The document discusses internet security threats and solutions from M86 Security. It notes that malware is increasingly being hosted on legitimate websites through hacking or by embedding malicious code. It also discusses "blended threats" where attackers send links to malware-infected legitimate websites that can bypass traditional security filters. The document outlines M86 Security's multi-tiered threat protection approach using URL filtering, signatures, and real-time code analysis. It provides an overview of M86 Security products including appliances, software, and cloud-based options for web security, email security, and compliance needs.
10. “New” Malware Never Used Again**Source: Virus Arms Race, The Register, August 2009
11. Anatomy of a Blended Threat Attack 2) Attacker sends emails with embedded links to malicious Web sites. 1) Attacker hacks legitimate Web sites and injects malware. 5) Traditional Web filters are bypassed as user is directed to legitimate Web site. 3) Email bypasses traditional spam and anti-virus systems. 6) User’s computer gets infected with drive-by download and becomes a bot. 4) User receives email and clicks on link to malware-infected site.
12. Customer Challenge for 2011: Web-based Threats Web-based Threats Web malware from legitimate sites* 92% 1000% 84% Increase in Web malware over 2010 Of new threats come from the Web *Source: Websense
13. Customer Challenge for 2011: Web-based Threats Web 2.0 Landscape 40-50% Current AV catch rates* Collaboration Tools Social Networking Enterprise SaaS WEB 2.0 Social Media Media Sharing Client Applications Interactive Sharing Mass Comms 52% 10 billion Malware dead within 24 hours** World-wide blended threat emails per day *Source: M86 SecurityLabs **Source: Panda Labs
14. Why Real-time Detection is so Important M86 Security Labs Report Test: >30,000 live malware URLs Traditional Security: Stool Strategy URL Filtering 3.8% effective Three Major AV Vendors Combined 39% effective Real-time Code Analysis Six-in-10 threats require real-time code analysis to be blocked Leg 3 Leg 2 Leg 1 Anti-virus Signatures 100% effective Real-time Detection (Code Analysis) URL Filtering
15. M86 SWG: Multi-tiered Threat Protection MALWARE DETECTED Where it comes from?Previously discovered malware websites URL FILTERING 3.8% Effective 39% Effective* SIGNATURE-BASED ANTI-VIRUS What it looks like?Identified malware signatures What is its intentions? Dynamically analyzes unknown codes for malware-related behaviors 100% Effective in detecting known threats and unknown obfuscated malware codes REAL-TIME CODE ANALYSIS Source: M86 Security Labs Report (test based on >30,000 live malware URLs *Three major AV vendors combined
16. M86 SWG: Multi-tiered Threat Protection What is its intentions? What it looks like? Dynamically analyzes unknown codes for malware-related behaviors Where is it? Identified malware signatures Previously discovered malware websites Block /Allow /Repair Block / Allow Block / Allow Suspect webpage Repaired/Re-constructed web page
18. Appliances Compliance Strong FoundationCurrent M86 Security Products Products Deployment Options Web Security Messaging Security Reporting Compliance Anti-virus Malware Detection Application Control Anti-virus Malware Detection Outbound Security Encryption Data Loss Prevention Archiving Granular Reporting Real-time Monitoring Software Cloud Service (SaaS)
19. M86 Secure Web Gateway Unified Web Security Award-winning, best-in-breed, multi-layered, on-site and cloud-based Web security. Patented, active real-time code analysis of inbound and outbound communication, keeping malware out of networks and laptops, while retaining sensitive/confidential data.
31. Web CachingTotal cost of ownership is reduced by powerful central management with global reach that includes intuitive task-based policy management and drill-down reporting. Integration with existing IT infrastructure is easy for all implementation options.
36. No Hardware in Branch OfficesMobile users are protected no matter where they are Branch Offices Main Data Center No hardware in branch offices
37. M86 WebMarshal Software Secure Web Gateway Software-based Secure Web Gateway solution deployed between an organization and the Internet which provides easy-to-use, scalable and cost- effective real-time content inspection of all incoming and outgoing Web traffic.
46. Exceeds Compliance NeedsA robust multi-server array with a low total cost of ownership. The flexible and intuitive policy enforcement provides customizable protection from Web threats while allowing detailed control of user Web browsing behaviors.
47. M86 Email Security and Management M86 MailMarshal Exchange Internal email security for Microsoft Exchange M86 MailMarshal Secure Email Server Email Gateway Encryption M86 MailMarshalSendSecure Business-to-consumer Email Encryption M86 Secure Messaging Service Cloud-based Email Security M86 MailMarshal SMTPEmail Gateway Security M86 MailMarshal Service Provider Edition Managed Email Security Service
48. M86 MailMarshal SMTP Email Gateway Security and Control A versatile, powerful and scalable email security system that is compatible with any network environment. Integrating email threat protection, anti-spam, content analysis, compliance enforcement, DLP and reporting into a single, flexible, easy-to-manage solution.
63. EncryptionComplete control over inbound and outbound email in any environment, resulting in reduced exposure to risk and full email content management. An easy-to-use console, flexible policy framework and reporting tools ensure a high return on investment.
64. M86 MailMarshal Secure Email Server Email Encryption Gateway Policy-based secure email solution that provides encryption, digital signing and deep content inspection of inbound and outbound email messages.
69. Certificate Synchronization via LDAPCentralized control of encrypted communication between your company and your business partners. Consistent application of policies ensure that sensitive emails never insecurely leave your organization. Automatic harvesting and synchronization of certificates make the product extremely easy to use and maintain.
70. M86 MailMarshal Exchange Internal Email Filtering Manages, monitors and controls office email content that travels within a company to ensure a safe, productive working environment and compliance with Acceptable Use Policies.
80. More than 400 employees worldwideReal-time Security for the Borderless Network
81. M86: Recent Milestones Only company with real-time malware detection for both Web and email World’s largest provider of Web Security Appliances* Gartner Visionary in both Web and email Security Magic Quadrants First to market with solution for blended threat attacks First to market with hybrid Web Security Service *IDC Aug 209
83. Awards and Product Reviews Secure Web Gateway Visionary- M86 Secure Web Gateway Email Visionary- M86 MailMarshal SMTP Technology Audit: SWG Everything Channel Five-Star Rating for Channel Partner Program Gold Winner MailMarshal SMTP 10 Most Interesting Product at RSA Vital Web Security Suite Secure Web Gateway Product Innovations Web Security Winner SWG Editor’s Choice Vital Security =Vital Protection Excellence in Web Security Anti-Malware Gateways Vital Web Security Suite
Malware landscape continues shift to Web-based attacks.Web security now an organizational imperative.Finjan is a recognized leader in SWG and malware defense.The Finjan technology, combined with M86 Email and Web security products, presents a effective solution for both known and unknown threats
Malware landscape continues shift to Web-based attacks.Web security now an organizational imperative.Finjan is a recognized leader in SWG and malware defense.The Finjan technology, combined with M86 Email and Web security products, presents a effective solution for both known and unknown threats.
Recent data from M86 Security Labs shows the importanceWe usually talk about using the three-legged stool for complete protection: URL filtering Anti-virus (AV)Real-time code analysisWe know that URL filtering and AV signatures have become less effective: it’s all over the newsBut few people really test on live malware. Why? Because it’s their own product.We ran a test on 30,000 live malware URLs in February 2010 and we were astonished by the results Leg 1: we passed 15,000 samples through URL filter: only 3.8% effective; just as bad, about 40% of the sites were shown as good and 60% as unclassified Leg 2: we passed 15,000 samples through three AV applications: the three combined only caught 39% of the malware Leg 3: our real-time code analysis caught 100%What’s the difference? There are two main reasons:These are mostly on legitimate Web sites now, so URL filtering doesn’t helpDynamic code is being used to get around signature-based AV.We have a report up on our Web site
Total cost of ownership is reduced by powerful central management with global reach that includes intuitive task-based policy management and drill-down reporting. Integration with existing IT infrastructure is easy for all implementation options.
A robust multi-server array with a low total cost of ownership. The flexible and intuitive policy enforcement provides customizable protection from Web threats while allowing detailed control of user Web browsing behaviors.
M86 MailMarshal SMTPEmail Gateway Security Provides:Blended threats protection Data leakage prevention/deep content scanning using lexical analysisBest rated anti-spam solution using M86 Defense-in-Depth anti-spam engineTLS email encryptionM86 Secure Messaging Service Cloud-based Email SecurityM86 MailMarshal ExchangeInternal email security for Microsoft ExchangeFilters and Manages Internal, Inbox-to-Inbox EmailM86 MailMarshal Secure Email ServerEmail Gateway Encryption Provides: Encryption Digital signatureOperates With Any Email Gateway that Recognizes S/MIME-encrypted Email
Complete control over inbound and outbound email in any environment, resulting in reduced exposure to risk and full email content management. An easy-to-use console, flexible policy framework and reporting tools ensure a high return on investment.
Centralized control of encrypted communication between your company and your business partners. Consistent application of policies ensure that sensitive emails never insecurely leave your organization. Automatic harvesting and synchronization of certificates make the product extremely easy to use and maintain.
Leader in real-time threat protectionIDC noted we are largest provider of web security appliancesOnly company that’s visionary in SWG and EmailComplete suite of products: Appliance, Cloud, and Software