Network Security & Hardware - eWeek


Is the Smart Grid a Dumb Idea?
Surgical Adhesive Offers Smarter Way to Mend Bones
Get Smarter Technology on Your Mobile!
  Network Security & Hardware


Websense Launches New Threat Prevention Tool



 By: Matt Hines
2006-10-31
Article Rating:starstarstarstarstar / 0


There are 0 user comments on this Network Security & Hardware story.


Rate This Article:
Poor Best
Dubbed ThreatSeeker, Websense says the software package allows companies to identify threats before they hit corporate networks, aiding in the fight against sophisticated malware.

Websense introduced its latest malware detection technology on Oct. 31, rolling out its ThreatSeeker application that will serve as the technological foundation for all of the companys security software products.

As Web-based threats have shifted away from traditional attacks focused on software vulnerabilities to so-called zero day exploits aimed at previously unidentified flaws, traditional anti-virus and intrusion detection technologies have left users with inadequate protection, Websense officials maintain.

By utilizing a vast network of data mining machines, along with some 100 proprietary processes based on a combination of mathematical algorithms, behavior profiling and code analysis, the San Diego-based company claims that the technology can identify zero day threats and other attacks before they show up on corporate networks.

Websense ThreatSeeker promises to find and block such threats, keeping corporate networks protected long before anti-virus vendors are capable of responding to attacks with software updates.

The first products to bear the technology will be the firms latest network security filtering applications, Websense Web Security Suite version 6.3 and Web Security Suite—Lockdown Edition version 6.3, which are expected to become available sometime before the end of Nov. 2006.

Resource Library:

Sometime in 2007, Websense also plans to launch a data leakage prevention software package featuring the ThreatSeeker technology.

The company said that ThreatSeeker has already aided in the identification of several major attacks, including the recently reported WMF and VML zero-day exploits that targeted flaws in popular Microsoft products.

Since Websenses products are already used by a number of Internet service providers, the company is using the technology to get an eagles eye view into emerging attacks as they propagate on those companies own massive networks, said John McCormack, senior vice president of product development for the software maker.

"With all the new attack vectors emerging on the Internet, its hard to know where to look for the next big threat, and many Web-based attacks are becoming vehicles for other forms of sophisticated malware such as rootkits," McCormack said.

"Running on all these massive networks, we can use ThreatSeeker to identify network anomalies long before it is even clear whether the activity is actually a threat, and that gives us a significant advantage in identifying attacks and protecting customers before the exploits arrive at the network."

Websense claims that the technologies used in ThreatSeeker effectively scan between 40 million and 80 million Web site URLs every day looking for unusual activity that could indicate an attack.

The firm estimates that roughly 35 percent of all malware attacks are still generated online by compromised sites whose operators may have no idea their URLs are being used to deliver viruses and other threats.

Click here to read about one expert who thinks anti-virus software is ineffective.

Among the features in the new version 6.3 Websense products, due out in November, will be tools that allow IT administrators to see which employees are most frequently visiting compromised URLs to help companies warn users about putting their operations at risk.

Company officials said that the firm currently has its new products in pilot tests at six companies, one of whom saw its network absorb over 10,000 hits on sites bearing the VML exploit over the first 24 hours they ran the program.

While anti-virus and intrusion protection software makers, namely market leader Symantec, have been battling with Microsoft over the PatchGuard technology being added in the 64-bit version of the companys upcoming Vista operating system, technologies such as ThreatSeeker eliminate most of the need for technologies that access an OS kernel, McCormack said.

"If the threat never gets onto your network environment, there is no need to worry about who hacked the kernel, or about the need for products that do so," said McCormack.

"Trying to protect the desktop by accessing the kernel also has a high rate of false positives, just as many as traditional intrusion detection technologies."

Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.



  Reader Comments: Websense Launches New Threat Prevention Tool
>>> Be the FIRST to comment on this article!
 

 
 
>>> More Network Security & Hardware Articles          >>> More By Matt Hines
 


x}r۸j9kmYۑR%Z-/KWRJE1Er͜ 7]hɗLf8[¥4F7?I9wur5g6%SE]"I~xCȾpR/IzA)v@{iFu;ApTod>B_'Щѩ€dB$k7tLߨT@ƾQ8F Lbh;&qGXC< tWӺ#A8i @I>b(ޗ#Ѻ!YQy_HږyD6EGJߣ"C7 ݩHr6Cd*Fӽ<t/[h  #k|E=x:Q/M+l}~HkNmW ,ȓڭBx)BX/!bB]߂KCI%_q@ؓthm5b'b#Q^]õ]&R,R͌eCwt=PzOMҳBCLH6}~8IZQOK.m4ZNtfOl+qtR8E[5G0m_k|uv3<$3~5 CoZ KUKozcnćK(p}=\'tT/`_eY7;Ͱ-P6#M-ey+-trf_,\\hӷF}s\(U0> n0up;\rz𺮕u=yظ} aod}#1U% ZJG4_::&N{_ xZj9?(iv$ڑ1{P$!hI#F/XTU9@b9-Ҿ췯;6OΎ;S$IJ1<jUӀ*H ~Jw3Bz 7Ke{#kj윴{H ܙOtHMWh:s0+Nկ7#>o &w"rVJZ@R o~juOdBRdt"˭~qN X(-t[ۗRH3}c-AX*V0Uhf5 x CX&%94ɔcPu t:C;|sNm҄& )B!aJC`u{f '@̀kfPXDa4R 9jbsvf+M_,|y"* b4rݠQs>Lˊ&o#> yfRB(PHQ&&TR]E6\aU<8~uwܬ.U$Դޙ/~<}ޡ:ipnUO^ K/364>hX.B2iK1qKꛫZr~h**rkTQʼnt :2h bXP7HaQ/ogtB`:)ѧOiͦ8Ԉ$Q}QMޣ8BݘXI70i;O޺zN ufo/AbC ZSxv*z$t@ hA'rkJ7.[A0? ; O`r]; hk = Dy+wCP@b,{DM`#πYC2/t~[>lP3ţ q0y z[ dSJJds4.'H(BHP!9[h ]99 łQ~=zZOk2['5\xB#\RG=7Y }T[h+\KJAfkf(2{~6 cfBd '&Xr`Y \+|)l 6ʑTj鈦 2,q>xf&i NHZ:' 5$!.a*b٢SX9` c߽pIϵ(a5ÂҊUsƾ kG~G-- ݜZl'1!B~aY&4B 7q9yE"yR!+=Ͱ'q_G;oozjv#*FKMzJ);m9\Лv!s9n! xW.Y 2gxRUnyQtʜ*PXY2^n26=MJ<§"ǰA@7Z`N)^\IIcНn!D )z٦ll.s-ʭD֒e]{_Fo6ziZZ @-eY m-ًVX4ujQWt0:TdmցbZNJ(J>.1A/aڵ(&uj`bE %UVLLXkX)Z5Y2g5klP!/Ȁ2(这l؆ Yj6<:O\y~o:(*'lx=JeכA'h [BSkj 3-  o_׆eK,|1tj|Y9/m {}aWlJs5&AlE"}a$'jL?pd٠/R=:Ŀuouj1ՃE 4ǢRVJ~F[d"vd6˰A\m#Oa+IFUmcB_w;$!MԞ&KRI}&Xk4y}c"qVxxGC Ez .҈ Z 0DrIab H$*UtH`m`R@:khRUxC@^qv WJI:NeH=j|4nj}32 Y ΣYVJj alhU-WjU{m|8=ehLQ8pG#}y >W&ۛ~qj ,4,~RAT}f6݂ /]rϙ4|pZMNYvQOs!au0:?r9GhӐBD@6O*G%+vr4 q\3@$ڲcvq :N (kp;kM?3%NJt( ҹD\S4Uudջe(b Ո=G:DXpBESzڬ,t[4EvκԲ)짥Vt u _sM-WG$ ؈SGL2>L:k}Y\WAWӪ󂠱,mcD H!#2!Z Gk0h-;Z'pLj'+ %ԔJkf+sJLWJ3EYjzruƥ!IXyE3is}":s-_M0-,S\w!JԲT,[5V-03FH]-fMfr/cS>/#W5o HBO"+>aFL:\+l?g̦LSG_;(@X#cJx}3On~Uc/|o,,n1y%Ŵ@(<0}T3wJ>6 ihdnhAE+5W}zCdCzez%އ3?Ve e}XTJRճ(I$ {2 t9t=d}[cՏ'8,*z)ODʌiߐ@ڨO( ] k8ỸĤX'Ce"[0dy lSJ_ũZ{RS+GF)O "U!T>xc_7)~(\{C>km {~B>\XSQ Z7M~TUJJЛ'aC.FimyB[֒-3qR8-ܟ`"@N|K!ZݼTJerI8MYI {K CK,%.O@^82zf[(4ם7/ V13ecfaK3N)`{iK$#+*ݔ[YjkVR$'I@#cvf?fmE`:Je4q{375uf`#şӜw9s >L7J}MVJ٘ȅe0FPB_}Q{)sܗK@rvZTKU+ ePeDBZNbxpxW !&1ǏWXL\<tKMo$DDOCVn$g'AJ +6ǟM1Ή݋{/ZM}}" }MAUv٭vFf# ;?Jn:!)i{ٗNOxDŽst'_u{~{yHDXyYkeKKxigsj됔Z޿~lI6MF&{fB, 8ݯHvI!3^>ju.I׼mv>G 72wDH4rE]R|{޽Wy-{wD's5BDHλC䄬W!zNfS k3d8)1/xdqH=5),{j_sbAiNZ _Ok-W78Z;ᄝZE_aߪ,$"0.*Vktzĝ}E9{B*Λ+Y9HB `E/ԩ #ADrIGzZFdV{Dw$1^vRⷒoWȘI;GD_q-5kNz<s\1[5n|$=Br^&Q8;=h1ޏH/Gq𽇻"Tc(L,ӤNL)gTxіPxi'sfx!ul0q%ӝOa:ބq?Is6vۺNhAgdJD˃! =)!ښI4g"8J542 eI? U4㓄PV YWɂ#5=۴< .\ۺmDrF]M`l+LZQ!A|J| 9iG e!>RဏqFhEg;y--EU-VYҋs81 ƻ<[V $#rHΊAq{~T=8J;up=q"h9#7ND8ʬSc`Z/u+ɅFfo5w3klyT̴jts2fucBƋ=95iѧ~ǜ ޙi A] j ל{Jn,Y2kӮ" "KI̷E~hSrpn4kҼ?1L۰c$H~"Z0;'|&A1|_M@uQ*3'Iu hJwjinԕŞ`6 ݣvV:}'i?v;޽q¹"CWq:a)`) =4XH!Hn X."2gNIJa'܍zd2 ,f} x3D?,yiҒ919onR;5Ӈԃz4GP$( >A}q.~(R.o.-\*s"5Q#vKr*I·$ȁIV)"y6Kh#jv.bo 14m*z>5SZ~D Rf7UA U h CjΌ {g 0 -4T0h<|nwcLdll81RШ1o٦p P\>n`1 ܭXEc ,E '@:hHx?f2gƩK fp;vԲCvYprOٜxf)=<> IhuV , Qe+rkԑ|' V1`\wp2N0 HGǯ+ԋ]`."6^Wl= mAIOp3( aJbE)^⋈nTN]x 60- hk"]6-G;){ 4NQr]+p~7ifs 0bVrPh%F({: ӓZ10+QX1Ƀb (3^-$I^M\`]*i;\3>8kg:&" %ġ$vԕ7Z[s}VIfIEoAO1Jw<SS't㍦B6s2UޮϑzgW« RWI0j%{=K5G<ܛ0 Yd)9_<۵ N,5 ֔*~[8!>8C%"h1p$BG s}H0RѪ%3%*']RIۯT9IHב8D 1 Mʳ$hl[c{96%g3KW.^>BJ} :@#և"EAX=EX$ŀ}I)?;ċGXL u1&bYgaTNj b!΀|[c]{66/T$$Sy<?Ax?5eo7t#=ڗc\ ,eY4::~ވt&v9$@H^^Q)g`z[/вҦX}1Z.f. F$AOć@$hIjZtDٶ: H.#@:8 ( ^bGR 1:iɡ=}1{^z<.vƲɬk~E`/nnnnrVy3W/h|3j-Z;Pw`i:q: UCW'Qu«.L'^ ;Cml\ti~k&mnĝPmc& w TJHr}i°"-?%=$gK8H"F*@R|SB?۶1}M*%t MbI`4l,HQoGt0 Dx0Ri٭VlOR' Dl{ͬ78|VtuwiB V~ gw`6jcÂNzDÜ4E^PKKgY]# ab(,gK&HᴢB`U5}m)2Jxt Rjm c e*a`ܷojA7)VCX4[ [ [ [ ukaY"´ h-?tC?ȶ>2qN\X {6&}UO0},`/AŸK,+'U }/ԲtqF 6]Ϧ} j = ҷGG"Bcol[ hST0˨QKXߟQa^>)|v|NT0P{a- sI`q,'Rs#%#ؾ˛4iz,&Bor#k=Fg=#"<#"l1e_~\J; w3rE\šxr/l^@yRt6nVp Cs!W (B{ӱ66-U|廿R#L|*F0Ll8t WƘvFc\7ƚ(Gt9rBcgm_>T4wezjV7H 䎽3bSş ezxz))lG "K&5\q4(.`3, ^J15ǜS@r\(.HQ,:+Ȓ~y=_@֋+ nM"rRI$zTG)(r$RM ~Ÿ\ 6L}ZSLx!Vi ?l =>+Vn&z+ֻx z2[o^;C'ܬDME- ܮ:"-!5&<^, 2TXX<;\ }y >tkil͌/ '3"UX5\h 0>?4-C~e3{TϑVRjR;";М}yjMSZm_ܧF(+*`r`J#)5rs5ra@C &dڣGFy`岶_U2#o='Ml֠[֔C\b9_>PP.%(7_跔_cG~$ <z9~Z2ۍ+9QHJWɂR8P NHtz= n5HX#E|NgNt}NT톫$õ6nOt@EP]/0Ǐ~msΩ 3r1Zt%'evx/0L|eUx[hhwyl4&n'X蜜Xp,G"y԰t\|G,_[FFV9HF6ވڳb }\T\S=@!_=P]LvuMh%Mf]hRW1hA1e{9Q/@@L5A H iYr'&G>.Uv/>QHE)RGZS9ߕ߉t[6gZ [t MH60* >#7AG6p<|UR*=U+&=yhp ̊X/LKt4*:_>m;=TzLfROa gLN_ _ݰ,VI mydi#ȓ+2 1hl/uhߴsrپ靷u-<IdP^[H{)}ڎ.݅as>z4xiwԘ81>֐T ]\VZA; #x7tX$l9m1qN;+!OfC.7,x:LZP4pL巷F}(%tcDTw.sOaHP-S˞bX"bZ1ֈXQ? ~1&v+Ÿ&,s@אI4alo9b|>Fc (ZU,@S,F29C׆(c^jI)͕$)|mf㽂) '.h`̃2sEܹez?>Oe~rm6Z!s=KjttˑQ({b:+M u?؃3ɏWHݜ(8&;$%Ѕ8h,-@"!9͉Jk"} 7þޛXF #~aЇ9\ 3+z+5H):PJ|+V0cU-+_cP|&w^7+Dz+YT( I+}*w4 }:'s;cP'rڽ&Mrznއu^yo2a[+M|폺UwO'ݫOu_hZ>|i%RNA/|veQȉkH7 >r:h) /BJs@AC|kO{.4"Je@9!}Ng OZN~9H-A'O?9yw NqYiVN>?t.s{9 sVE\/r/~/r{"g@9yyCȣ9s ,' ȿɇ̙K̙..ȟn|ȗ+W9~s匿匿ϡ _?}}ȡ1/1g|sw7y@79{wCNr!oY 7NOops˅q+ /Wa uy9@~N͡ lcr\) Sҿ72~6RA?wNBh\jvr+.g޲eUvYAΰx.6Q^/TZ+d{xQ!e3l>@#؞y#uO'cFWV#ﹺ d^){WrMmhӉ{Z=Ě>/Yy* u!ȁ>l Dd4k{cHO|\~zK[,F$q\37]x6pY7F@qLzuҚ>ϼ8ţd?/ݹgֺ+ +$kày%k"N\ivSZBi3q* 7íEy2W8 [Nhj azם'uCחU]%:i>R*R#Ӏe`rPޯL3DAI3 .3M^ed FMȡ!,pCFJ-@ Px>[һcE(|+cAV7/Z ~*^v:i؏x qS蛹e||;ۈ->~Llrb rg  L&ʠbCa4%uv[F8|-35,>8MqkI%D4;o0m&Z=*ȁJ=CY%' e]<X!W KD|&ߢ*uϺ U/Axe ,A3˸ 2d jJrXwND{UYry{ dgS#X.42GWX{aw;./ ] nxNo$]m8[L}f'-&7.ĈkK$ fLdf>/n3 &F`ƠQ^I01,Hm7gBoaXkt rV7Bfg+΃>0̦IW"nCr';3Yorf`)8ˏ CqyvwʹXiQgQ",x`A[V`5c3.tAu{z!_L)8´ dd3b=(ul71-dt{z$[ {{!f7@Mx +˄IRg^+%J"$EN$Nx!`-C}1L9 H|\k֊<#!1苄IMC ;Vj͙*u9wɰ\\,AOd=:v]!>cFGoE%2JXHVKPsHOmM\5n\{&lc/X0E# /mcf\gHQ.xO?Rb Ռ]#|F+௚3qyU (p6d+D~!-|0^ R Xsmqu4{tߘHmgXL "a+/"^= ' _H6GD!IYбߞR DY"Ntx>= |^ZQؖ{@6awW;QW"YV ȤI񿄯zH,戔ĺSAaQY YJ>= 6T@|- %;6HDR}J0I'6}Fu;H'"O j;;1Te]XaiѶY Qo~l^(#kLk,>iЄ.^p륎PhU|>cy '3xu!AY9-_S!0p,\f hl}π XsCQ%7 }ݟ+Hʍtd/ASt+ 6[ '"u7m˴>u¹">UXJَR h,8/# kl? ƝOQ -91,"I=>5Gy@t ] D pymx:" cVBR}P?(:NOes{Z J_Ho"^of4`y%K@04{WQ5+E<]8ٱ>s/FAĂ'g