Proofpoint, a provider of Security-as-a-service solutions, on Thursday announced “Proofpoint Targeted Attack Protection”, a new cloud-based security solution designed to provide protection against spear phishing and other malicious, targeted attacks.
According to the company, the new offering combines an array of big data technologies including data analysis techniques, URL interception, and malware sandboxing to provide increased levels of protection in any location – in the office behind the corporate firewall, or on the road.
“Proofpoint Anomalytics examines hundreds of variables in real time -- including message properties and the email traffic history of the message recipient -- to understand per-user what constitutes "normal" mail traffic, and to identify exceptions that would indicate that an incoming message may be (or later become) a threat,” the company explained.
Targeted attacks are nothing new for information security professionals, but still prove to be a significant challenge to defend against.
As Gartner analysts Neil MacDonald and Lawrence Pingree note in Best Practices for Mitigating Advanced Persistent Threats, "In the past, signature-based technologies such as antivirus were adequate to protect against a majority of threats. However, the emergence of newer attack and payload delivery techniques that bypass these traditional signature-based approaches must be addressed by new emerging security technologies as well as augmentation of our old paradigm of thinking about traditional security technologies."
With Proofpoint Targeted Attack Protection, attachments and URLs in suspected messages are analyzed in detail, and links within emails transparently redirect browsers through Proofpoint’s cloud to inspect for malicious content, anytime a link is clicked, a tactic the company calls "URL click-time defense" that helps protect against URLs that were initially harmless but may have turned malicious at a later time.
Using Proofpoint’s Threat Insight Service, the service provides increased visibility into persistent threats and includes a Web-based threat dashboard and configurable alerts that provides administrators and security professionals the ability to identify targeted attacks, the scope of these attacks, which individuals are being targeted by the attacks, the nature of the attacks, and what mitigation steps can be taken actions if necessary.
Scheduled for general availability during the third quarter of 2012, Proofpoint Targeted Attack Protection can be rapidly deployed without up-front capital expenditures and is designed to complement existing email and web-security products. Licensing is based on a per-user, per-year model.