Nov 02, 2014
Internet Security: Malware Update
Jose Bodni
Director, Latin America & Caribbean
Change in Malware-hosted Sites
Blended Threats 1.0
Hacker-Established SitesHacker-established Sites
• Up for Days• Simpler Detection Through:
- Domain Restriction- Reputation
• Some Change in Viruses
Blended Threats 2.0
Legitimate SitesLegitimate Sites
•Up for Days•Legitimate Site Passes by Most Web Filters•Polymorphic Viruses Change
Many Times Per Day•“New” Malware Never Used
Again*
*Source: Virus Arms Race, The Register, August 2009
Anatomy of a Blended Threat Attack
1) Attacker hacks legitimate Web sites and injects malware.
2) Attacker sends emails with embedded links to malicious Web sites.
3) Email bypasses traditional spam and anti-virus systems.
4) User receives email and clicks on link to malware-infected site.
5) Traditional Web filters are bypassed as user is directed to legitimate Web site.
6) User’s computer gets infected with drive-by download and becomes a bot.
Customer Challenge for 2011: Web-based Threats
Web-based Threats
92% Of new threats come from the Web
1000% Increase in Web malware over 2010
84% Web malware from legitimate sites*
*Source: Websense
Customer Challenge for 2011: Web-based Threats
ClientApplications
SocialNetworking
SocialMedia
EnterpriseSaaS
CollaborationTools
MediaSharing
InteractiveSharing
MassComms
WEB 2.0
40-50% Current AV catch rates*
52% Malware dead within 24 hours**
10 billionWorld-wide blended threat emails per day
Web 2.0 Landscape
*Source: M86 SecurityLabs**Source: Panda Labs
Three Major AV Vendors Combined
Real-time Code Analysis
Test: >30,000 live malware URLs
Why Real-time Detection is so ImportantM86 Security Labs Report
Leg 3URL Filtering
Anti-virusSignatures
Real-time Detection(Code Analysis)
Six-in-10 threats require real-time code analysis to be blocked
Traditional Security:Stool Strategy URL Filtering
100%effective
Leg 2 39%effective
Leg 1 3.8%effective
M86 SWG: Multi-tiered Threat Protection
URL FILTERING
SIGNATURE-BASEDANTI-VIRUS
Source: M86 Security Labs Report (test based on >30,000 live malware URLs
*Three major AV vendors combined
Where it comes from?Previously discovered malwarewebsites
What it looks like?Identified malware signatures
REAL-TIME CODEANALYSIS
MALWARE DETECTED
3.8% Effective
39% Effective*
What is its intentions?Dynamically analyzes unknown codes for malware-related behaviors
100% Effectivein detecting known threats and unknown obfuscated malware codes
M86 SWG: Multi-tiered Threat Protection
What it looks like?
What is its intentions?
Identified malware signatures
Previously discovered
malware websites
Where is it?Dynamically analyzes
unknown codes for malware-related behaviors
Block / AllowBlock / Allow
Repaired/Re-constructed web page
Suspect webpage
Block / Allow / Repair
M86 Product Overview
Strong FoundationCurrent M86 Security Products
Compliance
Products
Web Security
Anti-virusMalware DetectionApplication Control
Messaging Security
Anti-virusMalware DetectionOutbound Security
Reporting
Granular ReportingReal-time Monitoring
Compliance
EncryptionData Loss PreventionArchiving
Deployment Options
Appliances Software Cloud Service (SaaS)
M86 Secure Web GatewayUnified Web Security
Award-winning, best-in-breed, multi-layered, on-site and cloud-based Web
security. Patented, active real-time code analysis of inbound and outbound
communication, keeping malware out of networks and laptops, while retaining
sensitive/confidential data.
M86 Secure Web Gateway
Key Features: Web Security
•Real-time Code Analysis•Anti-virus•Anti-spyware•SSL Inspection
Dynamic Web Repair Data Leakage Prevention Productivity & Web 2.0 Control
•URL Filtering Application Control Content Acceleration
•Web Caching
Unified Web Security
Total cost of ownership is reduced by powerful central management with global reach that includes intuitive task-based policy management and drill-down reporting. Integration with existing IT infrastructure is easy for all implementation options.
M86 Secure Web Service HybridUnified Web Security for the Borderless Organization
Hybrid Option for Secure Web Gateway Delivering Mobile/Remote Office
Support, Integrated Administration, and On-site Logging/Reporting.
Business Benefits: Protect Corporate Data
and Systems Reduce IT Web Security Costs
with Unified Web Security System Maximum Scalability and
Availability with Cloud-based Amazon EC2 Platform
M86 Secure Web Service HybridUnified Web Security for the Borderless Organization
Key Features: Real-time Code Analysis for
Mobile and Remote Users Unified Administration, Logging,
and Reporting Automated Agent and Certificate
Install for Mobile Users’ Certificate Management
Manage Cloud Scanners from Corporation Net Policy Server
No Hardware in Branch Offices
MainData Center
Branch Offices
Mobile users are protected no matter where they are
No hardware in branch offices
M86 WebMarshalSoftware Secure Web Gateway
Software-based Secure Web Gateway solution
deployed between an organization and the Internet
which provides easy-to-use, scalable and cost-
effective real-time content inspection of all incoming
and outgoing Web traffic.
M86 WebMarshalSoftware Secure Web Gateway
Key Features: Dynamic URL Filtering Real-time Lexical Analysis Anti-virus and Anti-spyware Blocks malicious Web sites, Spam,
Phishing, Blended Threats, and Anonymous Proxies
Prevents Data Leakage Controls Access and Acceptable Use Policy Controls Streaming Media & IM Web Proxy Caching & Scheduled Quotas HTTPS Inspection Exceeds Compliance Needs
A robust multi-server array with a low total cost of ownership. The flexible and intuitive policy enforcement provides customizable protection from Web threats while allowing detailed control of user Web browsing behaviors.
M86 Email Security and Management
M86 MailMarshal ExchangeInternal email security for Microsoft Exchange
M86 MailMarshal SMTPEmail Gateway Security
M86 Secure Messaging Service Cloud-based Email Security
M86 MailMarshal Secure Email ServerEmail Gateway Encryption
M86 MailMarshal SendSecureBusiness-to-consumer Email Encryption
M86 MailMarshal Service Provider EditionManaged Email Security Service
M86 MailMarshal SMTPEmail Gateway Security and Control
A versatile, powerful and scalable email security
system that is compatible with any network
environment. Integrating email threat protection, anti-
spam, content analysis, compliance enforcement,
DLP and reporting into a single, flexible, easy-to-
manage solution.
M86 MailMarshal SMTPEmail Gateway Security and Control
Key Features: Email Security
•Anti-spam•Anti-virus•Anti-spyware•Anti-phishing
Data Leakage Prevention•Secure information
Content Control•Offensive language•Pornographic images•Protect bandwidth
Compliance•Industry standards•Regulatory requirements
Encryption
Complete control over inbound and outbound email in any environment, resulting in reduced exposure to risk and full email content management. An easy-to-use console, flexible policy framework and reporting tools ensure a high return on investment.
M86 MailMarshal Secure Email ServerEmail Encryption Gateway
Policy-based secure email solution that
provides encryption, digital signing and deep
content inspection of inbound and outbound
email messages.
M86 MailMarshal Secure Email ServerEmail Encryption Gateway
Key Features: Policy-based Email Cryptography S/MIME Email Encryption
& Decryption S/MIME Digital Signing
& Verification Acts as a Certificate Authority Automatic Certificate Harvesting Standalone Installation Operates
With Any Email Gateway Certificate Synchronization via
LDAP
Centralized control of encrypted communication between your company and your business partners. Consistent application of policies ensure that sensitive emails never insecurely leave your organization. Automatic harvesting and synchronization of certificates make the product extremely easy to use and maintain.
M86 MailMarshal ExchangeInternal Email Filtering
Manages, monitors and controls office email
content that travels within a company to ensure
a safe, productive working environment and
compliance with Acceptable Use Policies.
M86 Security Overview
Jose Bodni
Director, Latin America & Caribbean
M86 Overview: Who We Are
•Leader in real-time threat protection and the leading Secure Web Gateway provider
•Over 24,000 global customers with more than 17 million users
• Products:
– Award-winning M86 Secure Web Gateway– M86 Secure Web Service Hybrid, the industry’s
first hybrid Web security service– M86 Web Filter and Reporting Suite– M86 MailMarshal for SMTP, Exchange
and Secure Messaging Service– M86 Security Reporter
• More than 400 employees worldwide
Real-time Security for the Borderless Network
M86: Recent Milestones
• Only company with real-time malware detection for both Web and email
• World’s largest provider of Web Security Appliances*
• Gartner Visionary in both Web and email Security Magic Quadrants
• First to market with solution for blended threat attacks
• First to market with hybrid Web Security Service
*IDC Aug 209
Worldwide Customers
Professional Services Government
Education
HealthcareManufacturing
Banking/Insurance
Other
Awards and Product Reviews
Gold WinnerMailMarshal SMTP
Secure Web Gateway Visionary-M86 Secure Web Gateway
Vital Security = Vital Protection
Excellence in Web Security Anti-MalwareGateways
Secure Web Gateway Product Innovations Web Security Winner
10 Most Interesting Product at RSA
Everything Channel Five-Star Rating for Channel Partner Program
Vital Web Security Suite
Technology Audit: SWG
Vital Web Security Suite
SWG Editor’s Choice
Email Visionary- M86 MailMarshal SMTP
Questions?