Why Leading Security Vendors Rely On Webroot Threat Intelligence; And How MSPs Can Too

MSPs and MSSPs understand that delivering maximum security to their clients requires endpoint protection solutions that integrate seamlessly with their PSA and RMM tools. The superior efficiency and flexibility provided by those tools enables MSPs to automate a wide variety of endpoint protection deployment, management and administration/billing tasks, thus freeing their IT teams to concentrate on security issues that make better use of their expertise.

Of course, those endpoint security solutions must also include comprehensive protection against threats from email, web browsing, file attachments, hyperlinks, display ads, social media apps, and connected devices like USB drives. Simply put, no matter how well a security solution integrates with your PSA and RMM tools, it is fundamentally useless if it can’t deliver consistent protection from today’s increasingly virulent threats, whether known or never-before-seen.

Enterprise-class security vendors face similar issues when it comes to balancing service desk automation and integration with protection, but on a larger scale. The powerful, sophisticated security appliances and services they offer to their enterprise customers (often huge organizations that rank in the Fortune 100) must be able to transparently integrate into the complex workflows and vast infrastructures that characterize those customers.

Not surprisingly, security vendors dedicate an enormous amount of time and resources to ensuring their products enable exceptional levels of integration and automation. But as noted above, that’s only part of the equation; those vendors’ efforts are for naught if their security solutions fail to deliver full-spectrum, robust protection for their customers in today’s increasingly dynamic threat landscape.

That’s why so many leading security vendors include next-generation collective threat intelligence capabilities in their solutions. For example, companies like A10, Aruba, Cisco, Citrix, f5, Fujitsu, Palo Alto Networks and many others rely on Webroot BrightCloud® Threat Intelligence Services, which leverage the Webroot Threat Intelligence Platform. An advanced cloud-based security platform, it is enhanced by a contextual analysis engine that correlates information for deep insight across the online threat landscape.

In a nutshell, this advanced self-learning platform continuously scans the internet and incorporates inputs from millions of sensors, enabling a suite of BrightCloud services to quickly and accurately identify previously-unknown threats:

  • Web Classification Service: Provides content classification for over 27 billion URLs; blocks malicious and unwanted web content based on 82 categories.
  • Web Reputation Service: Forecasts security risk of visiting a website; leverages risk scores independent of content category to finely tune security settings based on unique business needs.
  • IP Reputation Service: Provides dynamic list of 8 to 12 million malicious IPs at any given time to block malicious traffic from entering a network.
  • Real-Time Anti-Phishing Service: Catches advanced phishing attacks that can lead to breaches and data loss; provides time-of-need protection through real-time scans before sites are visited.
  • Streaming Malware Detection: Combats polymorphic malware, provides risk score for files traversing network perimeter to enable users to quickly allow, block, or flag files for investigation.
  • File Reputation Service: Continuously updates known malicious and white-listed file identifiers via real-time lookup service; provides dynamic file reputation information.
  • Threat Investigator: Provides additional contextual insight into all primary connections around an actor under investigation, regardless of type.
  • Mobile App Reputation Service: Collects detailed application data, categorizes and assigns a score using multi-stage analysis and advanced algorithms to identify safe, compliant mobile apps.

MSPs Can Leverage Cost-Effective Threat Intelligence

Fortunately, the benefits of BrightCloud Threat Intelligence Services are not limited to the advanced offerings of the security vendors noted above. MSPs leverage that same type of threat intelligence with Webroot SecureAnywhere Business Endpoint Protection.

Ransomware (whether delivered by a hyperlink or attached file within an email, or via malvertising), phishing attacks designed to identity theft, file-less malware that exploits registry entries, attacks via external storage devices such as USB or DVD...all are key threats that can elude conventional AV solutions—and all are effectively combatted by these threat intelligence-fueled features in Webroot’s endpoint protection solutions:

  • Web Threat Shield: Blocks known threats encountered on the Internet and displays a warning
  • Real-Time Anti-Phishing: Verifies sites at the time of the request (when user requests to navigate to the site) to ensure they are genuine and safe
  •  Outbound Firewall: Protects against outgoing traffic originating inside a network or on an endpoint


While easy integration with PSA and RMM tools is vital to boosting the efficiency and effectiveness of an MSP’s security services, superior protection is the sine qua non of any endpoint security solution. Threat intelligence is widely used in many security offerings to maximize their protective capabilities, and the benefits of such threat intelligence are also available to MSPs via Webroot’s cost-effective business endpoint security.

While easy integration with PSA and RMM tools boosts the efficiency and effectiveness of an MSP’s security services, superior protection is ultimately paramount. High-end security offerings use threat intelligence to maximize their protective capabilities, and now the benefits of threat intelligence are available in Webroot’s cost-effective business endpoint security products.

Guest blog courtesy of Webroot. Read more Webroot guest blogs here.