Zero-Day Anti-Malware







The Network Box Zero-Day Anti-Malware engine, Z-Scan, is an in-the-cloud defence shield that provides protection against the latest zero-day threat. Z-Scan operates by continually analysing all the threat information obtained, in real-time, from more than 250,000 virtual honey-pots deployed in the cloud, and releasing its own signatures to protect against these threats within seconds. Because of its fast deployment, Z-Scan is able to provide the fastest protection against emerging new threats.




Z-Scan Overview

The diagrams below illustrate Z-Scan in action, from the first phase of zero-day malware detection, to signature creation and application.


Phase 1:

Malware Detection

Z-Scan phase 1


Phase 2:

Identification and Signature Creation

Z-Scan phase 2


Phase 3:

Signature Release and Application

Z-Scan phase 3




Anti-Malware Systems

Comparison Chart



Network Box Anti-Malware System

Typical Anti-Virus System

Total Engines




Current Signature Total


12 million+*

3,500 - 5.5 million

Malware Gathering

Real Time

Real Time

Batch Processing

Update Technology Used




Typical Signature Creation

1 - 30 secs

10 - 120 mins

3 - 12 hrs

Typical Signature Release Time

2 - 3 secs

30 - 45 secs

Hourly / Daily

Expected Best Response Time

3 secs

10.5 mins

3.5 hrs




Key Features

3 seconds response

Industry best response times of just

3 seconds, which is up to 4,200 times faster than other typical anti-virus solutions.

250,000+ virtual honeypots

250,000+ virtual honey-pots deployed in the cloud, for threat intelligence gathering.

Augmented with third party threat intelligence

Augmented with additional third-party threat intelligence to extend the number and breadth of signatures available.


*For more information and real-time statistics:

Go to Security Response site


Z-Scan logo