Welcome!

News Feed Item

Proofpoint Launches Industry's First Two-Factor Malvertising Solution

Proofpoint Malvertising Protection for Publishers & Demand Side Platforms and Targeted Attack Protection for Enterprise Defend Against Attackers' Use of Malware via Internet Advertising Network

SUNNYVALE, CA -- (Marketwired) -- 02/26/14 -- Proofpoint, Inc. (NASDAQ: PFPT), a leading security-as-a-service provider, today announced the launch of new protection against malvertising (malicious advertising), a technique attackers have used to invisibly penetrate computers of visitors to legitimate websites. Proofpoint's malvertising solution addresses this threat in two ways. For publishers, ad networks, servers, exchanges, optimizers, and demand-side platforms (DSPs), Proofpoint Malvertising Protection™ tracks the flow of malvertisements and warns owners about problematic ad networks. For Enterprises, Proofpoint Targeted Attack Protection™ prevents malvertising infection of vulnerable site-visiting employees and warns IT teams of the suspect sites. As more and more business-related sites carry advertisements, and attackers increasingly leverage the online ads ecosystem to target users, the security implications of malvertising are significant for publishers and Enterprises alike.

In 2013, it was estimated that more than 10 billion online ad impressions were compromised by malvertising(i), including ads served to visitors of such well-known sites as The New York Times, the London Stock Exchange, and Yahoo(ii). Google alone is cited as having disabled more than 400,000 malvertising-serving sites in 2013, more than 300 percent from the prior year(iii). Publishers are challenged because malvertising can be very difficult to discover: creatives are bid and exchanged in real-time, and delivered by servers at different sites, and sourced from different networks according to different visitor attributes, which are in turn sourced through brokers and other parties -- so it is very difficult to establish ad legitimacy at time of delivery. Enterprises are challenged because of the prevalence of ads and specificity of targeting; employees often must visit ad-bearing industry-related sites in the course of their job, but such sites target ads based on visitor information, making attackers' jobs easier. The result is a world where a visitor to a legitimate website can have their computer security breached without ever knowing they've been compromised, and where even after being alerted of a malvertising campaign, publishers and networks are still unable to easily identify the problematic chain.

"While the industry has developed technologies to protect against targeted offensives leveraging advanced malware, attackers have continued to evolve their tactics in an attempt to stay ahead of defenses," said John Grady, Program Manager, Security Products at IDC. "Watering-hole attacks leveraging malicious ad content on otherwise trusted sites are one such example. Enterprises suffer breaches as a result of these attacks, while the content providers unknowingly hosting altered ads lose brand equity and user trust. Proofpoint's Malvertising Protection and enhanced Targeted Attack Protection solutions address this common issue for both constituencies."

For Publishers and Demand Side Platforms, Proofpoint Malvertising Protection (based on technology from Proofpoint's acquisition of Armorize) analyzes not only the ad tags, but also the creative and the actual impressions served, providing unique insight into the entire ad chain and precisely pinpointing the problematic party within the larger ecosystem. This approach to protection ensures that ads are authentic and unaltered, and that impressions are compliant with brand safety standards, ensuring safer and higher quality ad inventory and overall ad-ecosystem security. For Enterprises, Proofpoint Targeted Attack Protection prevents malvertising infection of site-visiting employees and warns IT teams of the suspect site. By using big-data analysis and advanced statistical modeling to proactively perform advanced dynamic malware analysis on potentially suspicious URLs, Proofpoint's predictive defense capabilities can detect malvertising even on legitimate sites, and even before employees click links. The Targeted Attack Protection solution's real-time dashboard and "follow-me" protection also provide an ongoing view into and defense against these attacks. This reduced time-to-detection and end-to-end insight and protection enables proactive protection of an organization's users, minimizing computer compromises within the enterprise, and reducing incident response time, effort, and costs.

"Malvertising is clearly a huge and growing problem, and we're pleased to introduce the industry's first two-factor solution for web site owners and targeted Enterprises," said David Knight, executive vice president and general manager of Proofpoint's Information Security Products Group. "Attackers prey on complexity and obscurity -- and we believe that Proofpoint Malvertising Protection and Proofpoint Targeted Attack Protection cut through both, providing unprecedented levels of visibility and security."

For more details on Proofpoint's Malvertising Protection solution for web sites please visit proofpoint.com/map -- for Proofpoint's Targeted Attack Protection solution for Enterprises, please visit proofpoint.com/tap

About Proofpoint, Inc.
Proofpoint Inc. (NASDAQ: PFPT) is a leading security-as-a-service provider that focuses on cloud-based solutions for threat protection, compliance, archiving & governance, and secure communications. Organizations around the world depend on Proofpoint's expertise, patented technologies and on-demand delivery system to protect against phishing, malware and spam, safeguard privacy, encrypt sensitive information, and archive and govern messages and critical enterprise information. More information is available at www.proofpoint.com.

Proofpoint, Malvertising Protection, and Targeted Attack Protection are trademarks or registered trademarks of Proofpoint, Inc. in the U.S. and/or other countries.

(i) Computer Fraud and Security: 11-16. Retrieved 26 February 2013.

(ii) Lenny Zeltser on Information Security. Retrieved 22 March 2013.

(iii) Newest Hacker Target: Ads - New York Times, 1/31/14

Add to Digg Bookmark with del.icio.us Add to Newsvine

MEDIA CONTACT:
Orlando DeBruce
Proofpoint, Inc.
408-338-6829
Email Contact

Sarmishta Ramesh
Ogilvy Public Relations
303-527-4615
Email Contact

More Stories By Marketwired .

Copyright © 2009 Marketwired. All rights reserved. All the news releases provided by Marketwired are copyrighted. Any forms of copying other than an individual user's personal reference without express written permission is prohibited. Further distribution of these materials is strictly forbidden, including but not limited to, posting, emailing, faxing, archiving in a public database, redistributing via a computer network or in a printed form.

Latest Stories
For organizations that have amassed large sums of software complexity, taking a microservices approach is the first step toward DevOps and continuous improvement / development. Integrating system-level analysis with microservices makes it easier to change and add functionality to applications at any time without the increase of risk. Before you start big transformation projects or a cloud migration, make sure these changes won’t take down your entire organization.
"My role is working with customers, helping them go through this digital transformation. I spend a lot of time talking to banks, big industries, manufacturers working through how they are integrating and transforming their IT platforms and moving them forward," explained William Morrish, General Manager Product Sales at Interoute, in this SYS-CON.tv interview at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York City, NY.
With the introduction of IoT and Smart Living in every aspect of our lives, one question has become relevant: What are the security implications? To answer this, first we have to look and explore the security models of the technologies that IoT is founded upon. In his session at @ThingsExpo, Nevi Kaja, a Research Engineer at Ford Motor Company, will discuss some of the security challenges of the IoT infrastructure and relate how these aspects impact Smart Living. The material will be delivered i...
SYS-CON Events announced today that Ocean9will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Ocean9 provides cloud services for Backup, Disaster Recovery (DRaaS) and instant Innovation, and redefines enterprise infrastructure with its cloud native subscription offerings for mission critical SAP workloads.
Your homes and cars can be automated and self-serviced. Why can't your storage? From simply asking questions to analyze and troubleshoot your infrastructure, to provisioning storage with snapshots, recovery and replication, your wildest sci-fi dream has come true. In his session at @DevOpsSummit at 20th Cloud Expo, Dan Florea, Director of Product Management at Tintri, will provide a ChatOps demo where you can talk to your storage and manage it from anywhere, through Slack and similar services ...
Imagine having the ability to leverage all of your current technology and to be able to compose it into one resource pool. Now imagine, as your business grows, not having to deploy a complete new appliance to scale your infrastructure. Also imagine a true multi-cloud capability that allows live migration without any modification between cloud environments regardless of whether that cloud is your private cloud or your public AWS, Azure or Google instance. Now think of a world that is not locked i...
SYS-CON Events announced today that Auditwerx will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Auditwerx specializes in SOC 1, SOC 2, and SOC 3 attestation services throughout the U.S. and Canada. As a division of Carr, Riggs & Ingram (CRI), one of the top 20 largest CPA firms nationally, you can expect the resources, skills, and experience of a much larger firm combined with the accessibility and atten...
In his session at @ThingsExpo, Eric Lachapelle, CEO of the Professional Evaluation and Certification Board (PECB), will provide an overview of various initiatives to certifiy the security of connected devices and future trends in ensuring public trust of IoT. Eric Lachapelle is the Chief Executive Officer of the Professional Evaluation and Certification Board (PECB), an international certification body. His role is to help companies and individuals to achieve professional, accredited and worldw...
MongoDB Atlas leverages VPC peering for AWS, a service that allows multiple VPC networks to interact. This includes VPCs that belong to other AWS account holders. By performing cross account VPC peering, users ensure networks that host and communicate their data are secure. In his session at 20th Cloud Expo, Jay Gordon, a Developer Advocate at MongoDB, will explain how to properly architect your VPC using existing AWS tools and then peer with your MongoDB Atlas cluster. He'll discuss the secur...
SYS-CON Events announced today that Linux Academy, the foremost online Linux and cloud training platform and community, will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Linux Academy was founded on the belief that providing high-quality, in-depth training should be available at an affordable price. Industry leaders in quality training, provided services, and student certification passes, its goal is to c...
DevOps is often described as a combination of technology and culture. Without both, DevOps isn't complete. However, applying the culture to outdated technology is a recipe for disaster; as response times grow and connections between teams are delayed by technology, the culture will die. A Nutanix Enterprise Cloud has many benefits that provide the needed base for a true DevOps paradigm. In his Day 3 Keynote at 20th Cloud Expo, Chris Brown, a Solutions Marketing Manager at Nutanix, will explore t...
In his session at Cloud Expo, Alan Winters, an entertainment executive/TV producer turned serial entrepreneur, will present a success story of an entrepreneur who has both suffered through and benefited from offshore development across multiple businesses: The smart choice, or how to select the right offshore development partner Warning signs, or how to minimize chances of making the wrong choice Collaboration, or how to establish the most effective work processes Budget control, or how to m...
Deep learning has been very successful in social sciences and specially areas where there is a lot of data. Trading is another field that can be viewed as social science with a lot of data. With the advent of Deep Learning and Big Data technologies for efficient computation, we are finally able to use the same methods in investment management as we would in face recognition or in making chat-bots. In his session at 20th Cloud Expo, Gaurav Chakravorty, co-founder and Head of Strategy Development ...
SYS-CON Events announced today that SoftLayer, an IBM Company, has been named “Gold Sponsor” of SYS-CON's 18th Cloud Expo, which will take place on June 7-9, 2016, at the Javits Center in New York, New York. SoftLayer, an IBM Company, provides cloud infrastructure as a service from a growing number of data centers and network points of presence around the world. SoftLayer’s customers range from Web startups to global enterprises.
"delaPlex is a software development company. We do team-based outsourcing development," explained Mark Rivers, COO and Co-founder of delaPlex Software, in this SYS-CON.tv interview at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York City, NY.