Root Cause Analysis is a feature in the upcoming Bitdefender security solutions for consumers that’s likely to change how people think about their online security. We know that cyber-security can sometimes be confusing for non-practitioners, and this new feature aims to shed more light on the impact of attacks from the point of entry until resolution.
Cyberattacks or security incidents happen all the time, but people usually tend to notice them only when something goes wrong or when the security solutions alert that they have done their job. As is often the case, users typically get a notification that a file is infected and that the security solution stopped it from running on the system. But there are some scenarios when it’s useful to know more.
Security solutions developed for companies provide a little bit more insight into attacks. It’s not enough just to block a file or an attack; it’s also essential to know how the attackers got in, how criminals deployed the malware, what it infected, and what would have been the result.
Down to the nitty-gritty
The new Root Analysis feature aims to show users what would happen if an infection runs its course without actually doing so. It is included in every package that offers protection for your Windows devices (Bitdefender Antivirus Plus, Bitdefender Internet Security, Bitdefender Total Security Family Pack or Premium Security). And, while your online experience is protected, you also get relevant information about the infection vector.
The real-time security protection layer is always active and continuously blocks attacks and malicious files, leaving people the impression that the online world is safe, akin to a digital Nirvana. Showing what would happen if the threat slips past the gates helps people realize just how dangerous the internet really is and learn what they should be watching out for to avoid potentially risky behaviors in the future.
How does it work?
Whenever the Bitdefender security solution identifies a threat, depending on the type of malicious file, the application will provide feedback regarding the appropriate actions, whether deleting or quarantining. After the process is complete, the user can check in the Notification tab what exactly happened and, more importantly, what might have happened should the protection layer not have kicked in.
The value of knowledge is hard to quantify, but knowing the path an infection will take helps in two ways. First of all, it allows the users to safeguard against similar future threats. Secondly, it underscores the need for a security solution in an ever-evolving threat landscape.
Please keep in mind this is a rolling release. The new Root Cause Analysis feature will become available to everyone in the coming weeks.