|By Marketwired .||
|February 26, 2014 05:25 PM EST||
SUNNYVALE, CA -- (Marketwired) -- 02/26/14 -- Proofpoint, Inc. (NASDAQ: PFPT), a leading security-as-a-service provider, today announced the launch of new protection against malvertising (malicious advertising), a technique attackers have used to invisibly penetrate computers of visitors to legitimate websites. Proofpoint's malvertising solution addresses this threat in two ways. For publishers, ad networks, servers, exchanges, optimizers, and demand-side platforms (DSPs), Proofpoint Malvertising Protection tracks the flow of malvertisements and warns owners about problematic ad networks. For Enterprises, Proofpoint Targeted Attack Protection prevents malvertising infection of vulnerable site-visiting employees and warns IT teams of the suspect sites. As more and more business-related sites carry advertisements, and attackers increasingly leverage the online ads ecosystem to target users, the security implications of malvertising are significant for publishers and Enterprises alike.
In 2013, it was estimated that more than 10 billion online ad impressions were compromised by malvertising(i), including ads served to visitors of such well-known sites as The New York Times, the London Stock Exchange, and Yahoo(ii). Google alone is cited as having disabled more than 400,000 malvertising-serving sites in 2013, more than 300 percent from the prior year(iii). Publishers are challenged because malvertising can be very difficult to discover: creatives are bid and exchanged in real-time, and delivered by servers at different sites, and sourced from different networks according to different visitor attributes, which are in turn sourced through brokers and other parties -- so it is very difficult to establish ad legitimacy at time of delivery. Enterprises are challenged because of the prevalence of ads and specificity of targeting; employees often must visit ad-bearing industry-related sites in the course of their job, but such sites target ads based on visitor information, making attackers' jobs easier. The result is a world where a visitor to a legitimate website can have their computer security breached without ever knowing they've been compromised, and where even after being alerted of a malvertising campaign, publishers and networks are still unable to easily identify the problematic chain.
"While the industry has developed technologies to protect against targeted offensives leveraging advanced malware, attackers have continued to evolve their tactics in an attempt to stay ahead of defenses," said John Grady, Program Manager, Security Products at IDC. "Watering-hole attacks leveraging malicious ad content on otherwise trusted sites are one such example. Enterprises suffer breaches as a result of these attacks, while the content providers unknowingly hosting altered ads lose brand equity and user trust. Proofpoint's Malvertising Protection and enhanced Targeted Attack Protection solutions address this common issue for both constituencies."
For Publishers and Demand Side Platforms, Proofpoint Malvertising Protection (based on technology from Proofpoint's acquisition of Armorize) analyzes not only the ad tags, but also the creative and the actual impressions served, providing unique insight into the entire ad chain and precisely pinpointing the problematic party within the larger ecosystem. This approach to protection ensures that ads are authentic and unaltered, and that impressions are compliant with brand safety standards, ensuring safer and higher quality ad inventory and overall ad-ecosystem security. For Enterprises, Proofpoint Targeted Attack Protection prevents malvertising infection of site-visiting employees and warns IT teams of the suspect site. By using big-data analysis and advanced statistical modeling to proactively perform advanced dynamic malware analysis on potentially suspicious URLs, Proofpoint's predictive defense capabilities can detect malvertising even on legitimate sites, and even before employees click links. The Targeted Attack Protection solution's real-time dashboard and "follow-me" protection also provide an ongoing view into and defense against these attacks. This reduced time-to-detection and end-to-end insight and protection enables proactive protection of an organization's users, minimizing computer compromises within the enterprise, and reducing incident response time, effort, and costs.
"Malvertising is clearly a huge and growing problem, and we're pleased to introduce the industry's first two-factor solution for web site owners and targeted Enterprises," said David Knight, executive vice president and general manager of Proofpoint's Information Security Products Group. "Attackers prey on complexity and obscurity -- and we believe that Proofpoint Malvertising Protection and Proofpoint Targeted Attack Protection cut through both, providing unprecedented levels of visibility and security."
For more details on Proofpoint's Malvertising Protection solution for web sites please visit proofpoint.com/map -- for Proofpoint's Targeted Attack Protection solution for Enterprises, please visit proofpoint.com/tap
About Proofpoint, Inc.
Proofpoint Inc. (NASDAQ: PFPT) is a leading security-as-a-service provider that focuses on cloud-based solutions for threat protection, compliance, archiving & governance, and secure communications. Organizations around the world depend on Proofpoint's expertise, patented technologies and on-demand delivery system to protect against phishing, malware and spam, safeguard privacy, encrypt sensitive information, and archive and govern messages and critical enterprise information. More information is available at www.proofpoint.com.
Proofpoint, Malvertising Protection, and Targeted Attack Protection are trademarks or registered trademarks of Proofpoint, Inc. in the U.S. and/or other countries.
(i) Computer Fraud and Security: 11-16. Retrieved 26 February 2013.
(ii) Lenny Zeltser on Information Security. Retrieved 22 March 2013.
(iii) Newest Hacker Target: Ads - New York Times, 1/31/14
Explosive growth in connected devices. Enormous amounts of data for collection and analysis. Critical use of data for split-second decision making and actionable information. All three are factors in making the Internet of Things a reality. Yet, any one factor would have an IT organization pondering its infrastructure strategy. How should your organization enhance its IT framework to enable an Internet of Things implementation? In his session at @ThingsExpo, James Kirkland, Red Hat's Chief Arch...
Jul. 30, 2015 07:30 PM EDT Reads: 1,379
For IoT to grow as quickly as analyst firms’ project, a lot is going to fall on developers to quickly bring applications to market. But the lack of a standard development platform threatens to slow growth and make application development more time consuming and costly, much like we’ve seen in the mobile space. In his session at @ThingsExpo, Mike Weiner, Product Manager of the Omega DevCloud with KORE Telematics Inc., discussed the evolving requirements for developers as IoT matures and conducte...
Jul. 30, 2015 07:15 PM EDT Reads: 284
Providing the needed data for application development and testing is a huge headache for most organizations. The problems are often the same across companies - speed, quality, cost, and control. Provisioning data can take days or weeks, every time a refresh is required. Using dummy data leads to quality problems. Creating physical copies of large data sets and sending them to distributed teams of developers eats up expensive storage and bandwidth resources. And, all of these copies proliferating...
Jul. 30, 2015 06:30 PM EDT Reads: 877
Malicious agents are moving faster than the speed of business. Even more worrisome, most companies are relying on legacy approaches to security that are no longer capable of meeting current threats. In the modern cloud, threat diversity is rapidly expanding, necessitating more sophisticated security protocols than those used in the past or in desktop environments. Yet companies are falling for cloud security myths that were truths at one time but have evolved out of existence.
Jul. 30, 2015 06:00 PM EDT Reads: 1,795
Digital Transformation is the ultimate goal of cloud computing and related initiatives. The phrase is certainly not a precise one, and as subject to hand-waving and distortion as any high-falutin' terminology in the world of information technology. Yet it is an excellent choice of words to describe what enterprise IT—and by extension, organizations in general—should be working to achieve. Digital Transformation means: handling all the data types being found and created in the organizat...
Jul. 30, 2015 05:00 PM EDT Reads: 1,080
Public Cloud IaaS started its life in the developer and startup communities and has grown rapidly to a $20B+ industry, but it still pales in comparison to how much is spent worldwide on IT: $3.6 trillion. In fact, there are 8.6 million data centers worldwide, the reality is many small and medium sized business have server closets and colocation footprints filled with servers and storage gear. While on-premise environment virtualization may have peaked at 75%, the Public Cloud has lagged in adop...
Jul. 30, 2015 04:00 PM EDT Reads: 2,196
SYS-CON Events announced today that HPM Networks will exhibit at the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. For 20 years, HPM Networks has been integrating technology solutions that solve complex business challenges. HPM Networks has designed solutions for both SMB and enterprise customers throughout the San Francisco Bay Area.
Jul. 30, 2015 03:45 PM EDT Reads: 440
The time is ripe for high speed resilient software defined storage solutions with unlimited scalability. ISS has been working with the leading open source projects and developed a commercial high performance solution that is able to grow forever without performance limitations. In his session at Cloud Expo, Alex Gorbachev, President of Intelligent Systems Services Inc., shared foundation principles of Ceph architecture, as well as the design to deliver this storage to traditional SAN storage co...
Jul. 30, 2015 03:00 PM EDT Reads: 1,733
The Software Defined Data Center (SDDC), which enables organizations to seamlessly run in a hybrid cloud model (public + private cloud), is here to stay. IDC estimates that the software-defined networking market will be valued at $3.7 billion by 2016. Security is a key component and benefit of the SDDC, and offers an opportunity to build security 'from the ground up' and weave it into the environment from day one. In his session at 16th Cloud Expo, Reuven Harrison, CTO and Co-Founder of Tufin,...
Jul. 30, 2015 03:00 PM EDT Reads: 476
MuleSoft has announced the findings of its 2015 Connectivity Benchmark Report on the adoption and business impact of APIs. The findings suggest traditional businesses are quickly evolving into "composable enterprises" built out of hundreds of connected software services, applications and devices. Most are embracing the Internet of Things (IoT) and microservices technologies like Docker. A majority are integrating wearables, like smart watches, and more than half plan to generate revenue with ...
Jul. 30, 2015 02:30 PM EDT
The Internet of Everything (IoE) brings together people, process, data and things to make networked connections more relevant and valuable than ever before – transforming information into knowledge and knowledge into wisdom. IoE creates new capabilities, richer experiences, and unprecedented opportunities to improve business and government operations, decision making and mission support capabilities.
Jul. 30, 2015 01:45 PM EDT Reads: 259
The Cloud industry has moved from being more than just being able to provide infrastructure and management services on the Cloud. Enter a new era of Cloud computing where monetization’s services through the Cloud are an essential piece of strategy to feed your organizations bottom-line, your revenue and Profitability. In their session at 16th Cloud Expo, Ermanno Bonifazi, CEO & Founder of Solgenia, and Ian Khan, Global Strategic Positioning & Brand Manager at Solgenia, discussed how to easily o...
Jul. 30, 2015 01:45 PM EDT Reads: 373
In their session at 17th Cloud Expo, Hal Schwartz, CEO of Secure Infrastructure & Services (SIAS), and Chuck Paolillo, CTO of Secure Infrastructure & Services (SIAS), provide a study of cloud adoption trends and the power and flexibility of IBM Power and Pureflex cloud solutions. In his role as CEO of Secure Infrastructure & Services (SIAS), Hal Schwartz provides leadership and direction for the company.
Jul. 30, 2015 01:30 PM EDT
Rapid innovation, changing business landscapes, and new IT demands force businesses to make changes quickly. The DevOps approach is a way to increase business agility through collaboration, communication, and integration across different teams in the IT organization. In his session at DevOps Summit, Chris Van Tuin, Chief Technologist for the Western US at Red Hat, will discuss: The acceleration of application delivery for the business with DevOps
Jul. 30, 2015 12:45 PM EDT Reads: 1,111
The speed of software changes in growing and large scale rapid-paced DevOps environments presents a challenge for continuous testing. Many organizations struggle to get this right. Practices that work for small scale continuous testing may not be sufficient as the requirements grow. In his session at DevOps Summit, Marc Hornbeek, Sr. Solutions Architect of DevOps continuous test solutions at Spirent Communications, explained the best practices of continuous testing at high scale, which is rele...
Jul. 30, 2015 12:00 PM EDT Reads: 1,377