Panda Security


Panda Security

Is the world’s leading provider of cloud-based security solutions.

We were the first IT security company to harness the power of cloud computing with its Collective Intelligence technology.

This allows us to develop and supply global security solutions to keep our clients’ IT resources safe from the damage inflicted by viruses, intruders and other Internet threats at the lowest possible Total Cost of Ownership.

For more information visit


Founded by Mikel Urizarbarrena in 1990 in Bilbao, Spain, the company operated under the name Panda Software for the first 17 years. Under this brand, it became market leader in Spain in 1995 and started its international expansion in 1996.

It currently has a direct sales presence in 56 counties through an extensive network of subsidiaries and franchises. The year 2007 was a turning point, marking the beginning of a new era for the company in which it set out to consolidate its international expansion.

Firstly, it underwent a brand change, and is now called Panda Security, a name that better reflects its commitment to providing global security.

The company has since bought out eight of the franchises it had in key markets and, true to its pioneering spirit, has launched the first cloud-based antivirus on the market.

Products and Solutions

Panda Security offers a range of product lines for companies and home users: security software, security appliances and managed security services. The company has also pioneered the launch of the first antivirus to offer protection from the cloud (Panda Cloud Antivirus).

All its solutions are backed by tech support services manned by an expert team of professionals, available at all times.

Recent Milestones In Technology and Innovation

For more than 20 years, Panda Security has achieved major technological milestones in the global security industry. Today Panda is a solid, internationally acclaimed company with a direct presence in 56 countries.

It protects over 10 million users in 195 countries. Our Mission is to develop innovative security solutions to protect users’ computer systems against all types of security threats. In 2009, notable international opinion leaders acknowledged Panda Security as The Cloud Security Company.

2011: Panda Security launches the first console that enables the partners to manage the entire life cycle of their customers and their security, Panda Cloud Partner Center
2010:Panda Security becomes the first Security Company with a complete Cloud-based offering to provide real-time protection against new and emerging threats with Panda Cloud Protection.

2009: Panda Security launches the first antivirus in history to offer protection from the cloud, Panda Cloud Antivirus ( This home user solution positions the company as the technological leader in this new category.

2008: Launch of a retail product line offering a hybrid protection system: Combining traditional signature-based protection with protection from the cloud, leveraging the Collective Intelligence knowledge base.

2007: Development and market launch of the first Collective Intelligence system: cloud-based technologies able to automatically classify, analyze and disinfect thousands of new malware strains received every day at PandaLabs. This allows the company to respond in real-time to new threats, while other security providers take several days.

2005: Launch of the new SaaS (Security-as-a-Service) solution, Panda WebAdmin.

2004: Launch of the first Host Intrusion Prevention System (HIPS) for all types of computers, workstations or home computers, with TruPrevent Technologies and its autonomous behavioral analysis module.

Panda Technologies

First Generation – Anti Virus
Second Generation – Antimalware
Third Generation – Proactive Technologies
Collective Intelligence – The Next Generation
Enhancing performance
Reducing downtime
Providing on-going support


Founded in 1990, Panda Security is the world’s leading provider of cloud-based security solutions, with products available in more than 23 languages and millions of users located in 195 countries around the World.

Panda Security was the first IT security company to harness the power of cloud computing with its Collective Intelligence technology. This innovative security model can automatically analyse and classify thousands of new malware samples every day, guaranteeing corporate customers and home users the most effective protection against Internet threats with minimum impact on system performance.

Panda Security has 56 offices throughout the globe with US headquarters in Florida and European headquarters in Spain.

First Generation: Antivirus

The first generation of antivirus products was purely based on signature detection.

This generation of technology occupied most of the 1990’s and included polymorphic engines as well as basic rule-based MS-DOS, Win32, Macro and, later on, script heuristics. This period was also marked by the appearance of the first massively used win32 Trojans, such as NetBus and BackOrifice.

Second Generation: Antimalware

Starting in 2000 new types of malware started to emerge, with file-less network worms and spyware taking the spotlight causing massive and highly visible epidemics.

Basic antivirus engines evolved to integrate personal firewalls to be able to identify and stop network worms based on packet signatures as well as system cleaners to restore modified Operating System settings such as registry entries, HOST files, Browser Helper Objects, etc.

It is within this second generation of technologies that Panda Software integrated the Smart Clean functionality into the antimalware engine, designed to disinfect and restore the Operating System from a spyware or Trojan backdoor infection.

Third Generation: Proactive technologies

Panda released TruPrevent behavioural technologies in 2004 after more than three years of intensive research and development.

Since then, TruPrevent has evolved into a set of behavioral technologies that are substantially more effective at blocking zeroday malware proactively without any dependency on viral signatures than any other previous effort in such direction. TruPrevent is constantly adapted to new malware techniques and exploits. TruPrevent was built on top of the antimalware engine. Currently there are more than 5 million computers running TruPrevent. All these computers also act as high-interaction honeypot nodes which report to Panda Lab any new malware sample that TruPrevent flags as suspicious and which is not detected by regular antivirus signatures.

Technically TruPrevent consists of 2 main technologies: behavioural analysis and behavioural blocking, also known as system and application hardening.

Behavioural Analysis

Behaviour Analysis acts as a true last line of defence against new malware executing in the machine that manages to bypass signatures, heuristics and behaviour blocking. Proteus intercepts, during runtime, the operations and API calls made by each program and correlates them before allowing the process to run completely. The real-time correlation results in processes being allowed or denied execution based on their behaviour alone.

Unlike other behavioural technologies, this is autonomous and does not present technical questions to the end user (“Do you want to allow process xyz to inject a thread into explorer.exe or memory address abc?”). This technology does not require signature updates, as it is based solely on the behaviour of applications. A bot would not be a bot if it didn’t behave as such, but if it does so it will be detected by this technology, regardless of its shape or name.

Behavioural blocking

TruPrevent Behaviour Blocking is the second main component. Hackers and malware abuse the privileges of legitimate applications to attack systems by injecting code. To prevent these types of attacks generically it is very cost-effective to use rule-based blocking technology which can restrict the actions that authorized applications can perform in the system.

KRE is composed of a set of policies which are defined by a set of rules describing allowed and denied actions for a particular application of group thereof. Rules can be set to control an application’s access to files, user accounts, registry, COM objects, Windows services and network resources.

Genetic Heuristic Engine

“Genetic” technologies are inspired by the field of genetics in biology and its usefulness to understand how organisms are individually identified and associated to other organisms. These technologies are based on the processing and interpretation of “digital genes”, which are represented in our case by a quite a few hundred characteristics of each file that is scanned.

The Genetic Heuristic Engine was initially released in 2005. Its objective of GHE is to correlate the genetic traits of files by using a proprietary algorithm. The genetic traits define the potential of the software to carry out malicious or harmless actions when executed on a computer. GHE is capable of determining whether a file is innocuous, worm, spyware, Trojan, virus, etc.

What is Collective Intelligence?

Collective Intelligence is a security platform offering high-level protection in real time, exponentially increasing the detection capacity of your antivirus.

It leverages the knowledge in the Panda Security user community and allows enormous quantities of malware to be processed, delivering mega-detection capacity while reducing resource consumption.

To make the most of all the advantages of Collective Intelligence and increase the detection capacity of Panda Cloud Antivirus, your computer must be connected to the Internet during the scans.

Collective Intelligence. The Next Generation.

Today there is over 10 times more malware being distributed than two years ago. The obvious conclusion is that a security solution must detect 10 times more malware to provide adequate protection to users.

According to a report prepared by PandaLabs, 72% of companies and 23% of home users are infected even though they have protection installed. In the case of unprotected users, the percentage of infected computers is 33.28%.

This data confirms that traditional solutions are no longer enough (you can view the full report in PDF format Collective Intelligence – Panda Labs Report).

While a fullfledged HIPS solution raises the bar substantially by detecting and blocking most of these with proactive technologies, it is still possible for unknown malware to slip through its defenses.

The Collective Intelligence approach is initially released at the end of 2006 in limited pilots with the objective of being able to reliably detect “10 times more than we are currently detecting with 10 times less effort”.

The pillars of this new system are: Collection of data from the community. The system centrally collects and stores behavioral patterns of programs, file traces, new malware examples, etc. This data comes from Panda users, and from other companies and collaborators.

This wide capacity to collect information provides higher visibility of the threats that are active in the Internet.

Automated data processing. The system automatically analyzes and classifies the thousands of new samples received every day. To do this, an expert system correlates the data received from the community with PandaLab’s extensive malware knowledge base. The system automatically returns verdicts (malware or goodware) on the new files received from the community, thereby reducing the tasks that PandaLabs must carry out manually to a minimum.

Release of the knowledge extracted. This knowledge in delivered to users as web services or through signature file updates.We have developed and deployed a few services already that function purely based on the Collective Intelligence platform. These online services are designed to perform indepth audits of machines and detect malware not detected by the installed security solution.

For consumers and stand-alone PCs we have deployed NanoScan which scans a PC for malware actively running and TotalScan which performs a full system scan of the entire PC, including hard drive, memory, email databases, etc.

On the corporate front the requirements for performing and in-depth malware audit are more demanding. Therefore we have created a specific managed service called Malware Radar.

Thanks to this service companies can quickly perform complete audits of their entire network endpoints to verify their level of security, pinpoint non-detected infection sources or to unveil executive machines which have been subject to targeted attacks.

You can download a more detailed report on Collective Intelligence.

What is the cloud?

Cloud computing is a technology that allows services to be offered across the Internet. The cloud is a term used metaphorically around the Internet. Panda Cloud Antivirus heralds a new generation of security and antivirus services, in line with the trends of cloud computing: Cloud Security.

Panda Cloud Antivirus connects to the Collective Intelligence servers in the cloud to protect your computer, without requiring traditional updates or penalizing the performance of your system. Now all knowledge is in the cloud, and thanks to Panda Cloud Antivirus, you can benefit from this.

What is the relation between Collective Intelligence, the cloud and the community?

Collective Intelligence, the cloud and the community are the cornerstones of the great detection capacity of Panda Cloud Antivirus and its minimal use of system resources. Collective Intelligence is a security platform with database servers hosted in the cloud, storing all the information needed to detect and neutralize threats on your computer.

These servers are fed with information provided by the community of users about virus detections. Collective Intelligence processes and classifies all this information, allowing Panda Cloud Antivirus to consult these servers and maximize detection capacity, without affecting resources on your computer.

This way, Panda Cloud Antivirus can detect millions of viruses, much faster than if it had to depend on traditional updates. Your computer will therefore have greater protection without affecting performance.

Thanks to Collective Intelligence, Panda’s exclusive cloud-computing technology, the company’s 2013 solutions leverage the knowledge gathered from the community of millions of Panda users around the world.

Each new file received is automatically classified within six minutes and the Collective Intelligence servers classify more than 73,000 new malware samples every day. These technologies correlate information on malware received from each computer to continuously improve the protection level for the worldwide community of users.

Panda’s 2013 solutions have continuous, real-time contact with this vast knowledge base allowing the company to offer users the fastest response against the new malware that appears every day.

Panda Products