Welcome!

News Feed Item

Proofpoint Launches Industry's First Two-Factor Malvertising Solution

Proofpoint Malvertising Protection for Publishers & Demand Side Platforms and Targeted Attack Protection for Enterprise Defend Against Attackers' Use of Malware via Internet Advertising Network

SUNNYVALE, CA -- (Marketwired) -- 02/26/14 -- Proofpoint, Inc. (NASDAQ: PFPT), a leading security-as-a-service provider, today announced the launch of new protection against malvertising (malicious advertising), a technique attackers have used to invisibly penetrate computers of visitors to legitimate websites. Proofpoint's malvertising solution addresses this threat in two ways. For publishers, ad networks, servers, exchanges, optimizers, and demand-side platforms (DSPs), Proofpoint Malvertising Protection™ tracks the flow of malvertisements and warns owners about problematic ad networks. For Enterprises, Proofpoint Targeted Attack Protection™ prevents malvertising infection of vulnerable site-visiting employees and warns IT teams of the suspect sites. As more and more business-related sites carry advertisements, and attackers increasingly leverage the online ads ecosystem to target users, the security implications of malvertising are significant for publishers and Enterprises alike.

In 2013, it was estimated that more than 10 billion online ad impressions were compromised by malvertising(i), including ads served to visitors of such well-known sites as The New York Times, the London Stock Exchange, and Yahoo(ii). Google alone is cited as having disabled more than 400,000 malvertising-serving sites in 2013, more than 300 percent from the prior year(iii). Publishers are challenged because malvertising can be very difficult to discover: creatives are bid and exchanged in real-time, and delivered by servers at different sites, and sourced from different networks according to different visitor attributes, which are in turn sourced through brokers and other parties -- so it is very difficult to establish ad legitimacy at time of delivery. Enterprises are challenged because of the prevalence of ads and specificity of targeting; employees often must visit ad-bearing industry-related sites in the course of their job, but such sites target ads based on visitor information, making attackers' jobs easier. The result is a world where a visitor to a legitimate website can have their computer security breached without ever knowing they've been compromised, and where even after being alerted of a malvertising campaign, publishers and networks are still unable to easily identify the problematic chain.

"While the industry has developed technologies to protect against targeted offensives leveraging advanced malware, attackers have continued to evolve their tactics in an attempt to stay ahead of defenses," said John Grady, Program Manager, Security Products at IDC. "Watering-hole attacks leveraging malicious ad content on otherwise trusted sites are one such example. Enterprises suffer breaches as a result of these attacks, while the content providers unknowingly hosting altered ads lose brand equity and user trust. Proofpoint's Malvertising Protection and enhanced Targeted Attack Protection solutions address this common issue for both constituencies."

For Publishers and Demand Side Platforms, Proofpoint Malvertising Protection (based on technology from Proofpoint's acquisition of Armorize) analyzes not only the ad tags, but also the creative and the actual impressions served, providing unique insight into the entire ad chain and precisely pinpointing the problematic party within the larger ecosystem. This approach to protection ensures that ads are authentic and unaltered, and that impressions are compliant with brand safety standards, ensuring safer and higher quality ad inventory and overall ad-ecosystem security. For Enterprises, Proofpoint Targeted Attack Protection prevents malvertising infection of site-visiting employees and warns IT teams of the suspect site. By using big-data analysis and advanced statistical modeling to proactively perform advanced dynamic malware analysis on potentially suspicious URLs, Proofpoint's predictive defense capabilities can detect malvertising even on legitimate sites, and even before employees click links. The Targeted Attack Protection solution's real-time dashboard and "follow-me" protection also provide an ongoing view into and defense against these attacks. This reduced time-to-detection and end-to-end insight and protection enables proactive protection of an organization's users, minimizing computer compromises within the enterprise, and reducing incident response time, effort, and costs.

"Malvertising is clearly a huge and growing problem, and we're pleased to introduce the industry's first two-factor solution for web site owners and targeted Enterprises," said David Knight, executive vice president and general manager of Proofpoint's Information Security Products Group. "Attackers prey on complexity and obscurity -- and we believe that Proofpoint Malvertising Protection and Proofpoint Targeted Attack Protection cut through both, providing unprecedented levels of visibility and security."

For more details on Proofpoint's Malvertising Protection solution for web sites please visit proofpoint.com/map -- for Proofpoint's Targeted Attack Protection solution for Enterprises, please visit proofpoint.com/tap

About Proofpoint, Inc.
Proofpoint Inc. (NASDAQ: PFPT) is a leading security-as-a-service provider that focuses on cloud-based solutions for threat protection, compliance, archiving & governance, and secure communications. Organizations around the world depend on Proofpoint's expertise, patented technologies and on-demand delivery system to protect against phishing, malware and spam, safeguard privacy, encrypt sensitive information, and archive and govern messages and critical enterprise information. More information is available at www.proofpoint.com.

Proofpoint, Malvertising Protection, and Targeted Attack Protection are trademarks or registered trademarks of Proofpoint, Inc. in the U.S. and/or other countries.

(i) Computer Fraud and Security: 11-16. Retrieved 26 February 2013.

(ii) Lenny Zeltser on Information Security. Retrieved 22 March 2013.

(iii) Newest Hacker Target: Ads - New York Times, 1/31/14

Add to Digg Bookmark with del.icio.us Add to Newsvine

MEDIA CONTACT:
Orlando DeBruce
Proofpoint, Inc.
408-338-6829
Email Contact

Sarmishta Ramesh
Ogilvy Public Relations
303-527-4615
Email Contact

More Stories By Marketwired .

Copyright © 2009 Marketwired. All rights reserved. All the news releases provided by Marketwired are copyrighted. Any forms of copying other than an individual user's personal reference without express written permission is prohibited. Further distribution of these materials is strictly forbidden, including but not limited to, posting, emailing, faxing, archiving in a public database, redistributing via a computer network or in a printed form.

Latest Stories
Successful digital transformation requires new organizational competencies and capabilities. Research tells us that the biggest impediment to successful transformation is human; consequently, the biggest enabler is a properly skilled and empowered workforce. In the digital age, new individual and collective competencies are required. In his session at 19th Cloud Expo, Bob Newhouse, CEO and founder of Agilitiv, drew together recent research and lessons learned from emerging and established compa...
"IoT is going to be a huge industry with a lot of value for end users, for industries, for consumers, for manufacturers. How can we use cloud to effectively manage IoT applications," stated Ian Khan, Innovation & Marketing Manager at Solgeniakhela, in this SYS-CON.tv interview at @ThingsExpo, held November 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA.
Enterprise IT has been in the era of Hybrid Cloud for some time now. But it seems most conversations about Hybrid are focused on integrating AWS, Microsoft Azure, or Google ECM into existing on-premises systems. Where is all the Private Cloud? What do technology providers need to do to make their offerings more compelling? How should enterprise IT executives and buyers define their focus, needs, and roadmap, and communicate that clearly to the providers?
"Coalfire is a cyber-risk, security and compliance assessment and advisory services firm. We do a lot of work with the cloud service provider community," explained Ryan McGowan, Vice President, Sales (West) at Coalfire Systems, Inc., in this SYS-CON.tv interview at 19th Cloud Expo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
Financial Technology has become a topic of intense interest throughout the cloud developer and enterprise IT communities. Accordingly, attendees at the upcoming 20th Cloud Expo at the Javits Center in New York, June 6-8, 2017, will find fresh new content in a new track called FinTech.
Bert Loomis was a visionary. This general session will highlight how Bert Loomis and people like him inspire us to build great things with small inventions. In their general session at 19th Cloud Expo, Harold Hannon, Architect at IBM Bluemix, and Michael O'Neill, Strategic Business Development at Nvidia, discussed the accelerating pace of AI development and how IBM Cloud and NVIDIA are partnering to bring AI capabilities to "every day," on-demand. They also reviewed two "free infrastructure" pr...
Information technology is an industry that has always experienced change, and the dramatic change sweeping across the industry today could not be truthfully described as the first time we've seen such widespread change impacting customer investments. However, the rate of the change, and the potential outcomes from today's digital transformation has the distinct potential to separate the industry into two camps: Organizations that see the change coming, embrace it, and successful leverage it; and...
"Dice has been around for the last 20 years. We have been helping tech professionals find new jobs and career opportunities," explained Manish Dixit, VP of Product and Engineering at Dice, in this SYS-CON.tv interview at 19th Cloud Expo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
Get deep visibility into the performance of your databases and expert advice for performance optimization and tuning. You can't get application performance without database performance. Give everyone on the team a comprehensive view of how every aspect of the system affects performance across SQL database operations, host server and OS, virtualization resources and storage I/O. Quickly find bottlenecks and troubleshoot complex problems.
SYS-CON Events announced today that Dataloop.IO, an innovator in cloud IT-monitoring whose products help organizations save time and money, has been named “Bronze Sponsor” of SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Dataloop.IO is an emerging software company on the cutting edge of major IT-infrastructure trends including cloud computing and microservices. The company, founded in the UK but now based in San Fran...
"We are a custom software development, engineering firm. We specialize in cloud applications from helping customers that have on-premise applications migrating to the cloud, to helping customers design brand new apps in the cloud. And we specialize in mobile apps," explained Peter Di Stefano, Vice President of Marketing at Impiger Technologies, in this SYS-CON.tv interview at 19th Cloud Expo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
Rapid innovation, changing business landscapes, and new IT demands force businesses to make changes quickly. In the eyes of many, containers are at the brink of becoming a pervasive technology in enterprise IT to accelerate application delivery. In this presentation, attendees learned about the: The transformation of IT to a DevOps, microservices, and container-based architecture What are containers and how DevOps practices can operate in a container-based environment A demonstration of how ...
President Obama recently announced the launch of a new national awareness campaign to "encourage more Americans to move beyond passwords – adding an extra layer of security like a fingerprint or codes sent to your cellphone." The shift from single passwords to multi-factor authentication couldn’t be timelier or more strategic. This session will focus on why passwords alone are no longer effective, and why the time to act is now. In his session at 19th Cloud Expo, Chris Webber, security strateg...
"At ROHA we develop an app called Catcha. It was developed after we spent a year meeting with, talking to, interacting with senior citizens watching them use their smartphones and talking to them about how they use their smartphones so we could get to know their smartphone behavior," explained Dave Woods, Chief Innovation Officer at ROHA, in this SYS-CON.tv interview at 19th Cloud Expo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
SYS-CON Events has announced today that Roger Strukhoff has been named conference chair of Cloud Expo and @ThingsExpo 2017 New York. The 20th Cloud Expo and 7th @ThingsExpo will take place on June 6-8, 2017, at the Javits Center in New York City, NY. "The Internet of Things brings trillions of dollars of opportunity to developers and enterprise IT, no matter how you measure it," stated Roger Strukhoff. "More importantly, it leverages the power of devices and the Internet to enable us all to im...