Websense, Inc. continued its proven cybersecurity leadership by advancing Websense TRITON defenses to thwart every stage of the targeted threat kill chain. Cybercriminals prey on organizations through reconnaissance, luring victims, redirecting web traffic, executing exploit kits, deploying dropper files, calling home and ultimately stealing critical data.
Today’s new Websense TRITON 7.8 enhancements include advanced threat protection with expanded ThreatScope inline sandboxing, malware isolation to heighten data loss prevention, end-user phishing education and new platform support for pervasive deployment.
“Websense TRITON is the most advanced integrated security solution in the market,” says John McCormack, Websense CEO. “No other solution offers the broadest range of threat protection, across the entire advanced threat kill chain, in a completely integrated system. Organizations are vulnerable if they rely on security solutions that only address part of the problem. TRITON provides comprehensive security that stops attacks other solutions miss. Today’s enhancements are yet another important step forward for our customers in enhancing their security defenses.”
Websense ACE (Advanced Classification Engine) delivers real-time security ratings to all Websense TRITON products. ACE’s eight assessment areas and unique composite scoring capabilities enable TRITON solutions to detect threats that other security solutions miss. The predictive security engines can see developing trends and use contextual assessments to ensure accuracy and counter evasion techniques. With more than 10,000 analytics, ACE provides deep inspection and composite scoring to support effective decision-making.
TRITON ThreatScope enables an additional capability within ACE to automatically intercept files for behavioral sandboxing and forensic reporting. Organizations can also manually upload files to the on-demand sandbox and input links to a cloud-based URL analysis service. Each action generates detailed reports to support forensic investigations and threat mitigation. ThreatScope also marks suspicious email links for supplemental scrutiny through email URL sandboxing. Real-time analysis of links occurs at point-of-click, which in some cases, can be long after the initial email arrives.
The Websense TRITON product portfolio provides intelligently integrated web, email and data protection. To access these new sandboxing and other enhancements, organizations can simply add TRITON ThreatScope to their existing TRITON solutions.
In addition to the inline ThreatScope sandboxing enhancements to ACE, Websense TRITON 7.8 includes advancements to data loss prevention identification, phishing education and amplifies deployment pervasiveness.
- Data Loss Prevention Stops Advanced Low and Slow Exfiltration: To isolate potentially malware-infected systems, the new Websense TRITON data loss prevention enhancements further analyze the type of data moving into and out of an organization. Low and slow data exfiltration is stopped based on Websense analysis and machine learning, which determines data movement within complex obfuscation techniques to isolate threats.
- End-User Phishing Education: Websense’s commitment to delivering a cohesive Advance Persistent Threat (APT) security system is evident in the new phishing education and profiling for end-users. Educating end-users about phishing attacks is vital to corporate security strategy and long-term success. Websense TRITON allows phishing messages, where the malicious link has been rewritten and disarmed, to be delivered to end-users. This process shows employees that even a legitimate looking email can be harmful. Users can click the disarmed URL to view a customizable block page that further reinforces end-user education. Added profiling also helps organizations identify potentially targeted users.
- New Platform Support: As the worldwide threat landscape shifts and technology advances, organization requirements inherently change. To stay ahead of the security curve, Websense provides a pervasively deployable technology with on-premise, cloud and hybrid options. That commitment is evident with the company’s new Virtual Email Security appliance and new i500 cloud appliance.
The new Websense Virtual Email Security appliance enables organizations to combine the benefits of the Websense Email Security Gateway and Email Security Gateway Anywhere solutions with their virtual infrastructure. This is designed to maximize hardware resources, increase performance and scalability and reduce appliance footprint.
Websense customers also have access to the new i500 cloud-assist appliance to increase network traffic speed and control what traffic is sent to the cloud. This appliance intelligently determines if traffic requires additional content scanning for policy or security reasons. If needed, content is redirected to Websense cloud resources for advanced analysis.