Prevx & Panda Sandbox Times

Does anyone know the time required between scanning a 0day trojan and the it becomes known as malware.

One other question for panda. Will you be adding a stats page like prevx did? Its good to read the sandbox reports.

 

Cant speak for panda, but Prevx seems to catch most within 24 hours, but it relies on it having been seen in the population. I believe, once seen a handful of times its detected - so quite possibly within an hour if it spreads fast enough.

 

Most samples are automatically added within about 5 minutes but it depends on the sample - some samples delay their behavior or download other samples so everything needs to be taken into account.

Retadpuss is correct, however, that once a sample starts spreading (to even 2-3 users) it will be most likely caught automatically before it can get any further.

We also do automatically determine between 20,000 and 30,000 new threats every day on the absolute first time they're seen before they execute, meaning the entire community is immediately protected even if you happen to be the first user to encounter the file.

 

In the case of Panda its very similar to Prevx. We process approx 60.000 files every day. Each file takes approx 6 minutes to classify. Telemetry from the community is also taken into account to prioritize some files over others. This same telemetry is also used to detect prevalence for protection during offline operation.