Today, web security threats are quickly shifting from signature-based threats to zero-day attacks, exploit kits, dynamic bot call-outs and many more. It’s absolutely critical that IT security teams stay ahead of cybercriminals with defenses that can analyze web traffic and threats in real time. That’s where the IDC MarketScape for Web Security report comes into play. Recently released, this report includes all major industry players. Below are four ways this report will help...

Recently, Blue Coat announced the end of support for Websense in the next version of ProxySG (v6.3) and noted that affected customers using Websense need to migrate to Blue Coat WebFilter. The announcement incorrectly states that Websense was not providing updates and support despite recently working together to solve a customer issue. Websense fully supports its integrated product versions and has an open offer to Blue Coat executives to integrate its real-time defenses to increase the security effectiveness provided to joint customers.

The ‘net-net’ is that Blue Coat, at its sole discretion, decided to end support for Websense, thus removing the option for customers to protect their networks with market-leading Websense® web filtering. The Websense solution is backed by the Websense ThreatSeeker® Network, which is now linked into Facebook and its more than 800 million users, plus the Advanced Classification Engine (ACE) with its multiple defenses and real-time composite scoring to detect advanced threats and stop data-stealing attacks.

Over the years, Blue Coat has been challenged to develop product solutions on two fronts, one being web security and the other WAN optimization. Resources at Blue Coat are limited, and trade-offs have to be considered: Blue Coat had seven product releases over the past five years, and they were focused on WAN optimization, not security.

Security advancements in ProxySG and the underlying operating system SGOS have been few, if any, per-product release cycles during these years, including the most recent release v6.2. An example of trade- offs includes changing SGOS v5.x to allow non-compliant protocol traffic by default to make WAN optimization deployments easier at the expense of security. The other side of release cycles is software testing, and that can be a major bottleneck and delay in time to market (even more so when building WAN optimization into a web proxy). In order for Blue Coat to sustain advancements in ProxySG for web security, they have to try to do more with less.

Removing custom SDKs that support market-leading web filtering is one way to accomplish this objective at an expense to customers. The result for Blue Coat appears to be less code, less testing, less functionality, fewer support issues, and faster time to market for a release cycle. For an organization facing escalating feature requests from customers and declining rankings in analyst quadrants, they are faced with cutting back to the basics and trying to move forward. The big question is if there is enough runway to lift off and change the downward slide in web security at Blue Coat.

Pease read the following document here to read why you should consider Blue Coat as a tactical solution and Websense as a longer-term strategic web defense.

Early last week I was a guest of the OWASP San Diego Chapter who invited me to give a presentation on the Top Ten Web Hacking Techniques of 2010. An audience of nearly 50 filled the room, graciously hosted by Websense, and was treated to a sushi and sake dinner while I described and demoed the last year's latest research.

For those unfamiliar with this top ten, every year the Web security community produces a stunning amount of new hacking techniques published in various white papers, blog posts, magazine articles, mailing list emails, etc. Within the thousands of pages are the latest ways to attack websites, Web browsers, Web proxies, and so on. The Top Web Hacking Techniques acts as a centralized knowledge base, a way to recognize researchers who contribute excellent work, and digestible way for the community keep up with the latest trends -- a look forward.

After the presentation I got the opportunity to meet many new people and learn more about the things in Web security that most interest them. Lots of chatter about where OWASP as an organization should be heading, conversations about the latest hacks in the news, what various Web security vendors are up to, and of course, several personal appsec projects. If you are in the San Diego area and interested in the subject matter, you should really consider attending. 

Jeremiah Grossman

Alan commented on the initial APT post: I hope you don't spew marketing hyperbole else this will turn dull rapidly. Don’t worry. We are going to stick to the facts. In this piece, I want to separate from the buzz around these attacks and talk about why you should care.

We’ve heard from a lot of executives, “What should we do about APTs?” There is a high level of concern from large organizations with serious IP (like source code) that they know others will try to get. But there’s also a large group that thinks, “I’m a $10M manufacturing company, in Ohio. I don’t think Chinese or North Korean hackers are going to be knocking on my door anytime soon.”

And, they are right. (read more)