Secure Computing Updates Security Threat Portal

A free reputation service will help users track malicious activity and the reputations of domains and IP addresses.

Secure Computing has revised its Web portal to offer visitors enhanced intelligence on Web threats.

The new Web site launches officially Nov. 27, and is meant to act as an alert system of sorts for the Internet, bringing together data on malware with Web site classification, security research and a tool that identifies relationships between domains and organized crime groups. The idea, company officials said, is to provide not only information on the zombies sending out malicious traffic, but to also identify future sources of such material before they begin.

"TrustedSource will note a machine sending traffic hotloaded with malware—our detection techniques from our research labs enable this—and this will be reflected in the reputation," said Phyllis Schneck, vice president of integration for Secure Computing.

Every time one of Secure Computings appliances receives traffic, it sends the identity of the sending IP address back to TrustedSource for a reputation score. In turn, TrustedSource logs the fact that the IP was sending, Schneck said.

"For each IP, URL and Internet entity, we have a multi-year history of behavior … that determines reputation on a mathematical curve, with over 1,000 inputs derived from Web, messaging and malware data," Schneck said. "The system is self-updating, as when a reputation changes, the next query to that entity provides the new reputation and adds to the behavior patterns on file for that entity."

The site includes a real-time count of mail volume as well as for up-to-date information on spam trends around the world. For Secure Computing SmartFilter users, there is an integrated ticketing system that allows them to provide feedback for Web site categorization and other options, company officials said.

Check out eWEEK.coms Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEKs Security Watch blog.