Johannesburg, 27 Feb 2013
Miercom, the well-respected worldwide testing service, recently conducted one of the largest independent tests of real-world threat protection capabilities of Web security systems. Results show that Websense (NASDAQ: WBSN) demonstrated superior security effectiveness, threat detection and mitigation capabilities over the other tested systems.
The test pitted Websense TRITON Web Security Gateway Anywhere, powered by the Websense Advanced Classification Engine (ACE), against Web security systems offered by Blue Coat Systems, Cisco, McAfee, Palo Alto Networks and FireEye. The results are published and available at www.websense.com/proveit. Findings clearly prove that Websense demonstrated superior capabilities in the areas of Web security effectiveness, modern malware threat stages, data theft and loss protection, malware sandboxing and forensic reporting, and manageability and effectiveness.
"It's clear from our testing that Websense TRITON Web Security Gateway Anywhere has stronger detection capabilities across advanced threat stages," said Robert Smithers, chief executive officer, Miercom. "To truly mimic a real-world environment, we tested 2.2 million open live Web requests of an unknown nature. This is a departure from traditional testing methods, which typically use known samples and produce artificially high results compared to real-world experience."
Miercom's methodology allowed each solution to have a fair and equal chance of analysing, classifying and blocking threats in real time, as they would on a business network. Using an unknown sample is key when identifying crucial security effectiveness metrics against day-to-day and advanced attacks. Attack methods include zero-day exploits, targeted and timed attacks, spear-phishing, lures and redirects hidden in social networking. This research tactic tested predictive defences that aim to proactively protect users when they click on Web links in real time.
"With Websense TRITON, we are confident we have created the most innovative and effective security for today's businesses, and this report proves it," said Russ Dietz, chief technology officer of Websense. "Threats are cracking enterprises on an almost daily basis because, as an industry, many organisations are reliant on outdated security products. The Miercom testing results confirm that nothing can match security delivered by the unified Web, e-mail and data intelligence of TRITON."
Miercom security effectiveness test results
This Miercom testing was conducted in January of 2013. The effectiveness and validation tests addressed five security areas, including: Web security effectiveness, modern malware threat stages, data theft and loss protection, malware sandboxing and forensic reporting, and manageability and effectiveness.
* The Web security effectiveness test used a data set of more than 2.2 million live Web requests. These requests were of an unknown nature and targeted the Web server through the Web gateway. Websense correctly blocked 68% more malicious links, suspicious links, exploit kits, malware and other associated threats than the next ranking competitor.
* The modern malware threat stages test determined the systems' ability to detect and defend against kill chain stages, including individual detection of exploit kits, lures and dropper files. Again, the accumulated Websense scores were higher than all other units tested.
* Data theft and loss protection capabilities for Websense TRITON Web Security Gateway Anywhere were tested using six data theft and loss scenarios, including: custom encrypted file detection; password file data theft; optical character recognition of text within an image to protect confidential data; slow (or cumulative) data leak detection; and geolocation awareness. Again, Miercom validated Websense's innovative features for data theft and loss.
* Malware sandboxing and forensic reporting is critical to understand malware infection steps, system changes and call-home communications. Organisations need to know who was attacked, how they were attacked, where communications were destined, and what data was targeted with data theft capture. Websense TRITON Web Security Gateway Anywhere and the ThreatScope malware sandbox scored higher than the FireEye MPS appliance, in a comparison of the two solutions side by side.
* The most effective security isn't any good if it isn't easily manageable. In the manageability and effectiveness review, Miercom determined the relative value of: the management dashboard; unified policy creation and management capabilities; standard and custom security reporting; and the action ability of the information gathered. Miercom again found Websense was unrivalled.
"This test speaks volumes on why the majority of today's security products fail," said Dietz. "Far too many security vendors wait and try to stop the final deliverable - the malware itself - only if they know the signature. Our research has shown that by disrupting any link in the attack chain, organisations can significantly increase their effectiveness in thwarting these persistent attacks."
The Websense ACE security defences are the foundation for Websense TRITON Web Security Gateway Anywhere effectiveness. ACE combines seven in-depth defences using composite scoring with predictive analysis. More than 10 000 analytics within ACE are derived from the ThreatSeeker Intelligence Cloud, which unites more than 900 million endpoints and analyses up to five billion requests per day. ACE defences are utilised within the Websense ThreatScope malware analysis sandbox and TRITON Web, e-mail, data and mobile security solutions.
"The Miercom data speaks for itself and the implications are clear. When you are facing real-world network traffic - not just a canned collection of known threats - features like Websense's real-time, inline defences provide a clear advantage, and could likely be the difference in protecting an organisation," said Dietz.
The Miercom report is available in its entirety, including detailed test methodology and results, online at www.websense.com/proveit.
Share