Media releases are provided as is by companies and have not been edited or checked for accuracy. Any queries should be directed to the company itself.

Symantec Delivers Groundbreaking Reputation-based Security Technology

Symantec Corp. (Nasdaq: SYMC) today announced that it has integrated its revolutionary reputation-based security technology, Quorum, into its new Norton 2010 solutions: Norton Internet Security 2010 and Norton AntiVirus 2010.
  • 10 September, 2009 10:51

<p>New technology codenamed “Quorum” leverages the wisdom of crowds to deliver an entirely new approach to protecting against new and unknown threats</p>
<p>SYDNEY, Australia 10 September, 2009 – Symantec Corp. (Nasdaq: SYMC) today announced that it has integrated its revolutionary reputation-based security technology, Quorum, into its new Norton 2010 solutions: Norton Internet Security 2010 and Norton AntiVirus 2010. Quorum leverages the anonymous software usage patterns of Symantec’s extensive volunteer user community to automatically identify entirely new spyware, viruses and worms.</p>
<p>“This new technology changes the rules of the malware game, shifting the odds significantly in favour of our users,” said Stephen Trilling, senior vice president, Security Technology and Response, Symantec. “By harnessing the wisdom of our tens of millions of users, we’re able to detect threats that are invisible to traditional security products.”</p>
<p>Why Reputation-Based Security Technology?</p>
<p>Significant changes in the threat landscape over the last few years have dramatically altered the typical distribution profile for new malware. Today, instead of a single malware strain infecting millions of machines, it is much more common to see many millions of malware strains, each targeting only a handful of machines. In 2008, Symantec discovered more than 120 million distinct malware variants. In this environment, it is necessary to move beyond traditional security approaches to stay ahead of new malware.</p>
<p>Traditional antivirus software relies on virus signatures to blacklist those pieces of malware that should be blocked from a user’s machine. Ten years ago, Symantec published an average of five new virus signatures each day. Today, in spite of the fact that each signature can detect many different malware strains, security vendors regularly publish thousands of signatures or more per day.</p>
<p>Quorum reputation-based security complements traditional security techniques by using anonymous software usage patterns to classify files as safe or unsafe. The Quorum Technology was developed at Symantec from the ground up, and provides a fundamentally new layer of protection from today’s latest threats. Symantec Research Labs began development of the technology about three years ago, investigating how small amounts of data regarding file usage on a user’s system, collected from a very large distributed community, could be used to predict the likelihood of a given file being malicious or not. After a successful prototype was developed, the project was transferred to the Security Technology and Response group to develop a full commercial release and bring the new technology to market.</p>
<p>How does it work?</p>
<p>Symantec’s Quorum reputation-based security data from multiple sources, including: anonymous data contributed by tens of millions of Norton Community Watch members, data provided by software publishers, and anonymous data contributed by enterprise customers in a data collection program tailored to large enterprises. The data is continually imported and fed into the reputation engine to produce a security reputation rating for each software file, all without ever having to scan the file itself. Quorum uses information such as the file’s prevalence, age and other attributes to compute highly accurate reputation scores. These reputation ratings are then made available to all Symantec users through a large cloud-based infrastructure of Symantec servers. For more detailed information on Quorum, visit the Norton Protection Blog.</p>
<p>What are the benefits of Quorum?</p>
<p>• Provides information on all executable files. Traditionally, security companies primarily have protection for the malware actually sent to them by vigilant users or exchanged with other security researchers. In contrast, Quorum holds reputation ratings on every executable file used by every participating Symantec user across the globe.</p>
<p>• Integrates with Symantec’s new Download Insight. The most visible way to see Quorum in action in Norton Internet Security 2010 and Norton AntiVirus 2010 is to download a new executable file from the Internet. The new Download Insight feature uses Quorum reputation information to help determine each downloaded file’s safety – the user is then informed of the file’s reputation, and bad-reputation files are automatically blocked. In addition, a user can right click on any executable file and find out where the file came from, how many other Symantec users are using the file, when Symantec first saw the file and what the security reputation is for the file.</p>
<p>• Reduces dependence on traditional signatures. Quorum defeats an attacker’s ability to mutate their malware to evade traditional signature-based detection. In fact, with Quorum, the more an attacker modifies a threat the more obvious it will be that the file is suspicious.</p>
<p>• Amplifies existing security technologies. In addition to providing an additional layer of protection, Quorum also allows existing Symantec security technologies, including heuristics and behaviour-based detection, to be deployed in a more aggressive mode to increase the overall level of protection provided to users.</p>
<p>About Security Technology and Response</p>
<p>Symantec’s Security Technology and Response (STAR) organisation, which includes Security Response, is a worldwide team of security engineers, threat analysts, and researchers that provides the underlying functionality, content, and support for all Symantec corporate and consumer security products. With global response centres located throughout the world, STAR monitors malicious code reports from more than 130 million systems across the Internet, receives data from 40,000 network sensors in more than 200 countries, and tracks more than 25,000 vulnerabilities affecting more than 55,000 technologies from more than 8,000 vendors. The team uses this vast intelligence to develop and deliver the world’s most comprehensive security protection.</p>
<p>About Symantec Research Labs</p>
<p>Symantec Research Labs (SRL) is Symantec’s global research organisation and has played a leading role in developing and commercialising numerous cutting-edge technologies across Symantec’s business areas. Commercialised technologies from the group include industry leading rootkit protection, innovative browser protection technology to proactively block future exploits of known vulnerabilities, Symantec’s first antispam technology, generic exploit blocking technology that proactively blocks fast-spreading threats, online consumer security services, and technology to help protect our nation’s critical power-grid infrastructure. SRL also partners with outside organisations on joint projects, through its university and government research efforts.</p>
<p>About Symantec</p>
<p>Symantec is a global leader in providing security, storage and systems management solutions to help consumers and organisations secure and manage their information-driven world. Our software and services protect against more risks at more points, more completely and efficiently, enabling confidence wherever information is used or stored. More information is available at</p>
<p>NOTE TO EDITORS: If you would like additional information on Symantec Corporation and its products, please visit the Symantec News Room at All prices noted are in U.S. dollars and are valid only in the United States.
Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners.</p>
<p>Media Contacts:</p>
<p>Jasmin Athwal</p>
<p>Max Australia</p>
<p>+61 2 9954 3492</p>
<p>Debbie Sassine</p>
<p>Symantec Corp.</p>
<p>+61 2 8220 7158</p>

Most Popular

Editor's Recommendations

Solution Centres


View all events Submit your own security event

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts

Media Release

More media release