Note: Symantec Ubiquity has been rebranded as Symantec Insight.
BARCELONA, Spain – Symantec Vision 2010 – October 5, 2010 – Symantec Corp. (Nasdaq: SYMC) today announced Ubiquity™, its award-winning next generation security technology, built on community-based reputation, for fighting evolving malware. A result of more than four years of development, Ubiquity enables Symantec to harness the anonymous software usage patterns of more than 100 million Symantec customer computers, and deliver protection against micro-distributed, mutating threats, that would otherwise completely evade traditional security solutions.
Traditional protection requires security vendors to capture and analyze specific strains of malware before they can protect against them. In 2009 alone, Symantec discovered 240 million unique threat samples. These were discovered on an average of fewer than 20 computers each and many were seen on just a single computer worldwide. This shift has made it nearly impossible for other security vendors to discover, analyze and protect against every threat and placed a significant burden on traditional approaches to malware detection.
Ubiquity takes a fundamentally different approach to help ensure Symantec customers’ infrastructure and information are fully protected from today’s newest and most targeted threats.
- Detects threats other approaches miss – Ubiquity adds an entirely new layer of protection that amplifies Symantec’s existing defense-in-depth approach, which also includes signature-based protection, intrusion prevention, behavioral and heuristic detection capabilities. Ubiquity derives a security rating for each file, based on information about the context of the file – where it came from, how old it is and its adoption patterns across Symantec’s user population – in addition to other proprietary calculations. While attackers can easily mutate a malware file’s contents to make it invisible to traditional signatures, they have far less control over these crowd-based demographics. Ubiquity is the only technology in the industry to use this complementary approach.
- Up to 90 percent Faster Performance – Ubiquity reduces the impact of antivirus scanning by as much as 90 percent by scanning only those files it has identified as risky. This results in dramatically faster, fewer and smarter scans.
- Reduces false positives and cuts management overhead – Ubiquity doesn’t just have data on malicious programs, but has ratings for virtually every legitimate application on the Internet as well, making Ubiquity one of the world’s largest white list of trusted software. Symantec products use this data to make more informed decisions about what files to block, drastically reducing the likelihood of a false alert on a legitimate application.
- Delivers powerful policy-based protection for enterprises – The data provided by Ubiquity can be used to enable administrators to control what software enters their users’ environments based on easy-to-understand and easy-to-manage file polices that factor in file safety ratings, prevalence data and discovery dates.
Built on Community-based Reputation
Ubiquity is the first technology to use the collective intelligence of more than 100 million computer systems – Symantec’s participating customers – and the data from Symantec’s Global Intelligence Network to derive a highly accurate safety rating for virtually every single software file – good, bad and those in between – in existence. Ubiquity currently has safety ratings on more than 1.5 billion unique applications, making it one of the largest databases of its kind. This enables Ubiquity to address today’s explosion of targeted, mutating malware, including threats generated on-the-fly and targeting only a single user across the globe.
Following its successful deployment in the Norton 2011 consumer security products and more recently in Symantec Hosted Endpoint Protection, Symantec is readying Ubiquity for rollout across a wide range of enterprise products over the coming year, starting with Symantec Web Gateway.
Since its initial deployment, Ubiquity has already demonstrated impressive results:
- Ubiquity’s reputation database now contains accurate safety ratings on more than 1.5 billion good and bad executable files and is adding to this total at the rate of 22 million new files each week. This information is based on the completely automated and anonymous software usage feedback of more than 118 million participating Symantec customer computers.
- Based on Ubiquity data, Symantec has determined that more than 75 percent of malware affects fewer than 50 Symantec users. This statistic highlights the trend toward high-impact, low-distribution targeted threats and shows the need for reputation technology, like Ubiquity, to protect against such malware.
- Ubiquity serves an average of more than 45 billion application safety ratings every month for Symantec customers.
- Ubiquity was recently named the winner of the network security category in the 2010 Wall Street Journal Technology Innovation Awards.
- “There is no other malware protection technology in the world that has the capability of Symantec’s Ubiquity,” said Stephen Trilling, senior vice president, Security Technology and Response, Symantec. “By harnessing the anonymous software usage patterns of more than one hundred million customers, Ubiquity allows Symantec to compute a unique safety rating for virtually every software application on the Internet. This gives us the ability to protect our customers against targeted, mutated malware that would otherwise evade traditional virus fingerprints.”
- “In the face of increasingly sophisticated cybercriminals, enterprises are finding that endpoint protection strategies based solely on signature-based blacklisting are ineffective. Signatures can’t keep up with the explosion in malware variants and miss targeted attacks” said Neil MacDonald, VP and Gartner Fellow “Whitelisting and application control technologies offer hope; however, there will always be applications that don't appear on the whitelist. Adaptive security infrastructure will leverage community intelligence to fill in the gap when applications are not explicitly whitelisted or blacklisted.”
About Security Technology and Response
The Ubiquity™ technology was developed by Symantec’s Security Technology and Response organization, working in conjunction with the company’s enterprise and consumer security product teams. The Security Technology and Response (STAR) organization, which includes Security Response, is a worldwide team of security engineers, threat analysts, and researchers that provides the underlying functionality, content, and support for all Symantec corporate and consumer security products. With Response centers located throughout the world, STAR monitors malicious code reports from more than 130 million systems across the Internet, receives data from 40,000 network sensors in more than 200 countries, and tracks more than 25,000 vulnerabilities affecting more than 55,000 technologies from more than 8,000 vendors. The team uses this vast intelligence to develop and deliver the world’s most comprehensive security protection.
About Security Solutions from Symantec
Symantec is a global leader in providing security, storage and systems management solutions to help consumers and organizations secure and manage their information-driven world. Our software and services protect against more risks at more points, more completely and efficiently, enabling confidence wherever information is used or stored. More information is available at www.symantec.com.
Note to Editors: If you would like additional information on Symantec Corporation and its products, please visit the Symantec News Room at http://www.symantec.com/news. All prices noted are in U.S. dollars and are valid only in the United States.
Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners.
Forward-looking Statements: Any forward-looking indication of plans for products is preliminary and all future release dates are tentative and are subject to change. Any future release of the product or planned modifications to product capability, functionality, or feature are subject to ongoing evaluation by Symantec, and may or may not be implemented and should not be considered firm commitments by Symantec and should not be relied upon in making purchasing decisions.
TECHNORATI TAGS: Symantec, Security, Ubiquity, Reputation-Based Security, Malware, Antivirus, Security Management