Finjan's latest analysis of Web Security.
* As commercial interests continue to drive e-crime, malicious code is more likely to be hosted on local servers in the US and UK than in countries with less developed e-crime law enforcement policies.
* A continuing evolution in the complexity of attacks, specifically the increasing use of code obfuscation using diverse randomization techniques. Over 80% of the malicious code detected by Finjan was obfuscated, making it virtually invisible to pattern-matching/signature-based methods in use by anti-virus products.
* Increasing sophistication at embedding malicious code within legitimate content (e.g., ad delivery and translation services) and less dependence on outlaw servers in unregulated countries.
Finjan's detection and analysis is based on its unique and proprietary methods for analyzing executable code embedded in web content for malicious or dangerous intent. These methods excel in detecting malicious code without depending on location, reputation or a priori signature information.
Finjan Vital Security Web Appliance
Finjan also claimed that its patented real-time code inspection technology is the only web security product that detected malicious code on a potentially destructive web page propagated by a malicious Russian website earlier this month. Finjan subsequently communicated its discovery of the malicious code to an independent online security industry benchmark website, VirusTotal.com, which benchmarked the code against 32 well-known web security products. Upon completion of the benchmark, VirusTotal established that the entire list of products failed to detect the code as malicious and as a result did not block it. Finjan's Vital Security Web Appliance claims to be the only security solution that managed to detect and block the code in real-time, without any product update or signature. "The findings of this online benchmark test underscore significant trends that we are seeing on the web today: threats are growing more sophisticated and the task of keeping track of dynamic, malicious web content is becoming more difficult," said Finjan.
|Printer friendly Cite/link Email Feedback|
|Title Annotation:||Security News and Products|
|Publication:||Database and Network Journal|
|Date:||Apr 1, 2007|
|Previous Article:||Total web threat protection.|
|Next Article:||Data integration service.|