Using the intelligence Websense products use to ferret out and block inappropriate Web sites, the company has developed a technology that can do the same for sites containing malicious code.
ThreatSeeker, which been in development for more than five years, comprises algorithms, behavior-profiling methods, and code-analysis processes that are powered by a network of data-mining computers to spot emerging and complex threats, the company says. It is designed to protect customers before patches or signatures are developed for known threats, company officials say.
Much like Websense's existing Web-filtering software identifies Web sites that organizations want to keep their employees from visiting on company time -- inappropriate ones like porn sites or productivity-zappers like myspace.com -- ThreatSeeker makes it possible to identify and block sites containing such malicious code as keyloggers that can be downloaded to a visiting PC without the visitor knowing it.
"We are already out there actively discovering Internet [sites]; we started doing that to identify porn sites and other things like that," says John McCormack, senior vice president of product development at Websense. "We started enhancing that process with technology like analytics and research and other things to start looking for security-related issues," he says.
ThreatSeeker was developed in response to the evolution of security threats during the last few years, morphing from virus writers and the like looking to show off, to serious criminals seeking financial gain, McCormack says. One of the most effective ways to steal personal or financial information is by secretly installing software on unsuspecting users' PCs that sends data input or stored on the PC back to the software's controller.
ThreatSeeker is available in all of Websense's security products via the company's automated download service. ThreatSeeker also will be integrated into the data-leakage prevention offering that Websense is working on with PortAuthority Technologies and that is expected to be released by mid-2007, says McCormack.
This week the company also announced an upgrade to its Web security and filtering software. In addition to including ThreatSeeker, Version 6.3 of Websense Web Security Suite features enhancements to the software's reporting capabilities and integrates with Citrix Presentation Server , according to the company. The suite is priced at US$33 per user, per year for 1,000 users.