SOURCE: Seculert

Seculert

April 16, 2015 08:00 ET

Seculert Research Finds Critical Gaps in Gateway Solutions

Study Concludes Hundreds of Thousands of Malicious Communications Go Undetected

SANTA CLARA, CA--(Marketwired - Apr 16, 2015) - Seculert, the leader in automated breach detection, today released its "State of Perimeter Security Defenses Report," identifying critical security gaps in the security strategy currently employed across the world's largest enterprises. Seculert examined a subset of its installed base environments that included nearly 800,000 client devices, generating nearly 62 billion total communications emanating from Fortune 2000 Companies in North America.

Seculert examined these environments for 90 days each to determine whether existing gateway tools were allowing internal devices to be infected and communicate malicious traffic outside of the organization. The company also examined how long it took those organizations to contain the infections. Nearly all of the environments studied had a complete and well-run perimeter defense system in place, including a secure web gateway and/or next generation firewall, an IPS, and a SIEM in addition to fully functioning endpoint protection.

Key findings include:

  • Of the 62 billion total communications observed, nearly 3 million attempted malicious outbound communications were from infected devices. 13 percent of those attempted malicious outbound communications were allowed by the gateway solutions.
  • The very best performing gateway allowed 15 percent of the infected devices to communicate out to the perpetrator's command and control servers. Three of the six gateways observed allowed 90+ percent of the infected devices to send communications to the malware's perpetrators.
  • Roughly two percent of all devices analyzed were infected, and every environment had infected devices that were allowed to communicate out. All told, nearly 400,000 communications escaped detection, allowing data to be sent back to the adversaries.
  • On average, containment of a breach where SIEM solutions were present took seventeen days.

"These results point to one clear issue, current generation prevention systems, even when they are well run, can not provide complete protection in the current threat landscape. CISOs need to "think different" about their entire security strategy and begin augmenting their existing perimeter security strategy with a comprehensive post infection detection solution," said Dudi Matot, CEO & Founder of Seculert.

The gateway solutions observed included those from BlueCoat, Fortinet, McAfee, Palo Alto Networks, Websense, and ZScaler. SIEM products observed included HP ArcSight, IBM® Security QRadar® SIEM, Splunk, RSA Security Analytics, TIBCO LogLogic®, LogRythm and McAfee Enterprise Security Manager.

The Seculert Platform detects persistent and unknown malware by focusing on outbound malicious traffic over time providing superior visibility, speed, and accuracy of incidents. The Seculert Platform achieves this at materially lower cost by enhancing the productivity of SOC/IR teams, automating the event/log analysis process for detection, without installing any new hardware or software.

To read the full Seculert State of Perimeter Security Defenses Report visit here.

To set up a meeting with Seculert at the RSA Security Conference, please contact sales@seculert.com

About Seculert
The Seculert cloud-based automated breach detection platform fills the gap left by legacy perimeter defense and Breach Detection Systems. Seculert protects distributed enterprises from advanced threats by focusing on the malicious outbound network traffic that goes undetected by legacy prevention solutions. By combining Big Data analytics, machine learning technology and behavioral analysis, Seculert provides unique visibility on the final two stages of the malware kill chain. Organizations worldwide use Seculert to identify known and unknown security threats, while enhancing the effectiveness of their existing IT security systems. Founded in 2010, Seculert has offices in the U.S., the U.K. and Israel. For more information, visit www.seculert.com.

Contact Information