How vulnerable are your websites to malware infections?
Mobility, the consumerization of IT and cloud services are disrupting the traditional concept of a definable, protectable perimeter. Key company assets such as websites and mobile applications outside of the corporate network are especially vulnerable for the following reasons:
- The web continues to grow at a massive rate - with more than 4 billion pages across 650 million unique sites in existence today. This scope and scale makes it easy for malicious attacks to go undetected.
- The increasing use of cloud services and mobile devices by business users are disruptive to security as underlying technologies supporting these trends are immature and susceptible to attacks.
- Network perimeter security is mature and harder to penetrate, causing hackers to look beyond the firewall for easier targets.
How is RiskIQ different from other web security solutions?
RiskIQ™ for Web was purpose built to address the challenge of the open web, with the ability to scan at scale efficiently. We understand that enterprises often have to keep track of hundreds of websites with thousands of web pages, including third-party sites that include their brand or assets. Dedicating the resources to continuously scour the open web for malicious activity impacting their web assets is not cost-effectively nor a core competency for enterprises.
With our unique approach to scanning the open web, we provide the visibility and control needed by enterprises to discover and monitor all their web assets - both known and unknown. And because of our expansive coverage of the web, we often discover emerging threats "in the wild" and can help enterprises proactively address problems before they can do major damage to brand, revenue and reputation.
Our 3-step methodology:
Discover: We automatically filter out the noise and enable you to bring critical assets under management, while dismissing the rest. The discovery process never ends, as we continually scan the open web for new or unknown assets that you care about.
Monitor: Once your assets are discovered, they can brought under management for continuous monitoring. At this point, you can create policies that determine areas of concern for your business. RiskIQ for Web provides you a systematic way to review events generated by your policies.
Review: We provide a user-friendly review workflow that enables you to quickly navigate through events that have been triggered. Events are scored based on pre-defined policy so you view the events that are most important to you, while deprioritizing events that have less business impact.
Intelligent Virtual Users
- While many solutions use superficial site scanning methods such as scraping, RiskIQ for Web leverages virtualized clusters that enable the accurate rendering and analyses of sites through virtual users.
- In seeing the web no differently than a human user would, we can accurately determine if an imminent threat exists.
Global Proxy Infrastructure
- Our global proxy network simulates real user experiences from around the world, to provide an accurate perspective of web pages from multiple geographies.
- Our ability to swap out IP addresses across our proxy network ensures the perspective maintained by our scanners is accurate and we are able to catch intelligent, self adjusting strains of malware and malvertising.
Full Packet Capture and the DOM
- As our virtual users interact with the web, a full capture of the session is brought offline and organized in a big data store.
- In addition to this capture is the preservaton of the Document Object Model (DOM), which provides an organized view of the sequences and redirects happening behind the scenes with user sessions. This provides a method to effectively "rewind" a site to review what it looked like at any point in time for retroactive policy checks.
Unique intelligence: RiskIQ WebDB
- Our system has been gathering intelligence and learning web behavior for over four years.
- This information is stored in our WebDB and as new intelligence is gathered, used to make the system smarter, and by extension, make our customers more informed about the origins and viral nature of web-based threats.
- With our virtual users and full packet capture technology, we have an early warning alert system for detecting threats that have yet to be classified.
Who benefits from our web security solution?
- Security and IT teams get transparency into threats across their web ecosystem, allowing them to maintain strict security standards to minimize threats to their web visitors.
- Threat & Risk Intelligence teams who need early alerts on emerging threats to their company's web and mobile assets.
- Legal and Compliance teams who need to ensure that their web properties are clean and clear of malware or trademark infringements.