Norton Insight Network: Past the 100 Million Mark

Norton Insight Network has achieved a milestone: over a hundred million files are now classified by Symantec’s community-based reputation algorithm as “known good files” (79%), “known bad files” (14%), or are in temporary state of “building reputation” (7%).

That's an impressive resource, leveraged in behalf of protecting users against malware.

 

panda's is almost there with

99.677.300

http://www.cloudantivirus.com/en/threat-information/

 

What about Bits9?

 

not a clue didnt even know they had something like that.

 

I may be mistaken, but I do not believe that the "99 million" number from Panda is comparable to the "100 million" number from Symantec. Panda appears to be counting the number of files analyzed, whereas Symantec is counting the number of unique files in its reputation database.

For example, if 100 users analyzed a single new file, Panda would increment their "99 million" count by 100, while Symantec would increment their "100 milion" count by 1.

It’s hard to be completely sure from a visual examination, but if you closely observe the “new file” count and the “analyzed” count on Panda’s Collective Intelligence Monitor webpage, it seems that the latter is incrementing more quickly than the former. If Panda was measuring the same quantity as Symantec, then those two counts should increment in unison.

 

This is incorrect. Our number does not mean "a file being analyzed by x number of people n times".

We count "unique files analyzed" as well, so the 99.7 million number is comparable to the Symantec figure. When we say "analyzed" we mean that there was a complete analysis and determination of the files' behaviour (goodware or malware) by Collective Intelligence backend automated system.

Edit:

For comparison sake, here's our breakdown:
- Known bad files: 57%
- Known good files: 21%
- Suspicious: 14%
- Being analized: 8%

 

Known bad+suspicious = 71% bad files with Panda , while Symantec had 79% good files

As people might be able to see , the approach here is different . While Panda's aim is to get more and more bad files , Symantec collects a huge white list.SONAR is agressive against the others.Additionally , AFAIK Symantec plans to change their products (not in so recent future) so that the products will be able to kill everything that is unknown , with unproven or known bad reputation. This way we make a turn-back and Symantec will be counting the good files , not the bad ones. This is all because as they say , nowadays there are more bad files than good ones (as Panda's cloud system proves , too).

This proves that the old signature system and generally the blacklist system (still used by the majority of vendors) is completely out-of-date.

 

not a bad break down with panda i dont think.

 

Great conclusion.

 

not bad,

but 3 years ago, Prevx reached over 300 million known good/bad files in its cloud,

Prevx's cloud is in the 'many billions' now.

3 years ago, back in the stoneage for Prevx *lol*, they were adding 250,000 known good/bad files to its cloud PER DAY, so 3 years on, Prevx's cloud is where to be.

 

So why don't you count that out > 250,000 a day under 3 years period, and tell us the result PC_Gamer.
That's a great MIND GAME

 

erm, that was 3 years ago so they may add more per day these days, i dont know , i Dont think they have an exact figure Swex, just 'in the many billions'

im certainly not going to work anything out *lol*

 

These are all number games...God Knows what new technology will come up in future...

 

According to Google 250,000 times 365 (days) times 3 is: 273 750 000

273 millions 750,000 thousands hmm... quite a lot

 

According to the page re: FileAdvisor, 6,543,548,689 files have been indexed so far. It doesn't say what percentage are bad or suspicious though.

 

Over 6.5 billion (6,543,548,689) at the moment of posting this.
Source: http://fileadvisor.bit9.com/

Kaspersky has been using the bit9 databases since 2007 to supplement the development of KSN databases. Not sure about the raw total number of files in KSN though, but must be more than bit9's, in addition to signature white/blacklists of-course which can add thousands into the database.

Overall, I think the actual number is insignificant. It's a supplement to overall proactive technologies, but actual proactive protection is what's important.

 

Yep

Kaspersky has been using the bit9 databases since 2007 to supplement the development of KSN databases. Not sure about the raw total number of files in KSN though, but must be more than bit9's, in addition to signature white/blacklists of-course which can add thousands into the database.

Overall, I think the actual number is insignificant. It's a supplement to overall proactive technologies, but actual proactive protection is what's important.

 

Hello all
While Prevx does likely have the largest cloud as we have many times more than the 100 million referenced by other vendors, it may be worth noting that the volume of files doesn't necessarily correlate with improved detection. It depends how the vendor uses the data and how protection is created - otherwise it is just a case of holding a very large signature/whitelist database centrally (which admittedly is useful but doesn't provide an additional level of protection). Counting unique files is helpful in some cases, but the better cloud-based vendors (Panda, Symantec, and a shameless self promotion for Prevx ) do not base their detections on hashes, rather, significantly more intelligent signatures, rules, and logic are used to detect files. Therefore, while the number of files is high, the real value comes from how the data is leveraged.

For instance, 100 million files can be created from a single user - just create 100 million copies of Notepad and run any well designed polymorphic file infector of your choice You'll quickly find 100 million new, completely unique files - services that claim billions of files are likely taking these into account and, counter-intuitively, Prevx tries to trim down the number of files in our database with smarter signatures which is why we don't show a count on our website.

 

How true

 

Very true

 

But i guess the pattern of infection was the same, and no company will gonna add that much of unique file in their database which will have the same pattern..

 

All the ads, who has the money for advertising who has paid money for first place in tests;who has the money to AV Comparatives https://www.wilderssecurity.com/showpost.php?p=1604827&postcount=8 has the ability to create and user opinions in any way.
This "small" companies were left crumbs....big fish always eat the small

 

Excuse me but if a vendor is that small and can't allow to pay fees to be part of testing , then this vendor deserves no attention from users or . It is simple - we live in a world where we can't allow to be with small vendors just from respect point of view.

I have been part of the stupid game where security product is being sold almost free and no , this is not for me . You want quality and top service , then you pay for it .

 

Erm... I beg to differ. Spending (wasting) money on pointless tests doesn't tell anything about the product quality. And yeah, all these tests are not reflecting reality - starting with Matousec and ending with AV Comparatives. They are not real world tests, they are a show-off for vendors who can afford them.

 

now this thread has turned into who has the biggest database