Email this page Print this page Give us your feedback
Home » enterprise » Solutions » Collective Intelligence
Collective Inteligence

Collective Intelligence

Maximum protection with minimum impact on your PC

Panda Security’s Collective Intelligence works as an online, real-time database that stores the majority of signature files, keeping them at a minimum on the endpoint. Every Panda user is a sensor for new malware, sending statistical data about malware prevalence back to the cloud. This new approach reduces bandwidth consumption on customers’ PCs and provides faster and more comprehensive up-to-date protection.

“To date, Panda Security is the only large security vendor that has embraced the herd intelligence (Collective Intelligence) message... Anti-virus companies that are not taking steps today to plan for malware volumes 100 times their current load are not thinking hard enough about the problem.”
Yankee Group report on Herd Intelligence (December 2007).

The Collective Intelligence approach has been piloted by millions of users of many Panda free products since 2007, allowing Panda to collect ten times as much malware samples as traditional antivirus vendors.

Panda Security is the first and only security vendor that has the technology, the infrastructure, the knowledge and the experience to apply the Collective Intelligence approach to its commercially available products. The new Panda 2009 Consumer products are based on Collective Intelligence; the benefits of this new product line can be summarized as follows: Maximum protection with minimum impact on your PC.

  

Best proactive detection

Collective Intelligence automates the process of malware detection to proactively protect you against the latest threats.

We’d like to invite you to read the next pages and find out more about Collective Intelligence, its fundamentals, a simple description of the way it works and the outstanding benefits for the Panda 2009 product users.

Malware Landscape “Collective Intelligence” Fundamentals|User Benefits

Current malware is invisible, silent and most importantly, financially motivated. Security has moved beyond protecting your computer to protecting your identity. Today it is not only about computer security, it is about identity protection.

Cyber-crime is migrating from amateurs to professionals working for organized crime rings. These criminal enterprises are so efficient and confident that they operate like legitimate businesses.

The number of malware variants is growing exponentially while the number of computers infected by each sample is decreasing. The gap between created and detected malware keeps increasing.

 AV-Test.org's Sample Collection Growth
Malware collected per month – AV-

As a result, security solutions solely based on continuously updated signature files cannot keep up with malware growth. They are no longer sufficient to guarantee users’ security.

Malware Landscape “Collective Intelligence” Fundamentals User Benefits

  1. Collection of data from the community. The system centrally collects and stores behavioral patterns of programs, file traces, new malware samples, etc. This data comes from Panda users and from other organizations. This extensive capacity to collect information provides greater visibility and full traceability of new malware techniques and distribution points.
  2. Automatic leverage of data. The system automatically analyzes and classifies the thousands of new samples received every day. To do this, an expert system correlates the data received from the user community with PandaLab’s extensive malware knowledge base. The system automatically returns verdicts (malware or goodware) on the new files received, thereby protecting users faster and better. Additionally, a constantly updated white list of over 10 million files prevents known ‘good’ files from being scanned, improving and speeding up the scanning process and minimizing the resource consumption of protected systems.
  3. Making the knowledge and solution available. This knowledge is delivered to users as web services or through signature file updates and real-time queries to the cloud.

The Collective Intelligence approach allows detecting much more malware than the manual detection system that some laboratories use. Also, it can detect even threats not yet identified. Combining Collective Intelligence and TruPrevent technologies. Panda is capable to detect the most sophisticated malware.

The fundamentals of the “Collective Intelligence”

Malware Landscape|“Collective Intelligence” Fundamentals User Benefits

 

PANDA 2009 retail products

Traditional antiviruses

Improved Detection

Each Panda customer acts as a malware sensor. As soon as a malicious process is detected on a user’s PC by the Collective Intelligence servers, all users worldwide automatically benefit from that specific detection in real-time. This results in close to real-time detection -not only of initial malware outbreaks- but also of targeted attacks aimed at infecting a small number of users to stay below the radar.

NOTE that this model does not present any privacy issues, since no personal information is sent from the user’s PC to the Collective Intelligence server.  In other words, there is no data transfer; only queries are sent from the user’s PC to the CI server.

Traditional antivirus solutions are architected with a PC-centric philosophy. This means that a PC is treated as a single unit in time and any malware detected within that PC is considered separately from the rest of the malware samples detected in millions of other PCs.

Improved Desinfection

Automated, short-lasting processing and classification. Thanks to the Collective Intelligence infrastructure, the malware collection, classification and remediation processes are automated and performed online for the vast majority of strains.

Semi-manual, long-lasting processing and classification. Each new malware sample needs to be sent to the lab by an affected user, reversed engineered to create a detection signature and disinfection routine, sent to quality assurance for testing, uploaded to production servers, replicated worldwide, and finally downloaded and applied by customers.

Improved Detection & resource consumption

No resource limitation. The scanning power used at the Collective Intelligence servers is only limited by hardware and bandwidth scaling. With Collective Intelligence, the majority of malware samples can be analyzed and classified automatically with the most resource-intensive proactive techniques in a matter of minutes. Most processes are performed ‘in the cloud’ and not on the customers’ PC, where fewer resources are available.

Traditional antivirus solutions perform the scanning processes on the users’ PCs, taking up a lot of their limited resources. This prevents them from being able to use resource-intensive proactive techniques.

Improved Detection & resource consumption

The automated malware remediation module automatically creates detection and disinfection signatures for the samples previously analyzed by the processing and classification module. Most signatures do not need to be downloaded to each customer as they operate from the cloud.

With traditional antivirus solutions, remediation is done semi-manually. Also, all signatures need to be downloaded to the customer, consuming bandwidth and memory resources.

Continuous improvement of protection tools.

The community feature of Collective Intelligence provides full visibility and traceability of the new malware techniques and distribution points. This knowledge allows Panda to continuously improve customer protection, and has some interesting applications and benefits for law enforcement efforts.

Traditional antivirus suppliers have partial visibility and limited traceability of malware and therefore cannot improve their products as quickly as necessary. The protection offered by their products gets worse every day.

Improved Detection & resource consumption

Panda Security’s Collective Intelligence platform includes a white-listing component that complements and improves black-list detection reducing false positives and scanning and processing times.

Traditional antivirus solutions need to scan all files, including ‘good’ ones, and therefore consume more system resources with more false positives.

For detailed information, please read from traditional antivirus to collective intelligence, by Panda Research.

Placeholder for Fifth Card Tab. Afected by DivMain, DivBody, DivCentral-Int, DivContent & DivCard5
Placeholder for Sixth Card Tab. Afected by DivMain, DivBody, DivCentral-Int, DivContent & DivCard6