Introduction

Symantec has established the largest civilian threat collection network in the world, and one of the most comprehensive collections of cyber security threat intelligence through the Symantec Global Intelligence Network™. The Symantec Global Intelligence Network tracks over 700,000 global adversaries and records events from 98 million attack sensors worldwide. This network monitors threat activities in over 157 countries and territories through a combination of Symantec products, technologies, and services, including Symantec Endpoint Protection™, Symantec DeepSight™ Intelligence, Symantec Managed Security Services™, Norton™ consumer products, and other third-party data sources, generating more than nine trillion rows of security data.

In addition, Symantec maintains one of the world’s most comprehensive vulnerability databases, currently consisting of more than 88,900 recorded vulnerabilities (spanning more than two decades) from 24,560 vendors representing over 78,900 products.

Analysis of spam, phishing, and email malware trends is gathered from a variety of Symantec security technologies processing more than 2 billion emails each day, including: Skeptic™, Symantec Messaging Gateway for Service Providers, Symantec CloudSOC, and the Symantec Probe Network. Skeptic™ is the Symantec Email and Web Security.cloud™ proprietary heuristic technology, filtering more than 336 million emails, and over 2.4 billion web requests each day. Symantec also gathers phishing information through an extensive antifraud community of enterprises, security vendors, and partners.

Symantec Cloud Threat Labs provides the detailed analysis of cloud-based threats and risks, and is developed using data from Symantec CloudSOC security technology, which in 2016 safeguarded more than 20,000 cloud apps, 176 million cloud documents, and 1.3 billion emails. Symantec CloudSOC is the company’s Cloud Access Security Broker (CASB) solution, and is designed to provide visibility, control, and protection for cloudbased apps and data.

Symantec Web Application Firewall & Reverse Proxy scans one billion previously unseen web requests daily.

Symantec Website Security secures 1.4 million web servers worldwide with 100 percent availability since 2004. The validation infrastructure processes over 15.7 billion Online Certificate Status Protocol (OCSP) look-ups per day, which are used for obtaining the revocation status of X.509 digital certificates around the world.

These resources give Symantec analysts unparalleled sources of data with which to identify, analyze, and provide informed commentary on emerging trends in attacks, malicious code activity, phishing, and spam. The result is the annual Symantec Internet Security Threat Report™, which gives enterprises, small businesses, and consumers essential information to secure their systems effectively now and into the future.