June 24, 2013

What Miercom’s Unprecedented Security Effectiveness Test Can Tell You About Your Security

Tom Clare

In February, we released security effectiveness test results alongside data theft defense validation test results from the well-respected worldwide testing firm, Miercom. For this test report, Websense® TRITONTM Web Security Gateway Anywhere (WSGA) was evaluated against comparable products from Blue Coat®, Cisco®, McAfee®, Palo Alto NetworksTM and FireEye®, Inc.

For the first test, and the main focus of the report, Websense blocked more threats than any other product tested for a large volume of web requests of an unknown nature. Each web request and response was analyzed by specific solution defenses to protect the user at the point of click. The second test in the report looked at specific threat kill chain stages and the security effectiveness provided of the tested solutions for those threat stages. Specifically, web and email lures, exploit kit detection and dropper file threat stages were individually tested, pushing defenses beyond known ratings and reputations. The third test validated new innovative data theft defenses within the WSGA solution using DLP as a containment defense. The fourth test reviewed forensic reporting details for two solutions providing this level of analysis, and the fifth test reviewed time and motion for administrative controls and reporting.

Let's dive a little deeper so I can explain exactly how the first test was conducted.

The Miercom testing of web security gateways for the first test was designed to evaluate each vendors' ability to protect users in real-time and validate each product's effectiveness accordingly. Its testing methods gave each vendor a fair and equal chance of analyzing, classifying and blocking threats in real-time, as they would if deployed on a network for the web request and response.

To simulate a real-world web environment, Miercom used a data set of more than 2.25 million open live web requests of an unknown nature. In fact, this is the largest audited web security effectiveness test to date. Additionally, using web requests of an unknown nature is unique in the information security industry. By comparison, most vendors elect to test a known set of malware, producing artificially favorable results. Identifiable malware is not indicative of what is actually happening on the Internet and in businesses today as a web request from a user can result in more than 100 dynamic links to fill out requested web content. This is why the results of this test are of huge importance to those chosen to protect at the point of click in real-time.

The "point of click" is one of the most critical moments to your business; this is the instance when a user's action kicks your security defenses into gear. This test was designed to validate the proactive security measures each vendor provided as the web requests occurred for the request and the response. When Miercom looked at "proactive" security, it was fundamentally about analyzing, investigating and evaluating all contextual content. The goal was not based on how well the solutions are recognizing what they already know-but how well they are identifying and protecting against risks they do not know.

Even common obfuscation techniques render signature-based solutions ineffective. This is where the first test underscores Websense TRITON solutions clearly deliver results well beyond other competitors.. When you add in the zero-day threats that are occurring more frequently in advanced attacks, the effectiveness gap grows even more substantial. Zero-day exposure time is one of the more dangerous variables in your organization's ability to defend against cybercrime - along with human curiosity.

Miercom's test results validate that in order to effectively safeguard against  advanced malware and data theft, your organization needs a security solution that can live web requests in real-time. Traditional antivirus, firewall and URL filtering tools are no longer enough to protect users against today's advanced cyberthreats.

For more details on the tests and results, download a full copy of the Miercom Security Effectiveness Report.

How is your business currently protecting against advanced cyberattacks and data theft? 

About Forcepoint

Forcepoint is the leading user and data protection cybersecurity company, entrusted to safeguard organizations while driving digital transformation and growth. Our solutions adapt in real-time to how people interact with data, providing secure access while enabling employees to create value.