Founded and based in Bilbao, Panda Security puts a lot of emphasis on innovative technology. The recent release of Cloud Antivirus, while using Panda Security’s collective intelligence to ensure the best level of security available, also relies on the possibilities offered by the Software-as-a-Service model. “From April 29th, users can have a home version for free, says Pedro Bustamante, Senior Research Advisor. The reason behind it is to get the maximum of people connected.” The Panda Cloud Antivirus has been built from scratch. “It is designed as a thin-client solution where all the intelligence is in the cloud.”

The security landscape is evolving rapidly and new solutions and protections are put into place to keep malware away from companies’ critical data. In Bilbao, collective intelligence has indeed become the basis of PandaLabs’ approach to efficient detection and protection. “From 2006 to 2007, the number of malwares has increased tenfold, says Juan Santana. There has also been more malware detection over the past year than ever before. This means that we have 24 million malware samples in our lab, that we need to classify.” To do so, PandaLabs thus relies on collective intelligence. “It is fast and does not impact the client’s PC. If we had to put all the malware signatures in that PC, it would do nothing beside malware detection and classification.” Instead, the signatures are put in the cloud to boost detection performance. They come from various sources: browsers, sensors and collaborations with competitors and need to be analysed fast so as to remain “competitive”. During the analysis, the PC is blocked from external influence. “The analysis is run automatically and sometimes, in real-time. It takes 6 minutes between the arrival of the malware at PandaLabs to the effective protection of the PC, if it is needed. Before the cloud, it could take up to 24 hours.”

Never-ending evolution

Malware attacks are becoming more and more inventive. Luis Corrons, PandaLabs Technical Director, has come across malware that uses the same presentation as e-banking applications, an approach that pays off, considering the fact that the police are often not organised enough to go after such criminals. “There are three ways to be infected: through the web (browsers, applications, media players), spam or social networks, says Luis Corrons. Such networks have a lot of security weaknesses.” If the theft of ID and credit card data is so lucrative, it is because it can give access to profitable e-business activities, such as the reselling of hardware, originally paid for with stolen credit card data.

The collective intelligence of Panda Security delivers a clear classification of the type of malware detected. In 2008, around 77% were Trojans, 16% adware, 2,5% spyware, while worms counted for 4%. The importance of Trojans shows that the majority of malwares aim at staying below the radar. “There is a huge number of malwares, while they infect less computers than before, which makes it hard to detect them”, says Pedro Uria, representative of Panda Research. “The antivirus is late at detecting them. What we need is unlimited detection and disinfection capacities, with an automatic processing of samples, while using as little of the client’s resources as possible, whether it be memory, CPU, or bandwidth. Collective intelligence servers this purpose of online threat management, in the cloud.”

Of course, the data mining job is phenomenal, which is why collaboration is high in the analysis. “Collective intelligence is a bottom-up approach into the cloud. Instead of sending our antivirus updates to our clients, we manage the threats faster and more efficiently, says Pedro Uria. The scale of a cloud-based system is a big advantage. Each one of the PC is connected to it, so the most customers are connected, the more information you get. This provides an unlimited scalability.” The cloud-based approach could also help in getting rid of the usual one-month gap between infection and detection. “The bottom-up approach makes it possible for the whole community, which means everyone connected, protected.”

“We think that we compete on technologies with other big companies”, says Juan Santana, CEO of the company. This “technology mission”, based today on nano-architecture, SaaS and collective intelligence, has been Panda Security’s trademark since its creation, almost 20 years ago.

More information:
Panda Cloud AV
Research at Panda Labs