Panda's Cloud Antivirus Exits Beta
Panda's Cloud Antivirus doesn't use locally installed virus definition files. Rather, the definitions, and the detection, are done in the Cloud. Theoretically, this means an end user, as long as he is connected, will always have the latest scanning engine and the latest virus definitions.
Here's how it works:
When Cloud Antivirus encounters an executable file, it first creates a partial cryptographic hash of the program, which Panda calls a reverse signature. The locally running program sends this signature to the data center in the cloud and gets back a quick determination that the file is malware, known-good software, or unknown.Panda claims also, that by leveraging the data collected from end users, it can update its database with new threats and variants though its so-called "Collective Intelligence" in the cloud.
If the file is unknown, the local program sends additional information. This data includes a kind of behavioral signature to let the cloud-based software remotely perform heuristic analysis. The local agent also graphs the file's internal structure and passes that to the cloud for similarity analysis. Yes, sending these and other data elements to the cloud takes a small amount of time, but the in-cloud analysis is extremely fast.
Once Cloud Antivirus identifies a specific file as "goodware" it caches the information about that file locally (in a local cache), so it doesn't have to go back to the cloud. Thus full scans after the first time will be significantly faster.
In fact, speaking to C|Net, CEO Juan Santana and Senior Research Advisor Pedro Bustamante noted that since the beta, Collective Intelligence has collected about 25 terabytes of data, with about 60% of it malware. Additionally, Collective Intelligence is receiving about 120,000 new files a day, of which 60-70,000 are malware. Finally, they noted that Collective Intelligence has processed more than 80 million files so far and generates about 150 GB of log files per day.
Some may be concerned about the effectiveness of a cloud-based program if you are disconnected. Well, first, most of the threats end users see nowadays are a result of being connected: to the Web, to email, or some other delivery method using the Internet. On the other hand, Panda Cloud Antivirus does have a local cache, as noted above.
Bustamante said that "The local cache of Panda Cloud Antivirus is a 'moving target' of what the community 'sees' out there circulating in the wild. However, it's not quite the same as the traditional signature updates which are always incremental (always adding signatures, not taking them out)."
The real question is, do you trust your PC to a 1.0 version of software? It's exited beta, but it's still new. However, Panda itself is not new. And the software, just as with Microsoft's Security Essentials software, is priced right: free, at least to home users and and educational centers, as well. In addition to that sort of licensing, MSE is free to SOHO as well.