system
24
They’ve been doing predictive analysis to redirect/block requests to malicious domains… Blogged about their efforts against cryptolocker about a month ago:
http://labs.umbrella.com/2013/09/25/ripple-effect/
Not perfect, but another layer of protection…
Edit: I guess I should mention that they’ve had a low trust thing for a long time against random character domains (that are at least now a common method of hosting malicious code)… So if one of these domains suddenly shows up on a heat map it gets noticed and blocked quickly. Again, not perfect, but another layer…