Websense touts preemptive threat-protection technology

Plans to integrate ThreatSeeker across security product line.

Using the intelligence Websense products use to ferret out and block inappropriate Web sites, the company has developed a technology that can do the same for sites containing malicious code.

Using the intelligence Websense products use to ferret out and block inappropriate Web sites, the company has developed a technology that can do the same for sites containing malicious code.

ThreatSeeker, which been in development for more than five years, comprises algorithms, behavior-profiling methods, and code-analysis processes that are powered by a network of data-mining computers to spot emerging and complex threats, the company says. It is designed to protect customers before patches or signatures are developed for known threats, company officials say.

Much like Websense’s existing Web-filtering software identifies Web sites that organizations want to keep their employees from visiting on company time -- inappropriate ones like porn sites or productivity-zappers like myspace.com -- ThreatSeeker makes it possible to identify and block sites containing such malicious code as keyloggers that can be downloaded to a visiting PC without the visitor knowing it.

“We are already out there actively discovering Internet [sites]; we started doing that to identify porn sites and other things like that,” says John McCormack, senior vice president of product development at Websense. “We started enhancing that process with technology like analytics and research and other things to start looking for security-related issues,” he says.

One network administrator who has been a Websense customer for years was skeptical of ThreatSeeker’s ability to scan the entire Web for threats. But, says Joe Pable, with chemicals distributor Harcros Chemical in Kansas City, Kan., he’s already experienced ThreatSeeker in action.

“I was stopped from visiting a malicious site the other day; I was doing a Google search and when I clicked on one of the search results a pop-up came up and blocked it,” he says. “There are so many threats out there, so [ThreatSeeker] is one of those things I will instinctively keep an eye on. . . but I’m glad it’s there.”

ThreatSeeker was developed in response to the evolution of security threats during the last few years, morphing from virus writers and the like looking to show off, to serious criminals seeking financial gain, McCormack says. One of the most effective ways to steal personal or financial information is by secretly installing software on unsuspecting users’ PCs that sends data input or stored on the PC back to the software’s controller.

ThreatSeeker is available in all of Websense’s security products via the company’s automated download service. ThreatSeeker also will be integrated into the data-leakage prevention offering that Websense is working on with PortAuthority Technologies and that is expected to be released by mid-2007, says McCormack.

This week the company also announced an upgrade to its Web security and filtering software. In addition to including ThreatSeeker, Version 6.3 of Websense Web Security Suite features enhancements to the software’s reporting capabilities and integrates with Citrix Presentation Server, according to the company. The suite is priced at $33 per user, per year for 1,000 users.

Learn more about this topic

Websense to integrate PortAuthority’s information leak-prevention technology09/27/06Phishing group reports record sites for July09/11/06Google's binary search helps dig up malware07/07/06
Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.
Now read: Getting grounded in IoT