IT security teams experience a constant barrage of attacks trying to penetrate their defenses and steal their data. Over 90% of these cyber-attacks originate from the web and they are becoming more sophisticated by the day. Cybercriminals leverage a variety of malware and social engineering tactics to dupe employees into infecting their devices and your network with malware, and an important one is the creation of malicious internet sites. Millions of new internet hosts – domains, sub-domains, IP addresses – are born every day. The vast majority of these exist for 24-hours, popping up and coming down quickly. Analysis has revealed that while the majority of these host locations have valid business purposes, many of them are tools for hackers, who use various techniques to lure employees to them in order to infect visiting machines with malware. All of these sites, valid and malicious, are not categorized effectively by web filtering and threat intelligence services because they because they have no meaningful history. Some enterprises set policies that completely block sites that cannot be categorized. This typically results in over-blocking their employee’s web use since valid sites get caught up in this type of policy rule. Others may choose to roll the dice and permit access to uncategorized sites to allow their employees to perform their business activities, but this opens the organization up to undo risk.
Threat Isolation Conquers the Uncategorized Web
Threat isolation is the most effective way to solve the uncategorized web challenge and Symantec’s acquisition of Fireglass brings the market’s leading threat isolation product into Symantec’s enterprise security portfolio. Combining threat isolation with Symantec ProxySG and Web Security Service secure web gateways and conatnet and malware analysis products adds an isolation layer that protects users in real-time from threats targeting users from vectors such as uncategorized web sites.
