Symantec (NASDAQ:SYMC) has revealed the inner workings of Norton Insight. This is a Big Data approach to security and is likely to produce better security products for the company. Norton Insight started collecting information about co-operative user files back in 2006 based on factors such as age, prevalence of a file across users and other metrics. It then analyzes the files and determines if the files are actually malicious in nature. The software collects data only if the users opt to be a part of the Norton Community and then sends back an anonymous audit of user files to be analyzed. 
Big Data Solves A Big Problem
Millions of audit reports go into the Norton Insight database, which is then analyzed for patterns. So a file that appeared for the first a few days ago on just 10 systems is much more likely to be a malicious software than a year-old file that’s found on a large number of systems. The former is classified as a “polymorphic virus”, and Norton focuses on monitoring the suspected file.
The system has been building a ‘reputational’ database which consists of the type of files hosted, the reputation of the website from where it was downloaded and other criteria. This has lead to a massive database which Norton is beginning to leverage. This system can be used not only for anti-virus, but also for mobile smartphone applications such as anti-theft software and prevention of phishing.
This also helps in fortifying its latest product – an anti-virus that scans links shared over instant messengers (IMs). A significant percentage of links shared over IMs are malware, and this database will flag down links sent to a user that leads to a less reputable website.
Norton AntiVirus Software is the second most valuable division for Symantec and constitutes ~35% of our current Trefis price estimate for the stock.
We have a $ 22.42 Trefis price estimate for Symantec, which is about 40% above the current market price.Notes: