Google claims that security is an integral part of all their operations and that they practice vulnerability management by tracking and following up on vulnerabilities and by scanning for security threats. But exactly what antivirus does Google use to scan for those security threats? How does Google guard against them?
According to Google, they use a combination of commercially available and purpose-built, in-house tools. Some examples of their in-house security tools include HTTPS and transport layer security encryption, a highly secure cloud infrastructure, blacklists of malicious websites to help users know that they could be navigating to malicious URLs (blacklisting is when a search engine removes a website from its index), and secure email technologies that provide protection against phishing and malware attacks. Google’s Virus Scanner for example, uses Google’s secure cloud infrastructure to scan for viruses and spyware. VirusTotal, which Google acquired back in 2012, is another good example of a Google security tool. VirusTotal is an online service that aggregates and uses antivirus engines and website scanners as well as blacklisting services, for the purpose of analyzing files and URLs and detecting malicious content. There’s also Google’s Safe Browsing extension. The Safe Browsing extension is used to blacklist URLs of websites that are malicious or contain phishing content. The browser also helps prevent unauthorized changes to a user’s settings. And then there is the Chrome Cleanup Tool, which scans for programs that can cause problems in Google Chrome, and alerts users if any are found.
As to the commercial antivirus solutions that Google uses, there are a few different brands. For example, in addition to its own technology for protecting against malicious links, Google also uses Microsoft’s Windows Defender antivirus scanner to protect users from phishing attacks. Furthermore, Google’s Chrome Cleanup Tool, which notifies Google Chrome users when it finds potentially unwanted programs (PUPs) or malicious software, is powered by ESET’s malware detection engine.
Worth noting as well is Google’s Advanced Protection Program, which theverge.com explains is intended to bring “increased security and protections to high-profile Google Account users like journalists, activists, politicians, and business leaders”. Users have to enroll in the program, but once activated, it will provide additional security safeguards for downloads made in Chrome. If a file looks suspicious, the user will be warned or the file will be prevented from downloading.
A word to the wise…
Even though Google uses several different cybersecurity technologies, by far the smartest approach to protecting your computer and data in the current climate of cybercrime is to install anti-malware software in addition to using Google’s own antimalware technologies. While Google’s cybersecurity technologies are effective, they don’t detect many of the malware that antivirus solutions do detect. For example, the Chrome Cleanup Tool only scans for programs that are deemed a security threat in Google Chrome. Hence, it is highly recommended that anyone using PCs, businesses and consumers alike, also install powerful antivirus software.