Protecting endpoints against the very latest malware threats by using a signature-based approach, which relies on detecting known patterns of data, is inadequate, he argues.
"Cloud-based behavioral analysis looks at the intent of the file, rather than trying to match a file against a signature," he explains. "It looks at what the file was created to do, it analyzes the behavior in real time, and it matches that against like behavioral patterns in the cloud."
In an interview at the Infosecurity Europe 2014 conference in London, Kennedy discusses:
- How the cloud-based behavioral analysis process works;
- Why the behavioral analysis approach is effective at detecting zero-day;
- How a "journaling and rollback" process can detect emerging threats over time.
Kennedy is vice president of product marketing and sales enablement at Webroot. Previously, he worked at Symantec and 3Com.