Secure Web Gateways Fail to Prevent Malicious Attacks
Of 200 billion total communications observed by Seculert, nearly 5 million attempted malicious outbound communications were from infected devices.Eighty percent of secure Web gateways installed by Fortune 1000 companies miss the vast majority of malicious outbound communications, according to a report from attack detection and analytics specialist Seculert. The study examined a subset of its 1.5 million user base that included more than 1 million client devices that had generated more than 200 billion total communications from Fortune 1000 companies in North America. Nearly all the environments studied were running sophisticated perimeter defense systems, including a secure Web gateway and/or next-generation firewall, an intrusion prevention system (IPS) and security information and event management (SIEM) software, in addition to fully functioning endpoint protection. "The alarming part of this research is the sheer number of malicious threats that were able to make it through the companies' secure Web gateways time after time," Richard Greene, CEO of Seculert, told eWEEK. "The research found that 80 percent of secure Web gateways blocked zero to two of the 12 latest and most dangerous threats. These are real tests conducted with Fortune 1000 companies, and even they are ill-prepared for the increasing complexity of cybercriminals’ attacks."
Of the 200 billion total communications observed, nearly 5 million attempted malicious outbound communications were from infected devices, and 40 percent of all attempted malicious communication succeeded in defeating their associated secure Web gateway.