Choose from several options for complete web, email and data security.
Learn more
Evaluate Websense products by watching demos and installing evaluation software.
Learn how Websense solutions help keep our customer safe, secure and productive
Get information on product updates, support resources and more.
Get the most out of support in five simple steps.
Find tools and assets to help sell Websense solutions.
Stay informed on the latest security exploits, industry news, research, solutions, and more.
we want to hear from you >
Recently, Blue Coat announced the end of support for Websense in the next version of ProxySG (v6.3) and noted that affected customers using Websense need to migrate to Blue Coat WebFilter. The announcement incorrectly states that Websense was not providing updates and support despite recently working together to solve a customer issue. Websense fully supports its integrated product versions and has an open offer to Blue Coat executives to integrate its real-time defenses to increase the security effectiveness provided to joint customers.
The ‘net-net’ is that Blue Coat, at its sole discretion, decided to end support for Websense, thus removing the option for customers to protect their networks with market-leading Websense® web filtering. The Websense solution is backed by the Websense ThreatSeeker® Network, which is now linked into Facebook and its more than 800 million users, plus the Advanced Classification Engine (ACE) with its multiple defenses and real-time composite scoring to detect advanced threats and stop data-stealing attacks.
Over the years, Blue Coat has been challenged to develop product solutions on two fronts, one being web security and the other WAN optimization. Resources at Blue Coat are limited, and trade-offs have to be considered: Blue Coat had seven product releases over the past five years, and they were focused on WAN optimization, not security.
Security advancements in ProxySG and the underlying operating system SGOS have been few, if any, per-product release cycles during these years, including the most recent release v6.2. An example of trade- offs includes changing SGOS v5.x to allow non-compliant protocol traffic by default to make WAN optimization deployments easier at the expense of security. The other side of release cycles is software testing, and that can be a major bottleneck and delay in time to market (even more so when building WAN optimization into a web proxy). In order for Blue Coat to sustain advancements in ProxySG for web security, they have to try to do more with less.
Removing custom SDKs that support market-leading web filtering is one way to accomplish this objective at an expense to customers. The result for Blue Coat appears to be less code, less testing, less functionality, fewer support issues, and faster time to market for a release cycle. For an organization facing escalating feature requests from customers and declining rankings in analyst quadrants, they are faced with cutting back to the basics and trying to move forward. The big question is if there is enough runway to lift off and change the downward slide in web security at Blue Coat.
Pease read the following document here to read why you should consider Blue Coat as a tactical solution and Websense as a longer-term strategic web defense.
Today, we have some exciting news. Some of you may have already heard about it, because it is big!
Starting today, we have implemented a partnership with Facebook, arguably the largest, most important platform on the globe, to better protect users against malicious links leading to malware-embedded websites and fraud.
A platform as popular as Facebook is naturally a target for attackers. We have been working with Facebook and their security teams for a number of years in order to keep their users safe, but now we have integrated directly into the platform for an unprecedented security combination.
Soon, when a user clicks on a URL that has been posted within Facebook, that link will be sent to Websense for security classification. The Websense® ThreatSeeker® Cloud, an advanced classification and malware identification platform, will then analyze the link in real time. If the destination site is considered unsafe, the user is presented with a warning page that offers the choice to continue at their own risk, return to the previous screen, or get more information on why it was flagged as suspicious.
In this way, we are helping Facebook continue their proactive fight to keep malicious links off of their platform and allow safe use for all of its members.
Read more
I've been meeting with a lot of customers recently, and two things that keep coming up are concerns about advanced targeted attacks and how to deal with the threats that social media bring into an organization.
Now, social media has been around for quite some time, it’s not new. The new challenge is the surprising rate at which it is evolving and the fact that it is seen now as a freight train that IT can’t stop—and shouldn’t try stopping.
Marketing uses Facebook and Twitter. HR uses LinkedIn. Even customer support is looking at Twitter. And a new generation of workers can’t seem to live without constantly being connected—and expectation they bring to work with them. I’ve even had a CSO come out and say, “Even in a tough job market, my CEO says we need to do everything we can to get the best candidates out there. That means access to social media and the innovations that come with it. Basically they told me to make it happen AND keep us safe.”
We’ve been working on things to keep organizations safe on the social Web for ages, but it helps to check in with the world every now and then to make sure we are on the right track in allowing safe access to social media.
With that in mind, we teamed with the Ponemon Institute to assess the social media readiness and risk profile of more than 4,000 IT and IT security practitioners around the globe, and what we found is a little surprising.
In the first two installments in this series, I talked about getting rid of the FUD around APTs and why they should matter to you, even if you aren’t a government agency, or one of the biggest companies on earth. Now let’s get down to the controversy that is consuming a lot of bandwidth in security circles: What is an APT and how is it any different from older malware attacks out there like botnets, blended attacks, and standard binary-based viruses? So much is written about the topic, yet many people don’t really understand it and are just rehashing an old topic under a new name.
The jaded folks in the security community say that all of the talk about APTs is FUD because true APTs are very few and far between. I beg to differ. I’d say that the APT buzz is not Fear, Uncertainty, and Doubt but rather Fear, Certainty, and Damage.
Let’s start with what makes a “true” APT (all examples are real)...
Who: These are the heavyweights of the cybercriminal world. Corporate attack and espionage is a stealthy, organised, funded activity by professional agents operating rather like the legitimate companies they hope to steal from. The worker bees are usually found beavering away with state of the art computing equipment, multiple monitors and the blinds well drawn. While the big cheeses are well connected individuals with fingers in pies and eyes firmly on the ball. Together they make a formidable team.
Why: Big Bucks. These guys are out to target company confidential data which can then be sold on to the highest bidder. There are two distinct categories within this group; one aiming long term using Advanced Persistent Threats (APT) and the other group more focused on short- to midterm financial gains.
What: The APT attack nicknamed Operation Aurora in 2009/2010 was aimed at US high tech companies including Google and Adobe. It was thought to originate in China with speculation of Government involvement. Aurora exploited a zero-day vulnerability in Internet Explorer with a goal to steal IP and modify source code.
Who : This is the largest group of cybercriminals. In another era they would have been found nicking your purse, knocking over old ladies or selling solid gold watches for £10 from a battered old suitcase. These guys have picked up a few skills along the way, nothing too complicated, just straightforward malware, adware or spam. Once they have perfected how to do it once, they do it again and again and again.
Why: Fast, financial gain. The mainstays are fake antivirus programs, manipulating your identity, using your credit card numbers, or stealing passwords. Some make their money through illegal advertising, often paid by a legitimate company for pushing business their way. Cheap pills, anyone? Some members of this group believe they are simply "aggressive marketers." It helps them sleep at night.
What: Phishing and SEO poisoning was used within minutes of the earthquake which hit Japan in March 2011. Emails asking for donations to a rogue cause ‘Humanitarian Care Japan’ did the rounds and searching for the latest news online resulted in several links to malicious sites. Following the link, the victim was redirected to fake antivirus via a "CLICK HERE" button. A warning then appears stating that your computer might already be infected. Whether the "Cancel" or "OK" button is clicked, rogue a Windows OS-like anti-virus interface will popup. The user is then scared into thinking their computer is infected and they must download the scammers' program and pay for it to be cleaned up.
Hacktivists
Who : When hackers are motivated by social, political, religious, environmental or other personal beliefs, they fall under this category. Normally thought of as natural-fiber wearing picketers with hand written cardboard signs or hanging out of trees in protest, these activists have swapped the spray paint for the keyboard and frequently use a variety of software tools readily available on the Internet to get their message across to the larger audience.
Why: Attention. Cyberspace is huge and a perfect platform to carry out their operations. Usually there is no direct financial gain. They are usually content with embarrassing or inconveniencing their opponents by defacing websites, arranging redirects, denial-of-service attacks or information theft/ disclosure. Forms of hacktivism also include web site parodies, anonymous blogging and virtual sit-ins (a variation of denial of service) and they can slip into corporate-espionage mode if it means they can weaken the opponent.
What : WikiLeaks has to be the most high profile example from recent months. WikiLeaks is an international non-profit organisation that publishes submissions of private, secret, and classified media from anonymous news sources, news leaks, and whistleblowers. Its website, launched in 2006 claimed a database of more than 1.2 million documents within a year of its launch. Originally launched as a user-editable wiki, the site moved towards a more traditional publication model and no longer accepts user comments or edits.
Cybercriminals are on the move again. And, this time, Canada is the prime target. IP addresses in China and Eastern Europe are highly scrutinized and undergoing intense evaluation. So hackers are on a quest to move their networks to countries, like Canada, that have better cyber reputations.
It's a little surprising to me as well. Previously, Canada was a place of great beer and hockey (next year, Habs!). But Websense recently conducted an analysis of Canada’s cyber security risk profile, and all trends pointed to Canada as the new launchpad for cybercriminals. For example:
Jump in Hosted Phishing Sites - Canada saw a huge increase in the number of servers hosting phishing sites, jumping 319 percent in the last year. This tremendous increase over the last 12 months is second only to Egypt in terms of the growth of sites hosting crime ware.
Increase in Bot Networks – Cyber criminals are moving their command and control centers to safer grounds. In the past eight months, Canada saw a53 percent increase in bot networks. In fact, Canada scored the second highest for hosting bot networks, when compared to the U.S., France, Germany and China.
Malicious Websites – We’re seeing a trend of malicious websites decline across the board. However, Canada’s decline is tremendously slower, when compared to the countries listed above.
Overall Increase in Cyber Crime – In Websense’s most recent Threat Report, Canada is #6 in the world for hosting cyber crime . And, this number continues to rise.
