Antibot is the New Black
Imagine that your IT team decided not to put antivirus software on your company’s computer systems this year. This won’t happen. Everyone knows that antivirus has been a staple of modern IT security since The 1990s.
Today, many business and IT executives are viewing antibot security in much the same way. The rapid surge in bad bots has made antibot defenses necessary for website security, mirroring the urgency that surrounded the antivirus industry 20 years ago.
Bad bots have exploded in volume, sophistication and impact far faster than computer viruses did, and they impact every business with a web presence. As a result, antibot solutions have had to evolve much faster than antivirus vendors in order to keep pace.
Let’s break it down.
Antivirus industry moves from physical media to live quarterly updates
Antivirus solution vendors first became mainstream between 1990-1998 when their solutions provided on-demand scans of individual PCs and floppy disks. Near the end of this period, updates were provided on a quarterly basis over physical media on a machine-by-machine basis. It wasn’t until 1999 that Symantec’s Enterprise Edition 4.0 included live updates and protection for all servers and machines under one domain. However, even that solution was limited to Windows NT and NetWare networks, leaving many infrastructures without a centralized antivirus solution.
Antivirus industry gets more frequent updates, but fails to keep pace with zero-day viruses
By the mid-2000s, it became imperative to update antiviruses more frequently as new zero-day viruses were spreading like wildfire during update gaps. In fact, detection rates for zero-day threats sat at only 40-50% in 2006, then dropped to a horribly low 20-30% in 2007.[i] The antivirus industry had to react fast or lose credibility.
Antivirus industry goes SaaS and adds collective intelligence
By the end of 2007, vendors began offering SaaS-based antivirus with real-time updates. But there was still an intelligence gap. Then Panda introduced the concept of ‘Collective Intelligence’ in 2007.[ii] By 2009, Panda offered the only antivirus solution that collected threat intelligence from a community of users and then incorporated that data into its SaaS solution in real time. Soon after, industry pundits began to categorize antivirus as a proactive defense tool rather than a reactive infection cleanup tool. Here’s how TechRadar’s review put it in 2010: “We think that Panda Cloud Antivirus is best viewed as a defense tool rather than a utility for cleaning up a system that’s already riddled with infection.” [iii]
Bad bots have been more sophisticated from the start
The main motive for many early virus creators was notoriety. Symantec didn’t release its Critical System Protection product for enterprises until December 2005.[iii] That product was introduced as a direct response to viruses starting to use advanced methods of obfuscation. No longer were fingerprinting and heuristic virus identification methods enough. The industry had to proactively identify viruses through behavioral modeling in order to block them before they could compromise computer systems and servers.
By contrast, bad bots have leveraged obfuscation tactics much earlier in their existence. Today’s nefarious actors aren’t seeking recognition as much as their desire to secretly steal away valuable company data and information.
What took the antivirus industry 20 years, the antibot industry has done in 3
From the outset, we had to deal with zero-day threats, large threat volumes, sophisticated obfuscation methods, and customers with a variety of web infrastructure environments. Best-of-breed antibot solutions incorporate a multi-pronged approach to bot detection, including fingerprinting and heuristic identification, behavioral modeling and community intelligence. A proactive approach that stops the bots before they breach your website is a key tenet of a successful bot defense posture.
Distil Network’s purpose-built antibot solution
Distil’s purpose built antibot solution deploys as an appliance or in the Cloud and leverages the collective intelligence across our community of Distil-protected websites, resulting in the industry’s largest ‘known violators bot database’. The result has been real-time identification, tracking and blocking of billions of bad bots on behalf of our community of protected websites in just a three-year period. Today, antibot defenses have started to become as mainstream as antivirus defenses did in the 1990s. That’s right, 3 years for the ultimate antibot defense system versus the 19 years it took for antivirus vendors to reach the same level of protection against viruses.
[i] Goodin, Dan (2007). “Anti-virus protection gets worse,” The Channel, December 21, 2007. Accessed online February 2, 2015 from the following source: http://www.channelregister.co.uk/2007/12/21/dwindling_antivirus_protection/ [ii] Panda Security (2015). Accessed online February 2, 2015 from the following source: http://www.cloudantivirus.com/help/01/h_en/25.htm [iii] TechRadar (2010). “Panda Cloud Antivirus approaches virus protection from a different angle,” TechRadar, March 7, 2010. Accessed online February 2, 2015 from the following source: http://www.techradar.com/reviews/pc-mac/software/utilities/anti-malware-software/panda-cloud-anitvirus-674644/review
About the Author
Elias Terman is VP of Marketing and is responsible for all aspects of the global marketing and communications strategy. Elias started his career as an entrepreneur, and now enjoys helping grow Silicon Valley startups into industry leaders. He built out the marketing and business development organizations at OneLogin leading to explosive growth, helped establish SnapLogic as the leading independent integration company, and led MindFire Studio to the Inc 500.Follow on Twitter More Content by Elias Terman