Evolutions in Browser Security

Size: px
Start display at page:

Download "Evolutions in Browser Security"

Transcription

1 ANALYST BRIEF Evolutions in Browser Security TRENDS IN BROWSER SECURITY PERFORMANCE Author Randy Abrams Overview This analyst brief aggregates results from NSS Labs tests conducted between 2009 and 2013 in a comparison of phishing and socially engineered malware (SEM) protection by the leading browsers. Figure 1 reveals trends in protection levels of the four leading browsers, comparing combined test results from 2009 to the recent 2012 and 2013 scores. 100% % 80% Average Phish 2012 Malware 70% 60% 50% Chrome Firefox IE 40% 30% Average Malware 2009 Safari Average Phish 20% Average Malware 10% % 0% 20% 40% 60% 80% 100% Phishing Figure 1 Leading Browser Malware and Phishing Block Rates (2009, 2012, 2013)

2 In the NSS tests, the browsers are rated on performance in four categories: Average phishing block rate Zero- hour phishing block rate Average SEM block rate Zero- hour SEM block rate Internet Explorer (IE) shows a consistently superior ability to block SEM, while providing competitive phishing protection; it leads the tested browsers in combined protections for these categories. Google s Download Protection technology has improved significantly over time, placing it behind IE but well ahead of Firefox and Safari. Both Firefox and Safari lead the other browsers in phishing protection but provide negligible protection against SEM attacks. This analyst brief includes data from previously published NSS phishing tests conducted in 2009, 2012, and 2013, as well as SEM tests published every year from 2009 to In 2010, two SEM tests were published. Figure 2 shows the overall performance of the browsers for the 2013 browser phishing and SEM tests. IE 89% Chrome 76% Safari 53% Firefox 52% 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100% Figure Combined Phishing And Malware Block Rates Figure 2 treats all protection metrics in 2013 equally. Later in this analyst brief, Figure 15 will add weighting based on the relative protection importance of the tested parameters in order to provide a more realistic ranking of the browsers in Figure 14 provides an aggregation of all of the tests from 2009 to 2013, with emphasis placed on freshness and relative importance of the test metrics. 2

3 NSS Labs Findings The browser is the first line of defense against multiple web- based threats; however, with a maximum historical protection rate of just 80 percent, the browser should not be the only line of defense. Products that do not provide the bulk of their protection in the earliest hours of an attack are not meeting the security requirements of today s threatscape. Microsoft s Internet Explorer continues to provide the best combination of malware and phishing protection. The application reputation technologies used by browsers from both Microsoft and Google provide a significantly safer browsing experience than do the browsers from Apple and Mozilla. User education is often better protection against social engineering attacks than browser technologies. NSS Labs Recommendations Invest in awareness education about social engineering for all users. Evaluate trends that may indicate the need for browser replacement. Select and use security products that augment the protective capabilities of the browser. 3

4 Table of Contents Overview... 1 NSS Labs Findings... 3 NSS Labs Recommendations... 3 Analysis... 6 Phishing Trends and Threats... 6 NSS Empirical Results: Phishing Protection... 7 NSS Empirical Results: Socially Engineered Malware Protection... 9 Combined Protection Effectiveness Aggregate Values Weight A Minute Evaluating the Data The Great Equalizer Appendix A: Raw Data Appendix B: Weighting Formulas Protection Multipliers: Year Multipliers: Reading List Contact Information

5 Table of Figures Figure 1 Leading Browser Malware and Phishing Block Rates (2009, 2012, 2013)... 1 Figure Combined Phishing And Malware Block Rates... 2 Figure 3 Unique Phishing Attacks... 6 Figure 4 APWG Phishing Uptime Statistics... 7 Figure 5 Mean Block Rate for Phishing... 7 Figure 6 Zero- Hour Phishing Block Rate... 8 Figure 7 Time to Block Phishing Attacks Relative to Uptime Trends (Hours)... 9 Figure 8 Mean Block Rate for Socially Engineered Malware... 9 Figure 9 Zero- Hour Socially Engineered Malware Block Rate Figure 10 Content Agnostic Malware Protection Breakout Figure 11 Combined Test Results (Not Weighted) Figure 12 Time Weighted Figure 13 Protection Weighted Figure 14 Time and Protection Weighted Scores Figure Weighted Scores Figure 16 Mean Block Rate for Phishing Figure 17 Zero- Hour Block Rate Figure 18 Mean Block Rate for SEM Figure 19 Zero- Hour Block Rate for SEM Figure 20 Time Weighting Figure 21 Protection Type Weighting Figure 22 Type and Year Weighting

6 Analysis Socially engineered malware and phishing attacks are two of the most significant threats against which web browsers must defend. NSS has for several years tested the leading browsers for their ability to protect against these attacks; however, each test has been presented as a stand- alone snapshot in time. While these real- world snapshot tests yield useful information, a correlated report is equally valuable in order to assess trends and establish vendor track records. This analyst brief examines the historical performance of browsers against phishing and against socially engineered malware attacks. The browsers are evaluated against each other and against the phishing threatscape. If the best performing product affords little protection, then the worst performing product is not significantly different. Fortunately, there are browsers that are addressing the challenges and that are able to provide significant protection for users. Phishing Trends and Threats The Anti- Phishing Working Group (APWG) has collected and published statistics about phishing attacks for several years. The APWG Phishing Attack Trends 1 and Global Phishing Survey 2 reports provide important insight into the phishing problem. From Figure 3 it can be inferred that although the number of unique phishing s and web sites has varied from 2009 to 2012, the scope of the problem remains significant. The uptick in unique phishing sites discovered in 2012 is not accompanied by a significant uptick in reports of unique phishing s. While this may be due to under- reporting of phishing , it is likely indicative of cyber criminals increasingly using redirects in an attempt to compensate for the declining lifetimes of their attacks. 700, , , , , , , Unique Phishing s Reported Unique Phishing Web Sites Discovered Figure 3 Unique Phishing Attacks 1 reports/ 2 reports/whitepapers 6

7 One of the critical metrics surrounding a browser s effectiveness in combatting phishing attacks is how quickly it adds protection once an attack is live. Figure 4 illustrates the general decline in the lifetimes of phishing sites. In 2012, the average phishing site was live for just under 25 hours, and the median lifetime was approximately 12 hours. Products that do not provide the bulk of their protection in the earliest hours of an attack are not meeting the security requirements of today s threatscape H2009 2H2009 1h2010 2h2010 1h2011 2h2011 1h2012 2h2012 Average Uphme (Hours) Median Uphme (Hours) Figure 4 APWG Phishing Uptime Statistics NSS Empirical Results: Phishing Protection NSS tested the leading browsers for phishing protection in 2009, 2012, and 2013, with the results presented in Figure 5 and Figure % 90% 80% 70% 60% 50% 40% 30% 20% 10% 0% Figure 5 Mean Block Rate for Phishing Chrome Firefox IE Safari Average In 2009, only IE and Firefox provided competitive block rates for phishing, with results in 2012 narrowing the differences to a four- point spread between browsers. In 2013, Firefox and Safari posted modest improvements in their scores, while Chrome dropped by 2 percent. IE has a trend of solid performance, but the browser s phishing block rate declined from 92 percent in the 2012 Browser Security Comparative Analysis Report (CAR) on Phishing Protection to 83 percent in the 2013 CAR on Phishing Protection. 7

8 The lower results in the 2013 test should be evaluated against future tests to determine if the decline in IE s mean block rate in the 2013 test indicates a problematic trend. The time required to add new phishing sites is an important metric when determining the relevance of the mean block rate to consumer protection. For example, a browser that blocks more phishing sites in the first 12 hours will provide better protection than a less responsive browser that achieves a better block rate in the long run. Historically, NSS testing has found that the browsers with the best early detection continue to lead until the end of the test; however, this may not always be the case. 100% 90% 80% 70% 60% 50% 40% 30% 20% 10% 0% Figure 6 Zero- Hour Phishing Block Rate Chrome Firefox IE Safari Average During the 2013 test, all browsers showed improvement over their historical zero- hour block rates, as depicted in Figure 6. A metric that has a high correlation to the zero- hour block rate is the average time required to add protection for new phishing sites. Figure 7 shows the APWG average phishing site uptime statistics and the mean phishing site uptime statistics overlaid with the results of the tested browser performance for average time to add protection for new phishing sites. (The APWG statistics for the first half of 2013 were not available at the time of writing.) Note that the browser phishing protection tests were performed only in 2009, 2012, and 2013, so performance in 2010 and 2012 is graphed in a linear fashion and may not reflect actual performance in those two years. Safari is the only browser to have had a worse response time to phishing attacks than either the mean or the average uptime for phishing sites since NSS began testing browsers. But Apple has dramatically improved its performance, and Safari posted the fastest response times in the most recent test report. The median uptime for phishing attacks is significantly lower than the average response time and is the more important metric. All of the browsers are adding protection very quickly, with IE requiring 2.6 hours and Safari averaging 30 minutes. Firefox, however, has demonstrated the most consistent protection for phishing over time. 8

9 Chrome Firefox IE Safari APWG Average Uphme APWG Median Uphme Figure 7 Time to Block Phishing Attacks Relative to Uptime Trends (Hours) NSS Empirical Results: Socially Engineered Malware Protection Socially engineered malware (SEM) refers to an attack that deceives users into downloading and installing malicious software. In recent years, rogue antivirus programs have been at the forefront of SEM; however, there are many types of malicious programs that criminals use in conjunction with social engineering for financial gain. Figure 8 demonstrates that there are, and historically have been, dramatic differences in browser protection against SEM. 100% 80% 60% 40% u Google Buys VirusTotal 20% 0% 2009 Q Q Chrome Firefox IE Safari Figure 8 Mean Block Rate for Socially Engineered Malware NSS conducted six browser malware protection tests between 2009 and 2013, and IE significantly outperformed the competition in all six texts. Only recently has Chrome become a viable option that provides significant malware protection for users. While Chrome, Firefox, and Safari all use Google s Safe Browsing API, Chrome alone incorporates Google s Content Agnostic Malware Protection technology (CAMP). Prior to 2012, all three of the browsers using Google s Safe Browsing API performed comparably. 9

10 When Google acquired VirusTotal, it was widely assumed that the service would be used to improve Chrome s malware blocking abilities. The 2013 results do show an improvement in Chrome s mean block rate, but also a significant drop in zero- hour protection. If Google continues to improve Chrome s SEM protection, it may be difficult to differentiate the contribution of the VirusTotal acquisition from ongoing investment in Google s Download Protection technology. As with phishing attacks, response time is critical when providing protection against malware attacks. Figure 9 shows browser performance graphed at zero hour against SEM attacks. IE significantly outperforms the competition in all six tests. Both Firefox and Safari have declined in SEM protection since % 80% 60% 40% 20% 0% u Google buys VirusTotal 2009 Q Q Chrome Firefox IE Safari Figure 9 Zero- Hour Socially Engineered Malware Block Rate Google s Download Protection technology and Microsoft s App Rep technologies are the reason that Chrome and IE are able to block such high percentages of SEM. Neither Chrome nor IE relies on the certain knowledge that a file is bad; rather, they block files that do not meet reputational criteria IE 88.5% 10.6% 2012 Chrome 4.5% 65.8% 2013 IE 83.2% 16.8% 2013 Chrome 10.0% 73.2% 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100% URL Reputahon Applicahon Reputahon Download Protechon Figure 10 Content Agnostic Malware Protection Breakout Figure 10 displays the combination of SEM- blocking technologies used by Chrome and IE. Both URL and CAMP protection methodologies can suffer from false positives; however, the more important consideration is the protection that URL reputation adds over CAMP. 10

11 When a web page contains both exploits and SEM, URL reputation will protect the user from exploits, in addition to SEM. Where CAMP is the only protection mechanism, the user can still fall victim to exploits. Consequently, IE s strong use of URL reputation compared to Chrome s use renders IE s SEM protection significantly more valuable. Combined Protection Effectiveness Aggregate Values The purpose of combining scores to arrive at a single value is to allow for the reuse of this value in conjunction with other metrics in order to select the browser that best balances selection criteria. Phishing and SEM protection, the metrics used in this brief, are a part of overall browser security. The number, severity, and longevity of exploits against a browser constitutes a metric, and security of stored passwords is yet another metric. Privacy protection capabilities, such as those discussed in the analyst brief 2013 Browser Security Comparative Analysis: Privacy, can be combined with vulnerability metrics as well as other performance metrics in order to make educated product selection decisions based on the combined performance across all aspects of interest. Weight A Minute Not all protection metrics are equal. The majority of phishing attacks will fail because the intended victim is not a customer of the targeted brand. A customer of Barclays is not going to fall victim to a phish against Wells Fargo customers. A user without a Gmail account will not surrender credentials if they receive a phish targeting Gmail. SEM attacks are brand agnostic and can even customize the payload for specific operating systems. A larger percentage of SEM attacks will succeed compared to phishing attacks. As such, protection against SEM is of greater importance than phishing protection. For both phishing and SEM, time is of the essence. Zero- hour SEM blocking is a more important metric than overall SEM blocking. Overall SEM blocking is of more significance than zero- hour phishing protection, and the mean block rate for phishing ranks lowest in the protection hierarchy. The data regarding the various block rates is empirical; however, the weighting of relative security values is subjective and the importance of protection metrics may vary based on other layers of protection in different environments. With the exception of clearly unrealistic weighting values, significant fluctuations in weights assigned to protection categories and test dates will not materially alter the rankings of the browsers. A scientific approach to weighting, if possible, would not alter significantly the results of the graphs. The raw data for the various NSS tests are provided in Appendix A. The formulas used to weight the scores and create the weighted figures are provided in Appendix B. Evaluating the Data Figure 11 depicts the rankings of the browsers without ranking the importance of different protection metrics: that SEM protection is significantly more important than phishing protection, or that newer tests are more relevant than older tests, and so on. The relative importance of protection types is only one of the variables that require weighting. The freshness of tests is critical. Old tests help assess a track record; however, browsers that have added new technologies are improperly impacted when older tests are weighted too highly. Equal value for older tests also paints an unreliable picture of browsers that are declining in protection ability. 11

12 Figure 11 is not weighted, and it shows Firefox as out performing Chrome in the combined tests. In 2009, Firefox outperformed Chrome by 26 percent across the four metrics. In 2012 and 2013, Chrome eclipsed Firefox by 26 percent and 25 percent respectively. Clearly, an accurate ranking of the browser requires more recent scores to carry more weight than older results. IE 79% Firefox Chrome 46% 49% Safari 37% 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100% Figure 11 Combined Test Results (Not Weighted) Leaving protection scores unmodified and assigning older tests progressively less weight, Figure 12 shows Chrome in second place with a significant lead over Firefox and Safari. IE 83% Chrome 66% Firefox Safari 56% 54% 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100% Figure 12 Time Weighted Figure 13 does not weight for time; however, the different types of protection are weighted based on relative importance. The resulting graph does not adequately reflect performance improvements in Chrome with respect to SEM protection in 2012 and Weighting values can be found in Appendix B. 12

13 IE 80% Chrome Firefox 36% 39% Safari 27% 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100% Figure 13 Protection Weighted IE 85% Chrome 58% Firefox Safari 40% 39% 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100% Figure 14 Time and Protection Weighted Scores Figure 14 incorporates weighting that places a higher value on newer tests and a higher value on more important protection categories. IE 92% Chrome 71% Safari Firefox 37% 35% 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100% Figure Weighted Scores Both Figure 14 and Figure 15 display a wider performance margin between IE and Chrome, as well as between Chrome and the other browsers than does Figure 2. Figure 15 does not consider trends or track records. If current protection value, track records, and trends are considerations, then Figure 14 provides a more comprehensive picture than does Figure

14 The Great Equalizer Both phishing and SEM are social engineering attacks. By definition, these are social problems, and technology has rarely solved a social problem. Technology can help to mitigate problems, but education is paramount. For users who are adept at identifying social engineering attacks, the browser adds little additional security; however, most users are not aware of the dynamics of social engineering and will fall prey to SEM even when they are able to identify many types of phishing attacks. Proper education provides the best protection against most social engineering attacks. 14

15 Appendix A: Raw Data The figures in Appendix A provide the raw data from NSS testing used to create all of the figures in this analyst brief, with the exception of Figure 3, Figure 4, Figure 10, and the APWG metrics in Figure 7. The APWG metrics in Figure 3, Figure 4, and Figure 7 are derived directly from APWG published reports. The percentages used in Figure 10 are published in the 2012 and 2013 Browser Phishing Protection CARs. Browser Chrome 26% 94% 92% Firefox 80% 90% 96% IE 83% 92% 83% Safari 2% 91% 95% Figure 16 Mean Block Rate for Phishing The mean block rate for phishing reflects overall phishing detection for the duration of each test. Browser Chrome 16.00% 53.20% 81.50% Firefox 48.00% 79.20% 93.30% IE 52.00% 55.90% 73.30% Safari 2.00% 76.90% 93.40% Figure 17 Zero- Hour Block Rate The zero- hour block rate is a critical metric. The value of a higher mean block rate can be marginalized by ineffective zero- hour performance. Due to the diminishing uptimes of phishing sites, a browser with a lower mean block rate and better zero- hour response times may provide more effective protection for most users than will a browser with a better overall block rate but poorer zero- hour performance. Browser 2009 Q Q Chrome 16% 17% 3% 13% 70% 83% Firefox 30% 29% 19% 8% 4% 10% IE 69% 85% 99% 99% 99% 100% Safari 24% 29% 11% 8% 4% 10% Figure 18 Mean Block Rate for SEM The mean block rate for SEM reflects the SEM performance for the duration of each test. Throughout a test, various browsers can fluctuate significantly in their instantaneous block rate. Histograms in NSS CARs provide additional detail. 15

16 Browser 2009 Q Q Chrome 25% 15% 4% 10% 67% 49% Firefox 28% 28% 18% 7% 6% 8% IE 41% 58% 89% 99% 86% 98% Safari 13% 27% 10% 6% 5% 12% Figure 19 Zero- Hour Block Rate for SEM The zero- hour block- rate is the percentage of malware each browser was already blocking when the hosting site was first discovered. Browsers with higher zero- hour protection generally provide better protection than browsers with delayed protection times. 16

17 Appendix B: Weighting Formulas The following multipliers were used in calculating weighted scores. Protection Multipliers: Mean Block Rate for Phishing = Score *.3 Zero Hour Phishing Block Rate = Score *.5 Mean SEM Block Rate = Score *.8 Zero Hour SEM Block Rate = Score * 1 Year Multipliers: 2009 = Score * = Score * = Score * = Score * = Score * 1 Figure 20 displays scores weighted for date and not protection type. Figure 21 displays scores weighted for protection type but not for the dates of the test. Figure 22 displays the combined protection type and date weighting. Protection Mean Block Rate - Phish 10% X X 80% 100% Zero- Hour Block Rate - Phish 10% X X 80% 100% Mean Block Rate - SEM 10% 20% 40% 80% 100% Zero- Hour Block Rate - SEM 10% 20% 40% 80% 100% Figure 20 Time Weighting Protection Mean Block Rate - Phish 30% X X 30% 30% Zero- Hour Block Rate - Phish 50% X X 50% 50% Mean Block Rate - SEM 80% 80% 80% 80% 80% Zero- Hour Block Rate - SEM 100% 100% 100% 100% 100% Figure 21 Protection Type Weighting Protection Mean Block Rate - Phish 3% X X 24% 30% Zero- Hour Block Rate - Phish 5% X X 40% 50% Mean Block Rate - SEM 8% 16% 32% 64% 80% Zero- Hour Block Rate - SEM 10% 20% 40% 80% 100% Figure 22 Type and Year Weighting 17

18 The maximum time and protection type weighted scores attainable for four protection types are as follows: Mean Block Rate - Phish: ((100*.03)+(100*.24)+(100*.3))/3=.19 or 19%. Zero Hour Block Rate - Phish: ((100*.05)+(100*.4)+(100*.5)/3=.3167 or 31.67%. Mean Block Rate - SEM: ((100*.08)+(100*.16)+(100*.16)+(100*.32)+(100*.64)+(100*.8))/6=.36 or 36%. Zero Hour Block Rate - SEM: ((100*.1)+(100*.2)+(100*.2)+(100*.4)+(100*.8)+(100*.1))/6=.45 or 45%. The maximum combined total score is therefore: ( )/4=.3292 or 32.92%. To normalize to a 100 percent scale, the total weighted scores are divided by For Chrome, the total weighted performance for all of the tests would be calculated as follows: (((((((0.26*0.03)+(0.94*0.24)+(0.92*0.3))/3)+(((0.16*0.05)+(0.53*0.4)+(0.82*0.5))/3)+(((0.16*0.08)+(0.17*0.16)+(0. 03*0.16)+(0.13*0.32)+(0.7*0.64)+(0.83*0.8))/6)+(((0.25*0.1)+(0.15*0.2)+(0.04*0.2)+(0.1*0.4)+(0.67*0.8)+(0.49))/ 6))/4)))/.3292 Chrome - Mean Block Rate - Phish: ((.26*.03)+(.94*.24)+(.92*.3))/3=17% Chrome - Zero Hour Block Rate - Phish: ((.16*.05)+(.53*.4)+(.82*.5)/3=21% Chrome - Mean Block Rate - SEM: ((.16*.08)+(.17*.16)+(.3*.16)+(.13*.32)+(.7*.64)+(.83*.8))/6=20% Chrome - Zero Hour Block Rate - SEM: ((.25*.1)+(.15*.2) +(.04*.2)+(.1*.4)+(.67*.8)+(.49*1))/6=.19% Chrome - ((17%+21%+20%+19%)/4)/.3292=58% 18

19 Reading List 2013 Browser Security Comparative Analysis Report: Phishing Protection. NSS Labs browser- security- comparative- analysis- phishing- protection 2012 Browser Security Comparative Analysis Report: Phishing Protection. NSS Labs browser- security- comparative- analysis- phishing- protection User Education Effectiveness Can Be Measured. NSS Labs education- effectiveness- can- be- measured 2013 Browser Security Comparative Analysis: Privacy. NSS Labs 19

20 Contact Information NSS Labs, Inc. 206 Wild Basin Rd Building A, Suite 200 Austin, TX USA +1 (512) This analyst brief was produced as part of NSS Labs independent testing information services. Leading products were tested at no cost to the vendor, and NSS Labs received no vendor funding to produce this analyst brief NSS Labs, Inc. All rights reserved. No part of this publication may be reproduced, photocopied, stored on a retrieval system, or transmitted without the express written consent of the authors. Please note that access to or use of this report is conditioned on the following: 1. The information in this report is subject to change by NSS Labs without notice. 2. The information in this report is believed by NSS Labs to be accurate and reliable at the time of publication, but is not guaranteed. All use of and reliance on this report are at the reader s sole risk. NSS Labs is not liable or responsible for any damages, losses, or expenses arising from any error or omission in this report. 3. NO WARRANTIES, EXPRESS OR IMPLIED ARE GIVEN BY NSS LABS. ALL IMPLIED WARRANTIES, INCLUDING IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON- INFRINGEMENT ARE DISCLAIMED AND EXCLUDED BY NSS LABS. IN NO EVENT SHALL NSS LABS BE LIABLE FOR ANY CONSEQUENTIAL, INCIDENTAL OR INDIRECT DAMAGES, OR FOR ANY LOSS OF PROFIT, REVENUE, DATA, COMPUTER PROGRAMS, OR OTHER ASSETS, EVEN IF ADVISED OF THE POSSIBILITY THEREOF. 4. This report does not constitute an endorsement, recommendation, or guarantee of any of the products (hardware or software) tested or the hardware and software used in testing the products. The testing does not guarantee that there are no errors or defects in the products or that the products will meet the reader s expectations, requirements, needs, or specifications, or that they will operate without interruption. 5. This report does not imply any endorsement, sponsorship, affiliation, or verification by or with any organizations mentioned in this report. 6. All trademarks, service marks, and trade names used in this report are the trademarks, service marks, and trade names of their respective owners. 20

ENTERPRISE EPP COMPARATIVE ANALYSIS

ENTERPRISE EPP COMPARATIVE ANALYSIS ENTERPRISE EPP COMPARATIVE ANALYSIS Socially Engineered Malware Randy Abrams, Jayendra Pathak, Ahmed Garhy Tested Products Fortinet Fortigate 100D Management station Forticlient- 5.0.7.333 McAfee VirusScan

More information

Can Consumer AV Products Protect Against Critical Microsoft Vulnerabilities?

Can Consumer AV Products Protect Against Critical Microsoft Vulnerabilities? ANALYST BRIEF Can Consumer AV Products Protect Against Critical Microsoft Vulnerabilities? Author Randy Abrams Tested Products Avast Internet Security 7 AVG Internet Security 2012 Avira Internet Security

More information

ENTERPRISE EPP COMPARATIVE REPORT

ENTERPRISE EPP COMPARATIVE REPORT ENTERPRISE EPP COMPARATIVE REPORT Security Stack: Socially Engineered Malware Authors Bhaarath Venkateswaran, Randy Abrams, Thomas Skybakmoen Tested Products Bitdefender Endpoint Security v5.3.15.539 ESET

More information

Is Your Browser Putting You at Risk?

Is Your Browser Putting You at Risk? ANALYST BRIEF Is Your Browser Putting You at Risk? PART 2: CLICK FRAUD Authors Francisco Artes, Stefan Frei, Ken Baylor, Jayendra Pathak, Bob Walder Overview The US online advertising market in 2011 was

More information

SSL Performance Problems

SSL Performance Problems ANALYST BRIEF SSL Performance Problems SIGNIFICANT SSL PERFORMANCE LOSS LEAVES MUCH ROOM FOR IMPROVEMENT Author John W. Pirc Overview In early 2013, NSS Labs released the results of its Next Generation

More information

An Old Dog Had Better Learn Some New Tricks

An Old Dog Had Better Learn Some New Tricks ANALYST BRIEF An Old Dog Had Better Learn Some New Tricks PART 2: ANTIVIRUS EVOLUTION AND TECHNOLOGY ADOPTION Author Randy Abrams Overview Endpoint protection (EPP) products are ineffective against many

More information

BROWSER SECURITY COMPARATIVE ANALYSIS

BROWSER SECURITY COMPARATIVE ANALYSIS BROWSER SECURITY COMPARATIVE ANALYSIS Privacy Settings 2013 Randy Abrams, Jayendra Pathak Tested Vendors Apple, Google, Microsoft, Mozilla Overview Privacy is an issue on the front lines of the browser

More information

DATA CENTER IPS COMPARATIVE ANALYSIS

DATA CENTER IPS COMPARATIVE ANALYSIS DATA CENTER IPS COMPARATIVE ANALYSIS Total Cost of Ownership () 2014 Thomas Skybakmoen, Jason Pappalexis Tested s Fortinet FortiGate 5140B, Juniper SRX 5800, McAfee NS- 9300, Sourcefire 8290-2 Overview

More information

Breach Found. Did It Hurt?

Breach Found. Did It Hurt? ANALYST BRIEF Breach Found. Did It Hurt? INCIDENT RESPONSE PART 2: A PROCESS FOR ASSESSING LOSS Authors Christopher Morales, Jason Pappalexis Overview Malware infections impact every organization. Many

More information

DATA CENTER IPS COMPARATIVE ANALYSIS

DATA CENTER IPS COMPARATIVE ANALYSIS DATA CENTER IPS COMPARATIVE ANALYSIS Security Value Map (SVM) 2014 Thomas Skybakmoen, Jason Pappalexis Tested Products Fortinet FortiGate 5140B, Juniper SRX 5800, McAfee NS- 9300, Sourcefire 8290-2 Overview

More information

DATA CENTER IPS COMPARATIVE ANALYSIS

DATA CENTER IPS COMPARATIVE ANALYSIS DATA CENTER IPS COMPARATIVE ANALYSIS Security 2014 Thomas Skybakmoen, Jason Pappalexis Tested Products Fortinet FortiGate 5140B, Juniper SRX 5800, McAfee NS- 9300, Sourcefire 8290-2 Data Center Overview

More information

CORPORATE AV / EPP COMPARATIVE ANALYSIS

CORPORATE AV / EPP COMPARATIVE ANALYSIS CORPORATE AV / EPP COMPARATIVE ANALYSIS Exploit Evasion Defenses 2013 Randy Abrams, Dipti Ghimire, Joshua Smith Tested Vendors AVG, ESET, F- Secure, Kaspersky, McAfee, Microsoft, Norman, Panda, Sophos,

More information

WEB APPLICATION FIREWALL COMPARATIVE ANALYSIS

WEB APPLICATION FIREWALL COMPARATIVE ANALYSIS WEB APPLICATION FIREWALL COMPARATIVE ANALYSIS Security Value Map (SVM) Author Thomas Skybakmoen Tested Products Barracuda Networks Web Application Firewall 960 Citrix NetScaler AppFirewall MPX 11520 Fortinet

More information

Internet Explorer Exploit Protection ENTERPRISE BRIEFING REPORT

Internet Explorer Exploit Protection ENTERPRISE BRIEFING REPORT Internet Explorer Exploit Protection ENTERPRISE BRIEFING REPORT TESTED PRODUCTS: AVG Internet Security Network Edition v8.0 Kaspersky Total Space Security v6.0 McAfee Total Protection for Endpoint Sophos

More information

2013 Thomas Skybakmoen, Francisco Artes, Bob Walder, Ryan Liles

2013 Thomas Skybakmoen, Francisco Artes, Bob Walder, Ryan Liles FIREWALL COMPARATIVE ANALYSIS Total Cost of Ownership (TCO) 2013 Thomas Skybakmoen, Francisco Artes, Bob Walder, Ryan Liles Tested s Barracuda F800, Check Point 12600, Cyberoam CR2500iNG, Dell SonicWALL

More information

Mobile App Containers: Product Or Feature?

Mobile App Containers: Product Or Feature? ANALYST BRIEF Mobile App Containers: Product Or Feature? APPLE AND SAMSUNG HAVE TAKEN BIG STEPS WITH CONTAINERIZATION Author Andrew Braunberg Overview Secure workspaces, or containers, used for isolating

More information

WEB BROWSER SECURITY SOCIALLY-ENGINEERED MALWARE PROTECTION COMPARATIVE TEST RESULTS

WEB BROWSER SECURITY SOCIALLY-ENGINEERED MALWARE PROTECTION COMPARATIVE TEST RESULTS WEB BROWSER SECURITY SOCIALLY-ENGINEERED MALWARE PROTECTION COMPARATIVE TEST RESULTS Apple Safari 5 Google Chrome 6 Windows Internet Explorer 8 Windows Internet Explorer 9 Mozilla Firefox 3.6 Opera 10

More information

How to Protect against the Threat of Spearphishing Attacks

How to Protect against the Threat of Spearphishing Attacks ANALYST BRIEF How to Protect against the Threat of Spearphishing Attacks Author Randy Abrams Overview NSS Labs researchers have identified spearphishing as the most common targeted method sophisticated

More information

NEXT GENERATION FIREWALL COMPARATIVE ANALYSIS

NEXT GENERATION FIREWALL COMPARATIVE ANALYSIS NEXT GENERATION FIREWALL COMPARATIVE ANALYSIS Security Value Map (SVM) Author Thomas Skybakmoen Tested Products Barracuda F800b Check Point 13500 Cisco ASA 5525-X Cisco ASA 5585-X SSP60 Cisco FirePOWER

More information

Multiple Drivers For Cyber Security Insurance

Multiple Drivers For Cyber Security Insurance ANALYST BRIEF Multiple Drivers For Cyber Security Insurance EXPECTATIONS PLACED ON INSURANCE CARRIERS RISE WITH MARKET GROWTH Author Andrew Braunberg Overview There has been considerable good news for

More information

2013 Thomas Skybakmoen, Francisco Artes, Bob Walder, Ryan Liles

2013 Thomas Skybakmoen, Francisco Artes, Bob Walder, Ryan Liles FIREWALL COMPARATIVE ANALYSIS Performance 2013 Thomas Skybakmoen, Francisco Artes, Bob Walder, Ryan Liles Tested Products Barracuda F800, Check Point 12600, Cyberoam CR2500iNG, Dell SonicWALL NSA 4500,

More information

TEST METHODOLOGY. Endpoint Protection Evasion and Exploit. v4.0

TEST METHODOLOGY. Endpoint Protection Evasion and Exploit. v4.0 TEST METHODOLOGY Endpoint Protection Evasion and Exploit v4.0 Table of Contents 1 Introduction... 3 1.1 Inclusion Criteria... 3 2 Product Guidance... 5 2.1 Recommended... 5 2.2 Neutral... 5 2.3 Caution...

More information

The CISO s Guide to the Importance of Testing Security Devices

The CISO s Guide to the Importance of Testing Security Devices ANALYST BRIEF The CISO s Guide to the Importance of Testing Security Devices Author Bob Walder Overview Selecting security products is a complex process that carries significant risks if not executed correctly;

More information

Securing Endpoints without a Security Expert

Securing Endpoints without a Security Expert How to Protect Your Business from Malware, Phishing, and Cybercrime The SMB Security Series Securing Endpoints without a Security Expert sponsored by Introduction to Realtime Publishers by Don Jones, Series

More information

ZIMPERIUM, INC. END USER LICENSE TERMS

ZIMPERIUM, INC. END USER LICENSE TERMS ZIMPERIUM, INC. END USER LICENSE TERMS THIS DOCUMENT IS A LEGAL CONTRACT. PLEASE READ IT CAREFULLY. These End User License Terms ( Terms ) govern your access to and use of the zanti and zips client- side

More information

Best Practices in Deploying Anti-Malware for Best Performance

Best Practices in Deploying Anti-Malware for Best Performance The Essentials Series: Increasing Performance in Enterprise Anti-Malware Software Best Practices in Deploying Anti-Malware for Best Performance sponsored by by Eric Schmidt Be st Practices in Deploying

More information

Types of cyber-attacks. And how to prevent them

Types of cyber-attacks. And how to prevent them Types of cyber-attacks And how to prevent them Introduction Today s cybercriminals employ several complex techniques to avoid detection as they sneak quietly into corporate networks to steal intellectual

More information

Microsoft Security Intelligence Report volume 7 (January through June 2009)

Microsoft Security Intelligence Report volume 7 (January through June 2009) Microsoft Security Intelligence Report volume 7 (January through June 2009) Key Findings Summary Volume 7 of the Microsoft Security Intelligence Report provides an in-depth perspective on malicious and

More information

GENOA, a QOL HEALTHCARE COMPANY WEBSITE TERMS OF USE

GENOA, a QOL HEALTHCARE COMPANY WEBSITE TERMS OF USE GENOA, a QOL HEALTHCARE COMPANY WEBSITE TERMS OF USE IF YOU HAVE A MEDICAL EMERGENCY, YOU ARE INSTRUCTED IMMEDIATELY TO CALL EMERGENCY PERSONNEL (911). DO NOT RELY ON THIS WEBSITE OR THE INFORMATION PROVIDED

More information

Simphony v2 Antivirus Recommendations

Simphony v2 Antivirus Recommendations DECLARATIONS WARRANTIES Although the best efforts are made to ensure that the information in this document is complete and correct, MICROS Systems, Inc. makes no warranty of any kind with regard to this

More information

Market Segment Definitions

Market Segment Definitions Market Segment Definitions Author Joshua Mittler Overview In addition to product testing, NSS Labs quantitatively evaluates market size for each of the product categories tested. NSS provides metrics that

More information

itunes Connect App Analytics Guide v1

itunes Connect App Analytics Guide v1 itunes Connect App Analytics Guide v1 apple 2015-04-22 Apple Inc. 2015 Apple Inc. All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any

More information

Why Is DDoS Prevention a Challenge?

Why Is DDoS Prevention a Challenge? ANALYST BRIEF Why Is DDoS Prevention a Challenge? PROTECTING AGAINST DISTRIBUTED DENIAL-OF-SERVICE ATTACKS Authors Andrew Braunberg, Mike Spanbauer Overview Over the past decade, the threat landscape has

More information

FIREWALL COMPARATIVE ANALYSIS. Tested Products. Overview. Security Value Map (SVM)

FIREWALL COMPARATIVE ANALYSIS. Tested Products. Overview. Security Value Map (SVM) FIREWALL COMPARATIVE ANALYSIS Security Value Map (SVM) 2013 Frank Artes, Thomas Skybakmoen, Bob Walder, Vikram Phatak, Ryan Liles Tested Products Barracuda F800, Check Point 12600, Cyberoam CR2500iNG,

More information

Windows Updates vs. Web Threats

Windows Updates vs. Web Threats Windows Updates vs. Web Threats HOW WELL DO WINDOWS UPDATES PROTECT AGAINST MALWARE? Dennis Technology Labs www.dennistechnologylabs.com Follow @DennisTechLabs on Twitter.com This test explores how much

More information

Compatibility Matrix March 05, 2010

Compatibility Matrix March 05, 2010 BlackBerry Enterprise Server Express Compatibility Matrix March 05, 2010 2010 Research In Motion Limited. All rights reserved. www.rim.com Page: 1 Operating Systems - BlackBerry Enterprise Server Express

More information

The Business Case for Security Information Management

The Business Case for Security Information Management The Essentials Series: Security Information Management The Business Case for Security Information Management sponsored by by Dan Sullivan Th e Business Case for Security Information Management... 1 Un

More information

Phishing Scams Security Update Best Practices for General User

Phishing Scams Security Update Best Practices for General User Phishing Scams Security Update Best Practices for General User hishing refers to the malicious attack Pmethod by attackers who imitate legitimate companies in sending emails in order to entice people to

More information

Terms & Conditions. Introduction. The following terms and conditions govern your use of this website (VirginiaHomeRepair.com).

Terms & Conditions. Introduction. The following terms and conditions govern your use of this website (VirginiaHomeRepair.com). Terms & Conditions Introduction. The following terms and conditions govern your use of this website (VirginiaHomeRepair.com). Your use of this website and Content as defined below constitutes your acceptance

More information

Compatibility Matrix. VPN Authentication by BlackBerry. Version 1.7.1

Compatibility Matrix. VPN Authentication by BlackBerry. Version 1.7.1 Compatibility Matrix VPN Authentication by BlackBerry Version 1.7.1 Published: 2015-07-09 SWD-20150709134854714 Contents Introduction... 4 Legend...5 VPN Authentication server... 6 Operating system...6

More information

Money One Federal Credit Union Pocket 2 Pocket Service E-SIGNATURE AND ELECTRONIC DISCLOSURES AGREEMENT

Money One Federal Credit Union Pocket 2 Pocket Service E-SIGNATURE AND ELECTRONIC DISCLOSURES AGREEMENT Money One Federal Credit Union Pocket 2 Pocket Service E-SIGNATURE AND ELECTRONIC DISCLOSURES AGREEMENT You are signing up to use the Pocket 2 Pocket service powered by Acculynk that allows you to send

More information

CORPORATE AV / EPP COMPARATIVE ANALYSIS

CORPORATE AV / EPP COMPARATIVE ANALYSIS CORPORATE AV / EPP COMPARATIVE ANALYSIS Exploit Protection 2013 Randy Abrams, Dipti Ghimire, Joshua Smith Tested Vendors AVG, ESET, F- Secure, Kaspersky, McAfee, Microsoft, Norman, Panda, Sophos, Symantec,

More information

BlackBerry Enterprise Server for Microsoft Exchange. Compatibility Matrix January 31, 2011

BlackBerry Enterprise Server for Microsoft Exchange. Compatibility Matrix January 31, 2011 BlackBerry Enterprise Server for Microsoft Exchange Compatibility Matrix January 31, 2011 2010 Research In Motion Limited. All rights reserved. www.rim.com Page: 1 Operating Systems: BlackBerry Enterprise

More information

1. For each of the 25 questions, multiply each question response risk value (1-5) by the number of times it was chosen by the survey takers.

1. For each of the 25 questions, multiply each question response risk value (1-5) by the number of times it was chosen by the survey takers. Employee Security Awareness Survey Trenton Bond trent.bond@gmail.com Admin - Version 1.3 Security Awareness One of the most significant security risks that organizations and corporations face today is

More information

WEB APPLICATION FIREWALL PRODUCT ANALYSIS

WEB APPLICATION FIREWALL PRODUCT ANALYSIS WEB APPLICATION FIREWALL PRODUCT ANALYSIS F5 Big-IP ASM 10200 v11.4.0 Authors Ryan Liles, Orlando Barrera Overview NSS Labs performed an independent test of the F5 Big-IP ASM 10200. The product was subjected

More information

Securing Amazon It s a Jungle Out There

Securing Amazon It s a Jungle Out There ANALYST BRIEF Securing Amazon It s a Jungle Out There PART 1 CONTROLS AND OPTIONS OFFERED BY AMAZON Author Rob Ayoub Overview Infrastructure as a service (IaaS) is a foundational component of modern cloud

More information

AXIS12 DRUPAL IN A BOX ON THE CLOUD

AXIS12 DRUPAL IN A BOX ON THE CLOUD SERVICE LEVEL AGREEMENT AXIS12 DRUPAL IN A BOX ON THE CLOUD version 1.0 Page 1 of 6 This Axis12 Drupal in a box on the cloud Service Level Agreement ( SLA ) is a policy governing the use of the Axis12

More information

SPEAR PHISHING AN ENTRY POINT FOR APTS

SPEAR PHISHING AN ENTRY POINT FOR APTS SPEAR PHISHING AN ENTRY POINT FOR APTS threattracksecurity.com 2015 ThreatTrack, Inc. All rights reserved worldwide. INTRODUCTION A number of industry and vendor studies support the fact that spear phishing

More information

BlackBerry Enterprise Server Express for Microsoft Exchange

BlackBerry Enterprise Server Express for Microsoft Exchange BlackBerry Enterprise Server Express for Microsoft Exchange Compatibility Matrix December 19, 2013 2013 BlackBerry. All rights reserved. Page: 1 Operating Systems: BlackBerry Enterprise Server and BlackBerry

More information

GENOA, a QoL HEALTHCARE COMPANY GENOA ONLINE SYSTEM TERMS OF USE

GENOA, a QoL HEALTHCARE COMPANY GENOA ONLINE SYSTEM TERMS OF USE GENOA, a QoL HEALTHCARE COMPANY GENOA ONLINE SYSTEM TERMS OF USE By using the Genoa Online system (the System ), you acknowledge and accept the following terms of use: This document details the terms of

More information

Trend Micro Endpoint Comparative Report Performed by AV Test.org

Trend Micro Endpoint Comparative Report Performed by AV Test.org Trend Micro Endpoint Comparative Report Performed by AV Test.org Results from December 2009 Executive Summary In December of 2009, AV Test.org performed endpoint security benchmark testing on five market

More information

ELECTRONIC STATEMENT (estatement) AGREEMENT

ELECTRONIC STATEMENT (estatement) AGREEMENT ELECTRONIC STATEMENT (estatement) AGREEMENT This Disclosure and Agreement ( Agreement ) is the contract which covers your and our rights and responsibilities concerning the Electronic Statement Service

More information

OHTO s Booking System Terms & Conditions. By submitting vacation package listings to the Ontario s Highlands Tourism Organization I,

OHTO s Booking System Terms & Conditions. By submitting vacation package listings to the Ontario s Highlands Tourism Organization I, OHTO s Booking System Terms & Conditions By submitting vacation package listings to the Ontario s Highlands Tourism Organization I, Package Lead (Name) Company, acknowledge that I am an authorized representative

More information

ENTERPRISE EDITION INSTALLER END USER LICENCE AGREEMENT THIS AGREEMENT CONSISTS OF THREE PARTS:

ENTERPRISE EDITION INSTALLER END USER LICENCE AGREEMENT THIS AGREEMENT CONSISTS OF THREE PARTS: ENTERPRISE EDITION INSTALLER END USER LICENCE AGREEMENT THIS AGREEMENT CONSISTS OF THREE PARTS: A. VNC SERVER ENTERPRISE EDITION END USER LICENCE AGREEMENT B. VNC VIEWER ENTERPRISE EDITION END USER LICENCE

More information

TERMS AND CONDITIONS

TERMS AND CONDITIONS TERMS AND CONDITIONS These Terms and Conditions are applicable to the use of this website (the Website ), regardless of how You accessed it. You or any derivation thereof, as used herein refers to a user

More information

The Importance of Patching Non-Microsoft Applications

The Importance of Patching Non-Microsoft Applications The Importance of Patching Non-Microsoft Applications Technical WHITE PAPER The Importance of Patching Non-Microsoft Applications In the past, organizations patched only Microsoft operating systems. As

More information

Software- Defined Networking: Beyond The Hype, And A Dose Of Reality

Software- Defined Networking: Beyond The Hype, And A Dose Of Reality ANALYST BRIEF Software- Defined Networking: Beyond The Hype, And A Dose Of Reality Author Mike Spanbauer Overview Server virtualization has brought the network to its knees. Legacy architectures are unable

More information

Malware, Phishing, and Cybercrime Dangerous Threats Facing the SMB State of Cybercrime

Malware, Phishing, and Cybercrime Dangerous Threats Facing the SMB State of Cybercrime How to Protect Your Business from Malware, Phishing, and Cybercrime The SMB Security Series Malware, Phishing, and Cybercrime Dangerous Threats Facing the SMB State of Cybercrime sponsored by Introduction

More information

INSIDE. Management Process. Symantec Corporation TM. Best Practices Roles & Responsibilities. Vulnerabilities versus Exposures.

INSIDE. Management Process. Symantec Corporation TM. Best Practices Roles & Responsibilities. Vulnerabilities versus Exposures. Symantec Corporation TM Symantec Product Vulnerability Management Process Best Practices Roles & Responsibilities INSIDE Vulnerabilities versus Exposures Roles Contact and Process Information Threat Evaluation

More information

Cloud- Based Security Is Here to Stay

Cloud- Based Security Is Here to Stay ANALYST BRIEF Cloud- Based Security Is Here to Stay HOSTED SECURITY IS BECOMING A PART OF THE SECURITY INFRASTRUCTURE Author Rob Ayoub Overview As the popularity of cloud- based services has grown, so

More information

TEST METHODOLOGY. Hypervisors For x86 Virtualization. v1.0

TEST METHODOLOGY. Hypervisors For x86 Virtualization. v1.0 TEST METHODOLOGY Hypervisors For x86 Virtualization v1.0 Table of Contents 1 Introduction... 4 1.1 The Need For Virtualization... 4 1.2 About This Test Methodology And Report... 4 1.3 Inclusion Criteria...

More information

CONSUMER ANTI-MALWARE PRODUCTS

CONSUMER ANTI-MALWARE PRODUCTS CONSUMER ANTI-MALWARE PRODUCTS GROUP TEST REPORT AVG Internet Security 9 ESET Smart Security 4 F-Secure Internet Security 2010 Kaspersky Internet Security 2011 McAfee Internet Security Microsoft Security

More information

ACHILLES CERTIFICATION. SIS Module SLS 1508

ACHILLES CERTIFICATION. SIS Module SLS 1508 ACHILLES CERTIFICATION PUBLIC REPORT Final DeltaV Report SIS Module SLS 1508 Disclaimer Wurldtech Security Inc. retains the right to change information in this report without notice. Wurldtech Security

More information

Quartz Legal Terms and Conditions

Quartz Legal Terms and Conditions Quartz Legal Terms and Conditions 1. USE OF THIS WEBSITE: This website is owned and operated by Domaine Pinnacle Inc. (collectively hereafter "Site Owner"). Your use of this website is subject to the following

More information

BlackBerry Enterprise Server Express for IBM Domino. October 7, 2014 Version: 5.0 Service Pack: 4. Compatibility Matrix

BlackBerry Enterprise Server Express for IBM Domino. October 7, 2014 Version: 5.0 Service Pack: 4. Compatibility Matrix BlackBerry Enterprise Server Express for IBM Domino October 7, 2014 Version: 5.0 Service Pack: 4 Compatibility Matrix Published: 2014-10-08 SWD-20141008134243982 Contents 1...4 Legend... 4 Operating system...

More information

Job Status Guide 3.0

Job Status Guide 3.0 Job Status Guide 3.0 ii Copyrights and Trademark Notices Copyright 2011 Telestream, Inc. All rights reserved. No part of this publication may be reproduced, transmitted, transcribed, altered, or translated

More information

Closing the Antivirus Protection Gap

Closing the Antivirus Protection Gap A comparative study on effective endpoint protection strategies May 2012 WP-EN-05-07-12 Introduction Corporate economic concerns have put increased pressure on already limited IT resources in recent years

More information

Streamlining Web and Email Security

Streamlining Web and Email Security How to Protect Your Business from Malware, Phishing, and Cybercrime The SMB Security Series Streamlining Web and Email Security sponsored by Introduction to Realtime Publishers by Don Jones, Series Editor

More information

Compatibility Matrix BES12. September 16, 2015

Compatibility Matrix BES12. September 16, 2015 Compatibility Matrix BES12 September 16, 2015 Published: 2015-09-16 SWD-20150916153710116 Contents Introduction... 4 Legend...5 BES12 server... 6 Operating system...6 Database server...6 Browser... 8 Mobile

More information

Managing for the Long Term: Keys to Securing, Troubleshooting and Monitoring a Private Cloud

Managing for the Long Term: Keys to Securing, Troubleshooting and Monitoring a Private Cloud Deploying and Managing Private Clouds The Essentials Series Managing for the Long Term: Keys to Securing, Troubleshooting and Monitoring a Private Cloud sponsored by Managing for the Long Term: Keys to

More information

Integration Guide. Enterprise Identity by BlackBerry

Integration Guide. Enterprise Identity by BlackBerry Integration Guide Enterprise Identity by BlackBerry Published: 2015-10-13 SWD-20151013141946897 Contents About Enterprise Identity... 4 Configure a new SAML connection in the SaaS client...5 Create a SaaS

More information

CyberArk Privileged Threat Analytics. Solution Brief

CyberArk Privileged Threat Analytics. Solution Brief CyberArk Privileged Threat Analytics Solution Brief Table of Contents The New Security Battleground: Inside Your Network...3 Privileged Account Security...3 CyberArk Privileged Threat Analytics : Detect

More information

Compatibility Matrix. BlackBerry Enterprise Server for Microsoft Exchange. Version 5.0.4

Compatibility Matrix. BlackBerry Enterprise Server for Microsoft Exchange. Version 5.0.4 Compatibility Matrix BlackBerry Enterprise Server for Microsoft Exchange Version 5.0.4 Published: 2016-01-13 SWD-20160113140222708 Contents BlackBerry Enterprise Server for Microsoft Exchange compatibility

More information

Phishing by data URI

Phishing by data URI Phishing by data URI Henning Klevjer henning@klevjers.com October 22, 2012 1 Abstract Historically, phishing web pages have been hosted by web servers that are either compromised or owned by the attacker.

More information

Phishing Activity Trends Report. 1 st Half 2009. Committed to Wiping Out Internet Scams and Fraud

Phishing Activity Trends Report. 1 st Half 2009. Committed to Wiping Out Internet Scams and Fraud 1 st Half 2009 Committed to Wiping Out Internet Scams and Fraud January June 2009 Phishing Report Scope The quarterly APWG analyzes phishing attacks reported to the APWG by its member companies, its Global

More information

Software 1.1 May 2015 3725-10306-001B SERVICE PORTAL OVERVIEW. RealAccess. Polycom, Inc. 1

Software 1.1 May 2015 3725-10306-001B SERVICE PORTAL OVERVIEW. RealAccess. Polycom, Inc. 1 SERVICE PORTAL OVERVIEW Software 1.1 May 2015 3725-10306-001B RealAccess Polycom, Inc. 1 Copyright 2015, Polycom, Inc. All rights reserved. No part of this document may be reproduced, translated into another

More information

BlackBerry Enterprise Server for Microsoft Exchange. Compatibility Matrix March 25, 2013

BlackBerry Enterprise Server for Microsoft Exchange. Compatibility Matrix March 25, 2013 BlackBerry Enterprise Server for Microsoft Exchange Compatibility Matrix March 25, 2013 2013 Research In Motion Limited. All rights reserved. www.rim.com Page: 1 Software version support life cycle has

More information

This guide aims to get you started on decluttering the most important aspects of your digital life.

This guide aims to get you started on decluttering the most important aspects of your digital life. TrendLabs Harnessing a healthy digital life calls for a lifestyle-check that challenges mobile device users to go beyond simply relying on a security application. Just like cleaning up and reorganizing

More information

AAUW Site-Resources Website Services Agreement. Contact Information. Website Information

AAUW Site-Resources Website Services Agreement. Contact Information. Website Information AAUW Site-Resources Website Services Agreement Branch / State / Affiliated Entity Name: Member Number: Phone Number: Email Address: Contact Information Website Information We will maintain our own website

More information

Portal Administration. Administrator Guide

Portal Administration. Administrator Guide Portal Administration Administrator Guide Portal Administration Guide Documentation version: 1.0 Legal Notice Legal Notice Copyright 2013 Symantec Corporation. All rights reserved. Symantec, the Symantec

More information

Compatibility Matrix. BES12 Cloud. July 20, 2016

Compatibility Matrix. BES12 Cloud. July 20, 2016 Compatibility Matrix BES12 Cloud July 20, 2016 Published: 2016-07-20 SWD-20160719104452880 Contents Introduction... 4 Legend... 4 Browser...5 BlackBerry Connectivity Node... 6 Operating system...6 Microsoft

More information

RedBlack CyBake Online Customer Service Desk

RedBlack CyBake Online Customer Service Desk RedBlack CyBake Online Customer Service Desk Publication Date: June 2014 Copyright Copyright 2014 RedBlack Software Ltd. All rights reserved. Complying with all applicable copyright laws is the responsibility

More information

A Closer Look at Interest Rate Floors

A Closer Look at Interest Rate Floors A Closer Look at Interest Rate Floors CONTRIBUTOR Vishal Arora Director Global Index Research & Design vishal.arora@spdji.com Currently, there is much debate in the market surrounding if and when interest

More information

Cloud-Client Enterprise Security Impact Report Increased Protection at a Lower Cost

Cloud-Client Enterprise Security Impact Report Increased Protection at a Lower Cost y Cloud-Client Enterprise Security Impact Report Increased Protection at a Lower Cost An Osterman Research White Paper Published January 2009 SPONSORED BY onsored by Phone: +1 877-21-TREND www.trendmicro.com/go/smartprotection

More information

BlackBerry Web Desktop Manager. Version: 5.0 Service Pack: 4. User Guide

BlackBerry Web Desktop Manager. Version: 5.0 Service Pack: 4. User Guide BlackBerry Web Desktop Manager Version: 5.0 Service Pack: 4 User Guide Published: 2012-10-03 SWD-20121003174218242 Contents 1 Basics... 5 Log in to the BlackBerry Web Desktop Manager... 5 Connect your

More information

ALDR: A New Metric for Measuring Effective Layering of Defenses

ALDR: A New Metric for Measuring Effective Layering of Defenses ALDR: A New Metric for Measuring Effective Layering of Defenses Nathaniel Boggs Department of Computer Science Columbia University boggs@cs.columbia.edu Salvatore J. Stolfo Department of Computer Science

More information

Symantec Protection Center Enterprise 3.0. Release Notes

Symantec Protection Center Enterprise 3.0. Release Notes Symantec Protection Center Enterprise 3.0 Release Notes Symantec Protection Center Enterprise 3.0 Release Notes The software described in this book is furnished under a license agreement and may be used

More information

Cyber Advanced Warning System

Cyber Advanced Warning System TECHNICAL WHITE PAPER Cyber Advanced Warning System The Current Approach to Cybersecurity is Not Working In the face of a growing attack surface and mounting global losses from cybercrime and cyberespionage

More information

Farmers & Merchants State Bank Internet Banking Disclosure and Agreement

Farmers & Merchants State Bank Internet Banking Disclosure and Agreement Farmers & Merchants State Bank Internet Banking Disclosure and Agreement This agreement states the terms and conditions that apply when you use Farmers & Merchants State Bank's Internet Banking service.

More information

Cloud Security Benchmark: Top 10 Cloud Service Providers Executive Summary January 5, 2015

Cloud Security Benchmark: Top 10 Cloud Service Providers Executive Summary January 5, 2015 Cloud Security Benchmark: Top 10 Cloud Service Providers Executive Summary January 5, 2015 2015 CloudeAssurance Page 1 Table of Contents Copyright and Disclaimer... 3 Results: Top 10 Cloud Service Providers

More information

Compatibility Matrix. BlackBerry Enterprise Server Express for Microsoft Exchange. Version 5.0.4

Compatibility Matrix. BlackBerry Enterprise Server Express for Microsoft Exchange. Version 5.0.4 Compatibility Matrix BlackBerry Enterprise Server Express for Microsoft Exchange Version 5.0.4 Published: 2016-01-13 SWD-20160113140023414 Contents BlackBerry Enterprise Server Express for Microsoft Exchange

More information

Mobile Security Buyer s Guide

Mobile Security Buyer s Guide ANALYST BRIEF Mobile Security Buyer s Guide PART 1: THE BASICS Author Andrew Braunberg Overview The consumerization of information technology (IT), particularly relating to the increasingly common bring

More information

CPNI VIEWPOINT CYBER SECURITY ASSESSMENTS OF INDUSTRIAL CONTROL SYSTEMS

CPNI VIEWPOINT CYBER SECURITY ASSESSMENTS OF INDUSTRIAL CONTROL SYSTEMS CPNI VIEWPOINT CYBER SECURITY ASSESSMENTS OF INDUSTRIAL CONTROL SYSTEMS MARCH 2011 Acknowledgements This Viewpoint is based upon the Cyber Security Assessments of Industrial Control Systems Good Practice

More information

A New Approach to Assessing Advanced Threat Solutions

A New Approach to Assessing Advanced Threat Solutions A New Approach to Assessing Advanced Threat Solutions December 4, 2014 A New Approach to Assessing Advanced Threat Solutions How Well Does Your Advanced Threat Solution Work? The cyber threats facing enterprises

More information

The Importance of Patching Non-Microsoft Applications

The Importance of Patching Non-Microsoft Applications The Importance of Patching Non-Microsoft Applications Technical WHITE PAPER The Importance of Patching Non-Microsoft Applications In the past, organizations patched only Microsoft operating systems. As

More information

Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst

Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst ESG Brief Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst Abstract: APTs first came on the scene in 2010, creating a wave

More information

TEST METHODOLOGY. Web Application Firewall. v6.2

TEST METHODOLOGY. Web Application Firewall. v6.2 TEST METHODOLOGY Web Application Firewall v6.2 Table of Contents 1 Introduction... 4 1.1 The Need for Web Application Firewalls... 4 1.2 About This Test Methodology and Report... 4 1.3 Inclusion Criteria...

More information

PROTECT YOUR COMPUTER AND YOUR PRIVACY!

PROTECT YOUR COMPUTER AND YOUR PRIVACY! PROTECT YOUR COMPUTER AND YOUR PRIVACY! Fraud comes in many shapes simple: the loss of both money protecting your computer and Take action and get peace of and sizes, but the outcome is and time. That

More information

Netsweeper Whitepaper

Netsweeper Whitepaper Netsweeper Inc. Corporate Headquarters 104 Dawson Road Suite 100 Guelph, ON, Canada N1H 1A7 CANADA T: +1 (519) 826-5222 F: +1 (519) 826-5228 Netsweeper Whitepaper The Evolution of Web Security June 2010

More information

RELOCATEYOURSELF.COM B.V - TERMS OF USE OF SERVICES

RELOCATEYOURSELF.COM B.V - TERMS OF USE OF SERVICES RELOCATEYOURSELF.COM B.V - TERMS OF USE OF SERVICES The following constitute the terms and conditions of access and use of the Services, as defined hereunder, which shall be deemed to have been read and

More information