Blue Coat upgrades cloud service
Dubai, September 20, 2010
Blue Coat Systems, the technology leader in application delivery networking, has expanded the malware defenses in its cloud-based service to provide customers with better protection against Web-based threats.
The new defenses in its cloud-based WebPulse are immediately available to all users without requiring software downloads or updates, it said in a statement.
“The speed with which malware and malicious content evolves demands a defense that can move equally as fast,” said Nigel Hawthorn, VP EMEA marketing, Blue Coat Systems.
“With the WebPulse service, Blue Coat provides customers with a defense that can be rapidly expanded in response to new threats, attack vectors and malicious content to immediately and seamlessly protect more than 70 million users in real time.”
In the past 90 days, Blue Coat has added more than 100 new detection rules to the WebPulse service to target malicious traffic, such as botnets and exploit kits, and to more quickly identify new and unknown content, he added.
Roughly 65 percent of these new rules are designed to help identify malware and its sources, typically targeting traffic from a specific malware ring or botnet.
Blue Coat malware experts continuously analyze intelligence from the WebPulse service to fine tune and expand these detection rules, Hawthorn said.
Additionally, Blue Coat has developed and added to the WebPulse service a mal-PDF scanner to protect users from exploit sources that include malicious PDF files targeting specific vulnerabilities in Acrobat and Acrobat Reader.
This scanner flags mal-PDFs in real time and PDFs that are merely suspicious for additional background research. The mal-PDF scanner recently protected WebPulse users from several attacks in which malicious PDFs were served to innocent Websites via an infected advertising server.
To provide further intelligence about malicious and suspicious content, Blue Coat has added a mal-script detector to the background processes of the WebPulse service.
The detector logs JavaScript from the millions of Web pages that are requested every day. Using this intelligence, Blue Coat researchers can identify the characteristics that are indicative of suspicious behavior and create appropriate defenses.
This new detector recently identified and protected WebPulse users from a network of suspicious download sites with heavily encrypted fake AV scanner exploits.
These new defenses augment existing WebPulse defenses, such as malware signature and behavioral scanners, proprietary malware behavioural analyzers and statistical analysis techniques, real-time proprietary Phishing detection engines, Web reputation algorithms and third-party intelligence sources, to categorize new and unknown content, identify malware and protect more users.
To match the speed with which malicious sites change their domains, the Blue Coat WebPulse service also utilizes advanced fingerprinting modules that quickly recognize when similar sites appear on new servers. – TradeArabia News Service