gamble has paid off. The company has shown that it intends to keep step with, even lead, the innovation we're seeing come
out of startups in the threat detection and prevention space. The challenge for Webroot is in deciding what's next. Continue innovating and
pushing for space on the endpoint in a saturated, but largely dissatisfied market? Or follow the likes of FireEye, Palo Alto, Cisco and a
smorgasbord of startups and expand its enterprise portfolio into a more holistic threat-focused offering with features such as malware-analysis
sandboxes, network forensics and 'big data'-backed security analysis engines?
Context
Webroot started out a very different company. With roots in Boulder, Colorado in the mid-to-late '90s, Webroot was the kind of company that created
products that solved the founders' needs – not because there was a gap in a market or to fill an enterprise need. As with other similar tech companies,
the individual need translated well to the consumer market. The company was built – the first time – on products such as Window Washer, which
addressed performance and privacy issues for general PC owners. The company had all sorts of interesting free tools available for download, including
one of the first freely available TCP/UDP port scanners.
In 2002, Webroot took its first step into the anti-malware market with a consumer product called Spy Sweeper. As spyware and adware began to run
rampant (basically commercial software borrowing techniques and strategies from malware), Webroot became recognized as one of the premier
anti-spyware vendors. The success of Window Washer and Spy Sweeper resulted in the company quickly growing from tens of employees to
hundreds over the next few years.
The company's second era was marked by three events. First, it boasted an eyebrow-raising $108m series A from Accel Partners, Mayfield Fund and
Technology Crossover Ventures. Second, an undisclosed portion went to the founders, who cashed out and left the company. Finally, Webroot,
essentially under new ownership with a decidedly more corporate culture, set its sights and ambitions on the big players in the AV industry. It launched
https://451research.com/report-short?entityId=84395&tmpl=print
1 of 4 3/2/2015 10:03 AM
2. its first full AV product in 2006, followed by a consumer security suite in 2008. Truly aiming for the big leagues, Webroot hired former McAfee and
Symantec execs. After growing the company to a level that was competitive with some of the largest AV vendors in the industry, Webroot entered its
third, current and most disruptive era.
In the late 2000s, Webroot faced what Clayton Christianson referred to as the 'Innovator's Dilemma' in his book of the same name. The basic premise
is that firms are often unwilling to uproot their current models or products for fear of losing their current market and profits. Many companies never
make the transition and then slowly die off or become irrelevant. One can make a strong case that this has occurred because the advanced
anti-malware and TDR markets wouldn't exist if traditional antivirus vendors effectively challenged these threats when they became commonplace.
Webroot realized that signature-based anti-malware approaches were ineffective and decided to rebuild its products from scratch.
In response to this 'dilemma,' Webroot made two key acquisitions in 2010 – BrightCloud and Prevx. BrightCloud's content classification and Web
reputation offering was already being used in OEM relationships by many of the top AV vendors, although the VC-funded startup only employed seven
people at the time. Prevx had just reached version 3.0 of its popular consumer anti-malware offering. The technology acquired from Prevx and
BrightCloud helped Webroot start rebuilding, and the company moved to a larger facility in Broomfield, Colorado; the third era had begun.
Within the current iteration of the company, Webroot has captured a sizable footprint in the consumer market and expanded into small business and
enterprise markets. The company claims 10 million direct customers and another 27 million through OEM partnerships and integrations. While the
company has only recently targeted the enterprise, it reports 1.5 million business endpoints running its products. With 385 employees, Webroot is a
ways away from Kaspersky Lab, Sophos or Trend Micro in size, but a 20% Y/Y growth might be sufficient to catch up in just a few years' time. It is
quite a trick to position an anti-malware company to compete with the incumbents and startups in the market at the same time.
Products
SecureAnywhere, Webroot's primary endpoint product, is interesting for a number of reasons. First, the company ships the same binary compiled from
the same code to consumers and enterprises. While the licensing determines which features are enabled, the same technology, engine(s) and
techniques used at the enterprise level exist at the consumer level. Additionally, a robust management layer is necessary to manage hundreds or
thousands of endpoints at the enterprise level. Second, the product has not relied on signatures since 2011, when the company rebuilt it from the
ground up. Finally, the product introduces a feature we call automated endpoint remediation that we feel is going to be a big hit with enterprises.
The key technology that enables automated endpoint remediation is SecureAnywhere's ability to record the actions of processes on the endpoint –
functionality most commonly associated with the TDR market. Once a process is determined to be malicious, Webroot allows administrators to 'undo'
or 'roll back' any changes made by that process – including removing the malware itself. This ability to restore an endpoint to a trusted state has the
potential to save enterprises hours of labor and productivity for each infected machine they no longer have to take away from a user to reimage.
Although this puts Webroot in competition with TDR vendors (which is typically complementary with AV and other anti-malware products), the company
is more focused on addressing malware on the endpoint as a whole than competing directly in this market. SecureAnywhere's ability to span multiple
categories in the endpoint security space allows it to sidestep what we often refer to as the 'curse of complementing.' We believe enterprises become
less willing to consider endpoint-based products with each additional agent that must be deployed; call it 'agent fatigue.' Clients are available for
Windows (embedded, desktop and server), Mac, iOS and Android.
Webroot offers device-based and user-based licensing models, both as per-year or per-month subscriptions. If licensed by device, a single license will
work on up to four devices simultaneously. We imagine the average user will install Webroot's endpoint protection on a corporate-owned
laptop/desktop, personal laptop/desktop, mobile phone and perhaps a tablet for the fourth device. In a world where shorter-term subscription models
are quickly replacing long-term contracts, we feel it makes sense to license by user rather than product. Sophos uses this approach as well and reports
success with it in its target SMB market. Furthermore, as we mentioned in part one of our 2014 state of the anti-malware market series, the lack of
consumer-grade grade 'anti-APT' products is a big concern, considering that work often happens on all of a user's devices, not just the
corporate-owned ones. If the attacker understands that work bleeds over into a user's personal devices, you can be sure that we'll see attacks
targeting them.
Aside from SecureAnywhere, the company also offers BrightCloud, which retains its name from the original company Webroot acquired in 2010.
BrightCloud is a portfolio of threat-intelligence offerings, all tightly integrated into everything the company does and sells. Existing products, whether
consumer, enterprise or OEM, feed BrightCloud with threat-related data. The product gathers intelligence in traditional ways as well, with on-staff
research teams tweaking and feeding it as it autonomously crawls the Internet, analyzing, sorting and ranking what it finds as it goes. Although Web
https://451research.com/report-short?entityId=84395&tmpl=print
2 of 4 3/2/2015 10:03 AM
3. classification and reputation were the main focus when the technology was acquired, it has been enhanced to include anti-phishing capabilities, mobile
app reputation, IP reputation and, perhaps most important for SecureAnywhere, file reputation. While SecureAnywhere doesn't require signatures to
determine threats, BrightCloud integration allows it to share what it learns about files and draw on the collective intelligence from a cloud-hosted
database fed from all other endpoints. This 'hive mind' approach has been quite popular in the advanced anti-malware product market and seems an
effective approach when backed by 'signatureless' capabilities – why waste the computational effort with analysis if we already know the file to be bad?
In addition to integrating with its own products, we've noted BrightCloud as one of the most popular threat-intel feeds integrated into security products.
The identity of more than 20 partners is publicly shared. Webroot has also packaged specific BrightCloud feeds specifically for next-generation
firewalls and SIEMs (including Splunk, depending on how you categorize that vendor's products).
Competition
The question of competition for Webroot crosses three markets. In 2014, we explored the anti-malware market and separated it into three categories:
traditional; endpoint and network anti-malware protection (aka anti-APT, advanced anti-malware prevention, breach detection, etc.); and threat
detection and response. Overlap between them is increasingly common, and we predicted a lot of consolidation across all three categories in the next
few years. We stand by that prediction in early 2015, and Webroot is a unique example of the change beginning to take place in this market.
The question remains – can an incumbent like Webroot upset the relationship status of traditional AV with the enterprise? Despite the well-documented
limitations of traditional signature-based AV, the latter still enjoys 'clubby' status within the enterprise – it's 100% deployed, and many firms are loathe
to rip it out. The company is pitching the product as a fully functional anti-malware product, taking the place of a traditional AV offering and what we
might call a next-gen or advanced anti-malware prevention product. While the company might not claim to supersede the best of the TDR offerings
available today, it is clearly headed in that direction.
In the traditional AV and endpoint-protection space, Webroot competes with McAfee, Symantec, Trend Micro, Sophos, Kaspersky, Microsoft, AVG and
a host of others. In the advanced/next-gen category, it competes with Palo Alto Networks (Cyvera), Triumfant, Bit9 + Carbon Black, Confer
Technologies, Cylance, Digital Guardian, Votiro and a few others. In the TDR market, its competitors include FireEye, ResolutionOne (formerly part of
AccessData), Bit9 + Cb, CounterTack, Cybereason, CrowdStrike, Fidelis, Hexis, Ziften, Tanium and SentinelOne.
Although Webroot has a ways to go before it can match the likes of Bit9 + Cb feature for feature, SecureAnywhere is one of the first products we've
seen that can say 'yes' to replacing the traditional AV vendor, while employing a signatureless approach comparable to the next-gen/advanced
anti-APT vendor and claim TDR capabilities as well. Most incumbent AV competitors such as Kaspersky, Trend Micro, Sophos, Symantec and McAfee
branched out extensively, adding everything from data-loss prevention to IDS/IPS and SIEM to product portfolios. It is notable, then, that Webroot has
so far chosen to stick to its core threat detection and prevention products and hasn't branched out beyond threat intelligence and a secure Web
gateway product.
As for the aforementioned automated endpoint remediation capabilities, the only vendors we've talked to that offer something similar include Guidance
Software and Triumfant. Of the next-gen anti-malware vendors, only Cylance claims to fully replace traditional AV while addressing advanced malware
capable of evading traditional defenses.
SWOT Analysis
Strengths Weaknesses
The ability to address the needs of traditional AV, advanced threats
and some endpoint incident response (TDR) capabilities in a single
product is rare, if not unmatched, at this point. Users can protect
multiple devices with a single license.
Webroot has no network-based malware sandboxing offering. It
has limited capabilities outside endpoint anti-malware, whereas
most incumbent competitors offer large integrated suites of
security products.
Opportunities Threats
The consolidation of anti-malware capabilities on the endpoint is a
significant goal, with the TDR market looking to be the final trophy.
From there, a multitude of expansion options are available –
network sandboxing, SaaS/cloud security and more
Webroot's core market, although largely dissatisfied, is
commodified and saturated. 451's TIP surveys reveal that
switching AV vendors is a challenging and labor-intensive process.
https://451research.com/report-short?entityId=84395&tmpl=print
3 of 4 3/2/2015 10:03 AM
