SlideShare a Scribd company logo

Seculert gateway performance report 2015

B
Brian Campbell

The Seculert attack detection and analytics platform identifies attacks that bypass traditional security measures, analyzing performance data from web gateway solutions protecting over 1.5 million users. The report highlights that more than half of the studied gateways allowed over 40% of malicious communications to succeed, with nearly 2% of devices showing infection. Overall, the performance of the gateways varied significantly over time, with many eventually being outperformed by attackers.

Technology
1 of 1
Download to read offline
1
The Seculert Attack Detection & Analytics Platform, delivered as a service, identifies attacks that have defeated perimeter prevention systems based on the evidence the attacker inevitably leaves behind as they execute their malicious activities. In the course of protecting more than 1.5 million enterprise users, Seculert researchers observe the performance of all of the leading web gateway solutions. This report summarizes how well these solutions did in blocking malicious communications generated by attacks that succeeded in penetrating our customer’s networks during the first 10 months of 2015. United States 2880 Lakeside Drive, #228 Santa Clara, CA 95054 Tel: +1 408 560 3400 Israel 6 Efal Street, P.O. Box 3970 Petach Tikvah, IL 4952801 Tel: +972 3 919 3366 www.seculert.com Toll Free (US/Canada): +1 855 732 8537 Tel (UK): +44 203 6444 Fax: +972 3 919 3636 Copyright  2015   Web Gateway Performance Report Fast Facts ! One million client devices ! 200 Billion communications ! 8 Web Gateways - Barracuda, BlueCoat, Fortigate, Ironport, McAfee Web Gateway, Palo Alto Networks, Websense, Zscaler ! 10 Months PERCENTAGE OF DEVICES ALLOWED TO COMMUNICATE OUT   Market Leading Gateway Vendors   Key Findings ! More than half the gateways studied allowed more than 40% of the attempted malicious communications to succeed in reaching their associated C&C servers. ! 40% of all attempted malicious communication succeeded in defeating their associated web gateway. ! Nearly all of the leading web gateways allowed significant outbound communications attributable to Dyre and Trojan.Agent.145 ! Nearly 2% of all examined devices were infected and all domains included in the research exhibited evidence of infection. ! The average number of successful outbound communications per incident (or infected device) was more than 100. ! Measured over time, nearly all of the gateways observed exhibited uneven performance. While most performed well for weeks or months, eventually all showed evidence of being “defeated” by the adversary. 0%# 10%# 20%# 30%# 40%# 50%# 60%# 70%# 80%# 90%# 100%# A# B# C# D# E# F# G# H# !"!!!! !50!! !100!! !150!! !200!! !250!! !300!! !350!! !400!! E! D! H! A! B! C! F! COMMUNICATIONS ALLOWED PER INCIDENT   SAMPLE GATEWAY PERFORMANCE   COMMUNICATIONSALLOWEDOUT   0%# 20%# 40%# 60%# 80%# 100%# 120%# Jan# Feb# Mar# Apr# May# Jun# Jul# Sept# Oct#

More Related Content

PDF
The malware monetization machine
Priyanka Aash
 
PPTX
Fle f04 mishra-v0.9
Minatee Mishra
 
PPTX
Hiding In Plain Sight – Protect Against Bad Hashes
Tripwire
 
PPTX
160415 lan and-wan-ctap
Lan & Wan Solutions
 
PDF
REVE Antivirus Total Security
Abhijeet Guha
 
PDF
The Men Who Actually Ended Up Selling A programa de facturacion para republic...
sharkmaria0
 
PPT
Violeiro Exagerado - Causo Rolando Boldrin
guest5d2bc86
 
PDF
Dashboard 260 gigs leaked
Brian Campbell
 
The malware monetization machine
Priyanka Aash
 
Fle f04 mishra-v0.9
Minatee Mishra
 
Hiding In Plain Sight – Protect Against Bad Hashes
Tripwire
 
160415 lan and-wan-ctap
Lan & Wan Solutions
 
REVE Antivirus Total Security
Abhijeet Guha
 
The Men Who Actually Ended Up Selling A programa de facturacion para republic...
sharkmaria0
 
Violeiro Exagerado - Causo Rolando Boldrin
guest5d2bc86
 
Dashboard 260 gigs leaked
Brian Campbell
 

Similar to Seculert gateway performance report 2015 (20)

PPTX
Enfrentando os Desafios das Ameaças Combinadas.
ISH Tecnologia
 
PPTX
Het ecosysteem als complete bescherming tegen cybercriminaliteit [pvh]
Nancy Nimmegeers
 
PDF
Wsg datasheet
amingslip
 
PDF
Layer one 2011-joe-mccray-you-spent-all-that-money-and-still-got-0wned
fangjiafu
 
PDF
1.3. (In)security Software
defconmoscow
 
PDF
Watch Guard Reputation Enabled Defense (White Paper)Dna
SylCotter
 
PPTX
Secure Web Gateway Market PPT: Trends and Dynamics, Drivers, Competitive land...
IMARC Group
 
PPTX
FortiMail-Email-Secure-Gateway-May-2018_v1.pptx
juliopradobol
 
PDF
Gartner Buyers Guide Summary
Kim Jensen
 
PDF
They Ought to Know Better: Exploiting Security Gateways via Their Web Interfaces
michelemanzotti
 
PPT
Security Lifecycle Management Process
Bill Ross
 
PDF
Internet gatekeeper
F-Secure Corporation
 
PDF
Gartner Magic Quadrant for Secure Email Gateways 2014
Michael Bunn
 
PPTX
Check Point: Securing Web 2.0
Group of company MUK
 
PPT
DEVSECOPS_the_beginning.ppt
schwarz10
 
PDF
Spo1 r31 spo1-r31
SelectedPresentations
 
PPTX
Vulnerability Management
justinkallhoff
 
PDF
Presentation cisco iron port email & web security
xKinAnx
 
PDF
Advanced security - Seccom Global
Kim Tu
 
PPTX
Radware - WAF (Web Application Firewall)
Deivid Toledo
 
Enfrentando os Desafios das Ameaças Combinadas.
ISH Tecnologia
 
Het ecosysteem als complete bescherming tegen cybercriminaliteit [pvh]
Nancy Nimmegeers
 
Wsg datasheet
amingslip
 
Layer one 2011-joe-mccray-you-spent-all-that-money-and-still-got-0wned
fangjiafu
 
1.3. (In)security Software
defconmoscow
 
Watch Guard Reputation Enabled Defense (White Paper)Dna
SylCotter
 
Secure Web Gateway Market PPT: Trends and Dynamics, Drivers, Competitive land...
IMARC Group
 
FortiMail-Email-Secure-Gateway-May-2018_v1.pptx
juliopradobol
 
Gartner Buyers Guide Summary
Kim Jensen
 
They Ought to Know Better: Exploiting Security Gateways via Their Web Interfaces
michelemanzotti
 
Security Lifecycle Management Process
Bill Ross
 
Internet gatekeeper
F-Secure Corporation
 
Gartner Magic Quadrant for Secure Email Gateways 2014
Michael Bunn
 
Check Point: Securing Web 2.0
Group of company MUK
 
DEVSECOPS_the_beginning.ppt
schwarz10
 
Spo1 r31 spo1-r31
SelectedPresentations
 
Vulnerability Management
justinkallhoff
 
Presentation cisco iron port email & web security
xKinAnx
 
Advanced security - Seccom Global
Kim Tu
 
Radware - WAF (Web Application Firewall)
Deivid Toledo
 
Ad

Recently uploaded (20)

PPTX
OMC Textile Division Presentation 2021.pptx
JahangirAlam816069
 
PDF
2021 HotChips TSMC Packaging Technologies for Chiplets and 3D_0819 publish_pu...
KeXue5
 
PDF
Profit Center Accounting in SAP S/4HANA, S4F28 Col11
Libreria ERP
 
PDF
ENT215_Completing-a-large-scale-migration-and-modernization-with-AWS.pdf
ssuser28425f
 
PDF
Microsoft Solutions Partner Drive Digital Transformation with D365.pdf
Microsoft Dynamics
 
PDF
From MVP to Full-Scale Product A Startup’s Software Journey.pdf
KodekX
 
PDF
WOOl fibre morphology and structure.pdf for textiles
Rajendrakumar868651
 
PPTX
Chapter 5: Probability Theory and Statistics
RandyFin
 
PPTX
The various Industrial Revolutions .pptx
bandileshozi3
 
PDF
Developing a website for English-speaking practice to English as a foreign la...
IAESIJAI
 
PDF
A comparative study of natural language inference in Swahili using monolingua...
IAESIJAI
 
PDF
Zenith AI: Advanced Artificial Intelligence
Biz Preneurs
 
PDF
gpt5_lecture_notes_comprehensive_20250812015547.pdf
Chinchu40
 
PDF
A novel scalable deep ensemble learning framework for big data classification...
IAESIJAI
 
PDF
Hybrid model detection and classification of lung cancer
IAESIJAI
 
PDF
Hindi spoken digit analysis for native and non-native speakers
IAESIJAI
 
PPTX
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 
PPTX
MicrosoftCybserSecurityReferenceArchitecture-April-2025.pptx
SilvioHayashi
 
PDF
Web App vs Mobile App What Should You Build First.pdf
KodekX
 
PDF
How ambidextrous entrepreneurial leaders react to the artificial intelligence...
IAESIJAI
 
OMC Textile Division Presentation 2021.pptx
JahangirAlam816069
 
2021 HotChips TSMC Packaging Technologies for Chiplets and 3D_0819 publish_pu...
KeXue5
 
Profit Center Accounting in SAP S/4HANA, S4F28 Col11
Libreria ERP
 
ENT215_Completing-a-large-scale-migration-and-modernization-with-AWS.pdf
ssuser28425f
 
Microsoft Solutions Partner Drive Digital Transformation with D365.pdf
Microsoft Dynamics
 
From MVP to Full-Scale Product A Startup’s Software Journey.pdf
KodekX
 
WOOl fibre morphology and structure.pdf for textiles
Rajendrakumar868651
 
Chapter 5: Probability Theory and Statistics
RandyFin
 
The various Industrial Revolutions .pptx
bandileshozi3
 
Developing a website for English-speaking practice to English as a foreign la...
IAESIJAI
 
A comparative study of natural language inference in Swahili using monolingua...
IAESIJAI
 
Zenith AI: Advanced Artificial Intelligence
Biz Preneurs
 
gpt5_lecture_notes_comprehensive_20250812015547.pdf
Chinchu40
 
A novel scalable deep ensemble learning framework for big data classification...
IAESIJAI
 
Hybrid model detection and classification of lung cancer
IAESIJAI
 
Hindi spoken digit analysis for native and non-native speakers
IAESIJAI
 
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 
MicrosoftCybserSecurityReferenceArchitecture-April-2025.pptx
SilvioHayashi
 
Web App vs Mobile App What Should You Build First.pdf
KodekX
 
How ambidextrous entrepreneurial leaders react to the artificial intelligence...
IAESIJAI
 
Ad

Seculert gateway performance report 2015

  • 1. The Seculert Attack Detection & Analytics Platform, delivered as a service, identifies attacks that have defeated perimeter prevention systems based on the evidence the attacker inevitably leaves behind as they execute their malicious activities. In the course of protecting more than 1.5 million enterprise users, Seculert researchers observe the performance of all of the leading web gateway solutions. This report summarizes how well these solutions did in blocking malicious communications generated by attacks that succeeded in penetrating our customer’s networks during the first 10 months of 2015. United States 2880 Lakeside Drive, #228 Santa Clara, CA 95054 Tel: +1 408 560 3400 Israel 6 Efal Street, P.O. Box 3970 Petach Tikvah, IL 4952801 Tel: +972 3 919 3366 www.seculert.com Toll Free (US/Canada): +1 855 732 8537 Tel (UK): +44 203 6444 Fax: +972 3 919 3636 Copyright  2015   Web Gateway Performance Report Fast Facts ! One million client devices ! 200 Billion communications ! 8 Web Gateways - Barracuda, BlueCoat, Fortigate, Ironport, McAfee Web Gateway, Palo Alto Networks, Websense, Zscaler ! 10 Months PERCENTAGE OF DEVICES ALLOWED TO COMMUNICATE OUT   Market Leading Gateway Vendors   Key Findings ! More than half the gateways studied allowed more than 40% of the attempted malicious communications to succeed in reaching their associated C&C servers. ! 40% of all attempted malicious communication succeeded in defeating their associated web gateway. ! Nearly all of the leading web gateways allowed significant outbound communications attributable to Dyre and Trojan.Agent.145 ! Nearly 2% of all examined devices were infected and all domains included in the research exhibited evidence of infection. ! The average number of successful outbound communications per incident (or infected device) was more than 100. ! Measured over time, nearly all of the gateways observed exhibited uneven performance. While most performed well for weeks or months, eventually all showed evidence of being “defeated” by the adversary. 0%# 10%# 20%# 30%# 40%# 50%# 60%# 70%# 80%# 90%# 100%# A# B# C# D# E# F# G# H# !"!!!! !50!! !100!! !150!! !200!! !250!! !300!! !350!! !400!! E! D! H! A! B! C! F! COMMUNICATIONS ALLOWED PER INCIDENT   SAMPLE GATEWAY PERFORMANCE   COMMUNICATIONSALLOWEDOUT   0%# 20%# 40%# 60%# 80%# 100%# 120%# Jan# Feb# Mar# Apr# May# Jun# Jul# Sept# Oct#