When a security suite vendor tells you that they've "overhauled" their programs, often the changes are somewhere between a new coat of paint and an oil change.
In rebranding its products under the name Webroot SecureAnywhere, Webroot has also rewritten its software from the ground up. Webroot SecureAnywhere Antivirus (download), Webroot SecureAnywhere Essentials (download) and Webroot SecureAnywhere Complete (download) come with the tiniest, fastest installers in the security suite scene, new cloud-based protection, and free mobile apps as part of an effort to protect users across multiple machines and devices. Android (download) and iOS (download) versions are available as well.
It's hard to understate how impressive the new Webroot installer is. It's so miniscule that you measure its size in kilobytes, not megabytes. Weighing in at a feather-light 560KB, this stub installer winds up downloading and installing the full suite in under a minute.
"The screenshot is bigger than product," said Joe Jaroch, a senior software engineer at Webroot during a meeting at CNET's San Francisco office in late August. The lead developer of SecureAnywhere smiled when he said that, but he wasn't joking. A high-resolution screenshot of SecureAnywhere really can be larger than the program itself.
Michael Malloy, executive vice president of products and strategy at Webroot, explained how the program works to keep Webroot users safe. "We coupled the ultra-small client with the world's largest database of malware," he said. "So the way the agent works is to first analyze [a file], send a hash of it to the cloud, and check it." If the file is recognized as safe, the cloud pings the local installation of SecureAnywhere and tells you it's safe. "If it hasn't, it sandboxes the sample, tests the behavior, and then sends a description of the sample behavior to the cloud. The cloud then says whether it's recognized or malicious," Malloy said.
Jaroch noted, "We don't want our researchers to ever have to run a sample. The database is what runs the sample. We assume that we'll miss some malware at some point, so Trojans, and keyloggers are blocked generically. It's a substantial departure from what the others are doing."
Three corporate purchases gave Webroot the foundation it wanted for SecureAnywhere. A company called Usable Security, which specialized in identity management and passwords, contributed features now in SecureAnywhere Complete. San Diego-based BrightCloud brought domain and IP address classification, reputation, and scoring to the mix. The core of SecureAnywhere, however, comes from the United Kingdom-based Prevx.
Webroot SecureAnywhere Complete, the premium version of the suite, comes with a mostly competitive range of features. It lacks parental controls, a glaring omission for a suite that retails at $79.95. It does come with 10GB of online storage, password sync, Android and iOS apps, mobile/desktop sync, a password generator, online shopping and banking guards, and automatic log-in. Most of Webroot's password services has been licensed from LastPass.
Webroot SecureAnywhere Essentials costs $59.95, and although it doesn't have any of the advanced password or mobile features, it does offer an industry-standard 2GB of online storage, file shredder, firewall, and browsing tracks wiper. Of course, Complete comes with all that, as well.
The basic Webroot SecureAnywhere Antivirus offers simple protection for $39.95. It guards you against common threats like viruses and rootkits, but also against unknown threats based on their suspicious behavior, prevents your browser from resolving harmful Web sites, and locks down your settings so malware can't change them.
CNET Labs benchmarks will be added here later today, although initial, real-world tests of the suites indicate that they are all that and a bag of chips, if by "all that" you mean "all that they claim to be." Scans are fast, the install was even faster, and there's quite a bit of solid value-added features in the premium versions.
However, it doesn't appear that Webroot has yet to submit the suites for third-party threat detection and removal efficacy testing. Until it does so, it's difficult to evaluate how safe the program will make you because so much has changed under the hood.