Welcome!

Release Management Authors: Pat Romanski, Elizabeth White, David H Deans, Liz McMillan, Jnan Dash

Related Topics: Cloud Security

News Feed Item

Finjan Vital Security(TM) Web Appliance was the Only Web Security Product to Detect and Block Potentially Destructive Web Attack Without Product Update or Signature

Online Benchmark Test of Malicious Code Against 32 Web Security Products Shows Superiority of Finjan's Real-Time Code Inspection

SAN JOSE, California, March 28 /PRNewswire/ -- Finjan, a leader in web security products, today announced that its patented real-time code inspection technology is the only web security product that detected malicious code on a potentially destructive web page propagated by a malicious Russian website earlier this month. Finjan subsequently communicated its discovery of the malicious code to an independent online security industry benchmark website, VirusTotal.com, which benchmarked the code against 32 well-known web security products. Upon completion of the benchmark, VirusTotal established that the entire list of products failed to detect the code as malicious and as a result did not block it. Finjan's Vital Security Web Appliance was the only security solution that managed to detect and block the code in real-time, without any product update or signature.

"The findings of this online benchmark test underscore significant trends that we are seeing on the web today: threats are growing more sophisticated and the task of keeping track of dynamic, malicious web content is becoming more difficult," said Finjan Chief Technology Officer, Yuval Ben-Itzhak. "The online VirusTotal benchmark points to the superiority of our patented real-time code inspection technology -- which detects malicious code by inspecting it in real-time and `understanding' what the code intends to do before it does it -- over other vendors' products that rely on database updates to detect malware."

The malicious code detected is discussed in detail in Malicious Page under Benchmark (http://www.finjan.com/Content.aspx?id=1367), a report from Finjan's Malicious Code Research Center (MCRC). The malicious code exploits various browser vulnerabilities and uses AJAX technology to download and execute malicious code from a remote server. Simply by visiting this page, without taking any action, the visitor's machine is infected.

Ben-Itzhak noted that an important aspect of the benchmarked page was its use of dynamic code obfuscation to hide the malicious code. The increased use of dynamic code obfuscation was the focus of Finjan's Q4 2006 Web Security Trends Report (http://www.finjan.com/Content.aspx?id=827). "This technique is increasingly popular among hackers as a way to create malware that eludes traditional signature-based solutions like anti-virus and URL filtering," he said. "By detecting and blocking obfuscated malicious code in real-time, our technology offers a critical advantage in protecting against today's dynamic web threats."

About MCRC

Malicious Code Research Center (MCRC) is the leading research department at Finjan, dedicated to the research and detection of security vulnerabilities in Internet and email applications as well as other popular applications. MCRC's goal is to continue to be steps ahead of hackers attempting to exploit open platforms and technologies to develop malicious code such as Spyware, Trojans, Phishing attacks, worm and viruses. MCRC researchers work with the world's leading software vendors to help patch their security holes, as well as contribute to the development of next generation defense tools for Finjan's proactive secure content management solutions. For more information, visit our MCRC subsite (http://www.finjan.com/SecurityLab.aspx?id=547).

About VirusTotal

VirusTotal is an online service that analyzes suspicious files and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware detected by antivirus engines. VirusTotal is a service developed by Hispasec Sistemas, an independent IT Security laboratory, which uses several command line versions of antivirus engines, updated regularly with official signature files published by their respective developers. For more information, visit http://www.virustotal.com/.

About Finjan

Finjan is a global provider of best-of-breed web security solutions for businesses and organizations. Our proactive, appliance-based solutions deliver the most effective shield against web-borne threats, freeing enterprises to harness the web for maximum commercial results. Finjan's web security solutions utilize patented behavior-based technology to proactively repel all types of threats arriving via the web, such as Spyware, Phishing, Trojans and other malicious code, securing businesses against unknown and emerging threats, as well as known malware. Finjan's security solutions have received industry awards and recognition from leading analyst houses and publications, including IDC, Butler Group, SC Magazine, CRN, PCPro, ITWeek, and Information Security. With Finjan's award-winning and widely used solutions, businesses can focus on implementing web strategies to realize their full organizational and commercial potential. For more information about Finjan, please visit: http://www.finjan.com/.

(c) Copyright 1996-2007. Finjan Software Inc. and its affiliates and subsidiaries. All rights reserved. All text and figures included in this publication are the exclusive property of Finjan and are for your personal and non-commercial use. You may not modify, copy, distribute, transmit, display, perform, reproduce, publish, license, create derivative works from, transfer, use or sell any part of its content in any way without the express permission in writing from Finjan. Information in this document is subject to change without notice and does not present a commitment or representation on the part of Finjan. The Finjan technology and/or products and/or software described and/or referenced to in this material are protected by registered and/or pending patents including U.S. Patents No. 6092194, 6154844, 6167520, 6480962, 6209103, 6298446, 6353892, 6804780, 6922693, 6944822, 6993662, 6965968, 7058822, 7076469, 7155743, 7155744, 7185358 and may be protected by other U.S. Patents, foreign patents, or pending applications.

Finjan, Finjan logo, Vital Security, Vulnerability Anti.dote and Window-of-Vulnerability are trademarks or registered trademarks of Finjan Inc., and/or its affiliates and subsidiaries. All other trademarks are the trademarks of their respective owners.

Media Contacts United States Jan Wiedrick-Kozlowski Activa PR Tel. +1-585-392-7878 [email protected] UK Neil Stinchcombe Eskenzi PR Ltd. Tel: +44-(0)208-449-1007 [email protected]

Finjan Software

CONTACT: Media Contacts: United States, Jan Wiedrick-Kozlowski, Activa
PR, Tel. +1-585-392-7878, [email protected]; UK, Neil Stinchcombe, Eskenzi PR
Ltd., Tel: +44-(0)208-449-1007, [email protected]

More Stories By PR Newswire

Copyright © 2007 PR Newswire. All rights reserved. Republication or redistribution of PRNewswire content is expressly prohibited without the prior written consent of PRNewswire. PRNewswire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

IoT & Smart Cities Stories
Blockchain is a new buzzword that promises to revolutionize the way we manage data. If the data is stored in a blockchain there is no need for a middleman - the distributed database is stored on multiple and there is no need to have a centralized server that will ensure that the transactions can be trusted. The best way to understand how a blockchain works is to build one. During this presentation, we'll start with covering the basics (hash, nounce, block, smart contracts) and then we'll crea...
History of how we got here. What IoT devices are most vulnerable? This presentation will demonstrate where hacks are most successful, through hardware, software, firmware or the radio connected to the network. The hacking of IoT devices and systems explained in 6 basic steps. On the other side, protecting devices continue to be a challenging effort. Product vendors/developers and customers are all responsible for improving IoT device security. The top 10 vulnerabilities will be presented a...
As the fourth industrial revolution continues to march forward, key questions remain related to the protection of software, cloud, AI, and automation intellectual property. Recent developments in Supreme Court and lower court case law will be reviewed to explain the intricacies of what inventions are eligible for patent protection, how copyright law may be used to protect application programming interfaces (APIs), and the extent to which trademark and trade secret law may have expanded relev...
Never mind that we might not know what the future holds for cryptocurrencies and how much values will fluctuate or even how the process of mining a coin could cost as much as the value of the coin itself - cryptocurrency mining is a hot industry and shows no signs of slowing down. However, energy consumption to mine cryptocurrency is one of the biggest issues facing this industry. Burning huge amounts of electricity isn't incidental to cryptocurrency, it's basically embedded in the core of "mini...
At CloudEXPO Silicon Valley, June 24-26, 2019, Digital Transformation (DX) is a major focus with expanded DevOpsSUMMIT and FinTechEXPO programs within the DXWorldEXPO agenda. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive over the long term. A total of 88% of Fortune 500 companies from a generation ago are now out of business. Only 12% still survive. Similar percentages are found throug...
At CloudEXPO Silicon Valley, June 24-26, 2019, Digital Transformation (DX) is a major focus with expanded DevOpsSUMMIT and FinTechEXPO programs within the DXWorldEXPO agenda. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive over the long term. A total of 88% of Fortune 500 companies from a generation ago are now out of business. Only 12% still survive. Similar percentages are found throug...
Every organization is facing their own Digital Transformation as they attempt to stay ahead of the competition, or worse, just keep up. Each new opportunity, whether embracing machine learning, IoT, or a cloud migration, seems to bring new development, deployment, and management models. The results are more diverse and federated computing models than any time in our history.
At CloudEXPO Silicon Valley, June 24-26, 2019, Digital Transformation (DX) is a major focus with expanded DevOpsSUMMIT and FinTechEXPO programs within the DXWorldEXPO agenda. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive over the long term. A total of 88% of Fortune 500 companies from a generation ago are now out of business. Only 12% still survive. Similar percentages are found throug...
Atmosera delivers modern cloud services that maximize the advantages of cloud-based infrastructures. Offering private, hybrid, and public cloud solutions, Atmosera works closely with customers to engineer, deploy, and operate cloud architectures with advanced services that deliver strategic business outcomes. Atmosera's expertise simplifies the process of cloud transformation and our 20+ years of experience managing complex IT environments provides our customers with the confidence and trust tha...
Where many organizations get into trouble, however, is that they try to have a broad and deep knowledge in each of these areas. This is a huge blow to an organization's productivity. By automating or outsourcing some of these pieces, such as databases, infrastructure, and networks, your team can instead focus on development, testing, and deployment. Further, organizations that focus their attention on these areas can eventually move to a test-driven development structure that condenses several l...