Choose from several options for complete web, email and data security.
Evaluate Websense products by watching demos and installing evaluation software.
Learn how Websense solutions help keep our customer safe, secure and productive
Get information on product updates, support resources and more.
Get the most out of support in five simple steps.
Find tools and assets to help sell Websense solutions.
Come work for the global leader in unified information security.
we want to hear from you >
Today, web security threats are quickly shifting from signature-based threats to zero-day attacks, exploit kits, dynamic bot call-outs and many more. It’s absolutely critical that IT security teams stay ahead of cybercriminals with defenses that can analyze web traffic and threats in real time. That’s where the IDC MarketScape for Web Security report comes into play. Recently released, this report includes all major industry players. Below are four ways this report will help...
Recently, Blue Coat announced the end of support for Websense in the next version of ProxySG (v6.3) and noted that affected customers using Websense need to migrate to Blue Coat WebFilter. The announcement incorrectly states that Websense was not providing updates and support despite recently working together to solve a customer issue. Websense fully supports its integrated product versions and has an open offer to Blue Coat executives to integrate its real-time defenses to increase the security effectiveness provided to joint customers.
The ‘net-net’ is that Blue Coat, at its sole discretion, decided to end support for Websense, thus removing the option for customers to protect their networks with market-leading Websense® web filtering. The Websense solution is backed by the Websense ThreatSeeker® Network, which is now linked into Facebook and its more than 800 million users, plus the Advanced Classification Engine (ACE) with its multiple defenses and real-time composite scoring to detect advanced threats and stop data-stealing attacks.
Over the years, Blue Coat has been challenged to develop product solutions on two fronts, one being web security and the other WAN optimization. Resources at Blue Coat are limited, and trade-offs have to be considered: Blue Coat had seven product releases over the past five years, and they were focused on WAN optimization, not security.
Security advancements in ProxySG and the underlying operating system SGOS have been few, if any, per-product release cycles during these years, including the most recent release v6.2. An example of trade- offs includes changing SGOS v5.x to allow non-compliant protocol traffic by default to make WAN optimization deployments easier at the expense of security. The other side of release cycles is software testing, and that can be a major bottleneck and delay in time to market (even more so when building WAN optimization into a web proxy). In order for Blue Coat to sustain advancements in ProxySG for web security, they have to try to do more with less.
Removing custom SDKs that support market-leading web filtering is one way to accomplish this objective at an expense to customers. The result for Blue Coat appears to be less code, less testing, less functionality, fewer support issues, and faster time to market for a release cycle. For an organization facing escalating feature requests from customers and declining rankings in analyst quadrants, they are faced with cutting back to the basics and trying to move forward. The big question is if there is enough runway to lift off and change the downward slide in web security at Blue Coat.
Pease read the following document here to read why you should consider Blue Coat as a tactical solution and Websense as a longer-term strategic web defense.
In the first two installments in this series, I talked about getting rid of the FUD around APTs and why they should matter to you, even if you aren’t a government agency, or one of the biggest companies on earth. Now let’s get down to the controversy that is consuming a lot of bandwidth in security circles: What is an APT and how is it any different from older malware attacks out there like botnets, blended attacks, and standard binary-based viruses? So much is written about the topic, yet many people don’t really understand it and are just rehashing an old topic under a new name.
The jaded folks in the security community say that all of the talk about APTs is FUD because true APTs are very few and far between. I beg to differ. I’d say that the APT buzz is not Fear, Uncertainty, and Doubt but rather Fear, Certainty, and Damage.
Let’s start with what makes a “true” APT (all examples are real)...
Early last week I was a guest of the OWASP San
Diego Chapter who invited me to give a presentation on the Top
Ten Web Hacking Techniques of 2010. An audience of nearly 50 filled
the room, graciously hosted by Websense, and was treated to a sushi and sake
dinner while I described and demoed the last year's latest research.
For those unfamiliar with this top ten, every
year the Web security community produces a stunning amount of new hacking
techniques published in various white papers, blog posts, magazine articles,
mailing list emails, etc. Within the thousands of pages are the latest ways to
attack websites, Web browsers, Web proxies, and so on. The Top Web Hacking
Techniques acts as a centralized knowledge base, a way to recognize researchers
who contribute excellent work, and digestible way for the community keep up
with the latest trends -- a look forward.
After the presentation I got the opportunity to meet many new people and learn
more about the things in Web security that most interest them. Lots of chatter
about where OWASP as an organization should be heading, conversations about the
latest hacks in the news, what various Web security vendors are up to, and of
course, several personal appsec projects. If you are in the San Diego area and
interested in the subject matter, you should really consider attending.
Google announced a number of new technologies as part of their Google Inside Search Launch (http://www.google.com/insidesearch/). One of the more interesting elements is their idea to speed up the Web with something called "Instant Pages." The basic idea is that they are taking their ability to correctly guess what a user is going to search on, and pre-loading the content from the origin server onto your local machine. Apparently, this will only work with the Chrome browser.
On the challenging side, this leads to some interesting exploit scenarios. In the past, search algorithms have been duped to have malicious pages show up in results. In those cases, although they are dangerous, the user still has to click on one of the top results to get infected. In the new scenario, the big question is if a user can be exploited by simply searching, without even clicking on a link.
Though Google has assured in a subsequent interview that they don’t believe this will be an issue due to several aspects of their technology, there still exists an interesting possibility for exploitation of unsuspecting users, as SEO poisoning continues to be an ongoing problem. Remember from our 2010 Threat Report, searching for breaking trends and current news represents a higher risk (22.4% of search results poisoned) than searching for objectionable content (21.8%).
In slightly related news, Google also announced voice recognition to search. It will be interesting to see how the rogue AV camps will also be utilizing this to their advantage in the future.
commented on the initial APT post: I hope you don't spew marketing hyperbole else this will turn dull rapidly. Don’t worry. We are going to stick to the facts. In this piece, I want to separate from the buzz around these attacks and talk about why you should care.
We’ve heard from a lot of executives, “What should we do about APTs?” There is a high level of concern from large organizations with serious IP (like source code) that they know others will try to get. But there’s also a large group that thinks, “I’m a $10M manufacturing company, in Ohio. I don’t think Chinese or North Korean hackers are going to be knocking on my door anytime soon.”
And, they are right. (read more)
Hacker is a term used to mean a variety of things over the years, and as a catch all name for ‘bad guys’ perpetrating cybercrimes it’s pretty well accepted. Most people are unaware that different meanings exist when we say hacker, and it would be reasonable to ask why should you care? However, in understanding the motivation and objective behind your ‘hacker’ - you may be in a better position to plan an appropriate defence. Malicious hackers can be broken down in to 5 broad classifications, which we will explore in a series of ongoing posts. The first type we are going to explore are "Script Kiddies."
1. Script kiddies
Who : This group want in on the action. They are usually thought of as barely shaving malodorous teens, hacking late in to the night, drinking pop and eating giant bags of crisps. Remember the film "War Games"? Despite the fact that it’s nearly 30 years later the resemblance is just as popular as ever. Often they break into computers using programs written by others, with very little knowledge about the way they work, other times they are flexing their newly formed cyber muscles.
Why: because they can. These are not the hardened criminals of the cyber world - their primary motivation is not money – it’s bragging rights. It’s all about proving they have the skills or hacking for the sheer thrill of doing something naughty. At best they're a nuisance, at worst they are honing their CV for a future career in cybercrime.
What: In 2009 an 18-year-old hacker hijacked high-profile Twitter accounts, including Barack Obama and Britney Spears. He gained entry to Twitter’s administrative control panel by pointing an automated password-guesser at the account of a member of Twitter’s support staff, giving him the ability to access any Twitter account by resetting the password. Realizing he hadn’t used a proxy to hide his IP address, potentially making him traceable, he shared the knowledge with fellow hackers so they could hack the accounts instead.
We'll continue to look at other types of hackers in future posts. Stay tuned for more Insights in the coming days.