Websense Unveils First Internet Security “HoneyGrid”
March 2008 by Marc Jacob
Websense, Inc. unveiled a global network of adaptive security technologies and processes designed to continuously monitor the Internet for changes and emerging threats. The resulting intelligence is immediately incorporated into the company’s Web security, messaging security and data loss prevention solutions. As a result, organizations can advance their objectives using the Internet as a business platform while managing risks to their essential information, systems and employees.
The New Websense® ThreatSeeker™ Network, which features the world’s first “Internet HoneyGrid™” melds both honeypots and advanced grid computing systems to parse through more than one billion pieces of content daily searching for security threats. The new system uses more than 50 million real-time data collecting systems worldwide to monitor and to classify Web, messaging and data content – giving Websense unparalleled visibility into the state of content on the Internet. With this unique Internet intelligence, Websense security products can adapt to the rapidly-changing Internet at speeds not possible by traditional security solutions from Symantec, McAfee and TrendMicro, and basic Web filtering solutions offered by Secure Computing, BlueCoat and others.
The Rise of Employee 2.0
Driven by a need for real-time communication and collaboration, today’s support for Web 2.0 applications, at the expense of traditional desktop applications, is growing exponentially. Corporate employees are introducing dynamic Web 2.0 content, Web-based applications and widgets generated by unknown developers, into the corporate IT environment for both legitimate and non-legitimate purposes.
Examples of these new technologies include hosted Web applications, including those recently launched by Google, that allow employees to instantly share their organization’s data outside of the organization’s traditional security perimeter without any IT approval or oversight. In the past, security solutions solved these threats by attempting to block or turn off communication. Today, this approach is not viable. For an organization to thrive in today’s Internet world, content must be accessible and data exchanged across these new communications channels.
Introducing the new Websense ThreatSeeker Network
The Websense ThreatSeeker Network is fundamentally different than any security discovery and classification system on the market today, offering an alternative to outdated signature-based anti-virus systems and costly intrusion prevention systems. Based in part on the Websense ThreatSeeker technology introduced in 2006 and augmented significantly since 2006 with organically-developed and acquired research technologies from both SurfControl and PortAuthority, the new ThreatSeeker Network includes more than 50 million data collecting “virtual researchers” worldwide, discovering and analyzing billions of disparate pieces of Internet content every day—whether malware, Web sites, applications, e-mails, structured or unstructured data. The ThreatSeeker Network provides Internet intelligence to Websense Web, messaging and data security products, which then provides protection to customers. The new ThreatSeeker Network:
· Includes more than 100 Websense Security Labs™ researchers worldwide lead by security industry luminaries
· Leverages content classification and data identification with binary, lexical and statistical analysis along with heuristics, image recognition, machine learning, pattern detection, natural language processing and data fingerprinting
· Leverages data-mining Honeyclients that mine and analyze more than 100 million Web sites daily
· Uses more than 50 million real-time data collecting systems parsing through one billion pieces of content daily
· Scans more than 100 million e-mails and 50 million Web sites daily to classify content “in the cloud” through Websense Hosted Security™ data collection services
· Scans nearly 10 million emails for unwanted content and malicious code every hour.
· Uses Honeypots and Spamtraps that capture spam, phishing or exploit campaigns accounting for more than 10 million unsolicited e-mail and Web-based attacks daily
· Assigns more than 2 million domains, networks, IPs and hosts with reputations every hour.
Current Websense Web, messaging and data security customers benefit from the intelligence gathered by the ThreatSeeker Network today, but in the second half of 2008 Websense plans to launch the next-generation of its Web and data security products which include industry-first advanced real-time classification capabilities as well as application intelligent data controls on or off of the organization’s network.