PRODUCTS
PARTNERS
SUPPORT
RESOURCES
COMPANY
+ SPYWARE & MALWARE

BUSINESS
Spyware & Malware Protection

 

Why SecureDesk

How it works

Benefits

Features

 

See Datasheet

 

See Case Studies

 

 

 

 

 

 

Spyware & Malware Protection - SaaS

 

See Web Content Filtering

 

re-routes a company's HTTP traffic via the same security technology that is used by many major organisation including ICI, BMW, Rothchild and The National Trust. Making available to the Small / Medium size business the same leading edge technology which is usually the exclusive domain of larger corporates.

filtering service provides look-ahead scanning to detect known malware on a website. It then utilises a proprietary "Artificial Intelligence Outbreak Technology" to scan the information that is returned from the website, thereby protecting against "Drive by Attacks". All data received from internet websites is fully analyzed and where appropriate "Sandbox" tested for viruses exploits prior to delivery to a user's computer. This prevents computer contamination even before the Anti-Virus companies know about a new virus.

Web browsing has become the favourite target of malicious code writers seeking to compromise your computers. The number of browser and software vulnerabilities continues to rise, fuelling zero-hour exploits which can infect systems before patches or signatures are available. The threat is moving from the inbox to the browser with increasing focus on gaining financial advantage. This is most evident in the recent rise of spyware and trojans which can steal confidential / financial information.

 

 

Clickhere - to see adynamic map of global attacks in the past hour

 

By the time most users realize they have a problem, the damage is already done, and they are left with the high cost of remediation, lost productivity, and unnecessary network traffic and system instabilities. Increasing browser vulnerabilities, zero-hour threats, and the insertion of malicious code on legitimate sites have made real-time malware scanning essential - simply filtering by URL leaves a large security gap.

 

How it Works

By installing a small client program on each PC or by configuring each computer to use a Proxy Server, all the Internet traffic for Web and FTP-over-HTTP are re-routed via the Malware Filtering Servers.

 

SecureDesk-Web Flow Chart

 

Prevention is better than cure

Unlike desktop anti-malware solutions, we adopt a prevention-is-better-than-cure approach. Our Web Malware Scanning service eliminates all types of harmful Web malware, including spyware, viruses and zero-hour threats before they can enter and infect your computers. Our service delivers true layered defense through a combination of multiple best-in-class signature scan engines, multiple reputation and behavior analysis engines, automated machine-learning heuristics, and the industry's largest Web data set.

All Web requests are scanned in real-time, rather than solely relying on static URL lists, providing you with dynamic, real-time and multi-layered protection.

 

Proactive Heuristics

Anti-malware scan engines will protect your network from threats that have been previously identified and documented. But what if your computer is one of the first to be attacked? Signature-based scanning alone will not provide the protection you need. SecureDesk-Web uses "Outbreak Intelligence", a proprietary security platform from Scansafe, which analyzes URL reputation, traffic behavior, code behavior, and code reputation in addition to signatures to detect unknown, as well as known, malware. Once it has detected unknown malware, Outbreak Intelligence automatically propagates the protection to the scanning layer, where the threat is neutralized before it can reach your network.

 

How OutBreak Intelligence works

 

 

Outbreak Intelligence uses multiple signature-based anti-malware scan engines and multiple heuristic detection engines to scan inbound and outbound Web traffic in real-time for new and known Web malware.

 

Signature-Detection scanning detects known Web malware residing on reputable and uncategorized Web pages. Signature detection utilizes multiple, industry-leading anti-malware scan engines, covers all known spyware and viruses, updates hourly and immediately in emergencies, receives new signatures within two hours of new malware detection, and is supported by 24/7 global malware research conducted by the world’s largest malware laboratories and collection networks.

 

The URL reputation engine assesses the reputation of a Web page by examining parameters such as IP address information, country of the Web server, history and age of the URL, domain registration information, network owner information, traffic rank of the Web site, URL categorization information, and types of content present.

 

The Traffic Behavior engine analyzes network traffic patterns to identify suspicious, atypical traffic which would suggest malicious code exploiting a vulnerability or malware communications, for example, from an infected notebook computer to a botnet command-and-control computer. A code behavior engine determines the behavior of the code by modeling program logic, behavioral rules, and contextual parameters that taken together would suggest good or bad intentions.

 

ScanSafe’s proprietary Code Behaviour heuristic engines utilize non-signature detection techniques and automated machine-learning technologies to dynamically generate several thousand fine-grained heuristic parameters that reach beyond the scope of security researchers’ prior knowledge of malware. As a result, OI heuristic engines detect up to 15% more malware than reactive signature-based detection.

 

The Code Reputation engine examines the Web code itself to determine if it is unusual and possibly malicious. It compares information such as type of code, history and age of the code, frequency of the code, file structure/header/content patterns, and program logic patterns, to code that is known to be good or bad in ScanSafe’s massive Web data set. This engine is especially effective for flagging new code that differs from the universe of known good code.

Summary of features

  • Powered by proprietary Outbreak Intelligence Web security platform
  • Multiple best-in-class anti-malware scan engines to detect all known spyware and viruses
  • Multiple heuristic engines that analyze the industry's largest Web data set for URL reputation, traffic behavior, code behavior, and code reputation to detect unknown malware
  • No maintenance - automatic, frequent signature and heuristic updates
  • Inbound and outbound Web traffic (HTTP and FTP-over-HTTP) inspected for malware and malware communications
  • Real-time scanning of Web traffic without latency for thousands of organizations around the world.
  • No patching, continuous AV signature updates

Benefits of Malware Scanning

  • Proactive blocking of Web malware programs before they reach your network
  • Protection from zero-hour threats
  • Reduce patching and updates
  • Eliminate downtime and remediation of infected desktops

Want to know more