Websense has advanced Websense Triton defences to thwart every stage of the targeted threat process. Cybercriminals prey on organisations through reconnaissance, luring victims, redirecting web traffic, executing exploit kits, deploying dropper files, calling home and ultimately stealing critical data. Websense continues to protect organisations from targeted attacks and advanced persistent threats (APTs) across the entire advanced threat process.
The Websense Triton 7.8 enhancements include advanced threat protection with expanded ThreatScope inline sandboxing, malware isolation to heighten data loss prevention, end-user phishing education and new platform support for pervasive deployment.
“Websense Triton is an advanced integrated security system,” said John McCormack, Websense CEO. “It offers a broad range of threat protection across the entire advanced threat process in a completely integrated system. Organisations are vulnerable if they rely on security products that only address part of the problem. Triton provides comprehensive security that stops attacks other software misses. These enhancements are yet another important step forward for our customers in enhancing their security defences.”
Websense ACE (Advanced Classification Engine) delivers real-time security ratings to all Websense Triton products. ACE’s eight assessment areas and unique composite scoring capabilities enable Triton to detect threats that some other security software misses. The predictive security engines can see developing trends and use contextual assessments to ensure accuracy and counter evasion techniques. With more than 10,000 analytics, ACE provides deep inspection and composite scoring to support effective decision-making.
Triton ThreatScope enables an additional capability within ACE to automatically intercept files for behavioural experimentation and forensic reporting. Organisations can also manually upload files to the on-demand sandbox and input links to a cloud-based URL analysis service. Each action generates detailed reports to support forensic investigations and threat mitigation. ThreatScope also marks suspicious email links for supplemental scrutiny through email URL sandboxing. Real-time analysis of links occurs at point-of-click, which in some cases, can be long after the initial email arrives.
The Websense Triton product portfolio provides intelligently integrated web, email and data protection. To access these new sandboxing and other enhancements, organisations can simply add Triton ThreatScope to their existing Triton solutions.
In addition to the inline ThreatScope sandboxing enhancements to ACE, Websense Triton 7.8 includes advancements to data loss prevention identification, phishing education and amplifies deployment pervasiveness.
* Data Loss Prevention Stops Advanced Low and Slow Exfiltration: To isolate potentially malware-infected systems, the new Websense Triton data loss prevention enhancements further analyse the type of data moving into and out of an organisation. Low and slow data exfiltration is stopped based on Websense analysis and machine learning, which determines data movement within complex obfuscation techniques to isolate threats.
* End-User Phishing Education: Websense’s commitment to delivering a cohesive APT security system is evident in the new phishing education and profiling for end-users. Educating end-users about phishing attacks is vital to corporate security strategy and long-term success. Websense Triton allows phishing messages, where the malicious link has been rewritten and disarmed, to be delivered to end-users. This process shows employees that even a legitimate looking email can be harmful. Users can click the disarmed URL to view a customisable block page that further reinforces end-user education. Added profiling also helps organizations identify potentially targeted users.
* New Platform Support: As the worldwide threat landscape shifts and technology advances, organisation requirements inherently change. To stay ahead of the security curve, Websense provides a pervasively deployable technology with on-premise, cloud and hybrid options. That commitment is evident with the company’s new Virtual Email Security appliance and new i500 cloud appliance.
The new Websense Virtual Email Security appliance enables organisations to combine the benefits of the Websense Email Security Gateway and Email Security Gateway Anywhere solutions with their virtual infrastructure. This is designed to maximise hardware resources, increase performance and scalability and reduce appliance footprint.
Websense customers also have access to the new i500 cloud-assist appliance to increase network traffic speed and control what traffic is sent to the cloud. This appliance intelligently determines if traffic requires additional content scanning for policy or security reasons. If needed, content is redirected to Websense cloud resources for advanced analysis.