Finjan, a supplier of web security products, today announced the general availability of Finjan SecureBrowsing, an intuitive security assistance tool for end-users. Initially announced to the public at the RSA Conference in February, this free service has generated great interest among both enterprise and home users alike, as evidenced by the thousands of requests for early notification received via Finjan’s website.
“Finjan SecureBrowsing utilizes our breakthrough web security approach, as implemented through our patented behavior-based content inspection technology. It analyzes website code in real time to provide users with safety ratings of URLs before they visit the sites,” said Yuval Ben-Itzhak, CTO, Finjan. “By its nature, the web is very dynamic with website content changing continuously -- a URL that was safe yesterday might contain malicious code today. Unlike other products that are based on static databases containing information on web domain reputations, Finjan SecureBrowsing scans each URL as it currently exists on the web, each time the address is displayed in the browser.”
Real-Time Protection for Web Browsing
Finjan SecureBrowsing proactively alerts users to potential malicious content hiding behind links of search results, online email applications, ads and other popular websites. Finjan SecureBrowsing accesses each of the links in its current form on the web, and scans the relevant pages in real time using Finjan’s patented behavior-based technology. Each link is then marked with a safety rating - either safe (green) or potentially malicious (red). Finjan SecureBrowsing enables end-users to experience the same best-in-class security technologies currently in use at large enterprise customers.
Finjan SecureBrowsing offers a unique set of capabilities to deliver the highest rate of malicious code detection:
· Scans in real-time all the dynamic code elements comprising each web page, rather than just the text
· Detects potentially malicious content using real-time behavior-based content inspection, unlike other products that rely on static URL databases
· Provides safety rating based on an analysis of the current page content, each time a link appears in the browser
· Analyzes links in popular websites (Digg, Slashdot, Blogger, etc.) and online email applications (Gmail, Yahoo! mail), in addition to all of the major search engines
Finjan’s Malicious Code Research Center performed an analysis of malicious code detected by the beta version of Finjan SecureBrowsing during Q1 2007. The results of this analysis indicate that over 80% of the URLs containing malicious code are hosted on servers in North America. “These findings shatter the myth that malicious code is typically hosted on servers located in countries with a low level of e-crime awareness,” stated Yuval Ben-Itzhak. In contrast to other studies that only analyze the top level domain (TLD), Finjan’s analysis goes one step further to identify the true physical location of the URL, which is often different than the domain extension. Details of this study can be found in Finjan’s Q1 2007 Web Security Trends Report.
A second analysis of the same data classified the malicious URLs detected by Finjan SecureBrowsing into website categories. Over 80% of malicious code was found on URLs belonging to the “Computing and Internet” category which typically includes online stores, e-magazines, and other such sites. More dubious categories (e.g., adult content or free downloads) constituted no more than a negligible source of malicious code. “These statistics lend credence to the view that attackers are focusing their efforts on writing malicious code that cannot be detected by traditional security technologies. As a result, enterprises that rely solely on URL categories to block access to malicious sites may find themselves exposed to serious risk,” said Ben-Itzhak.