On Tuesday of this week, premier independent test lab Miercom released the results of its ‘Secure Web Gateway Industry Study,’ featuring Websense TRITON AP-WEB and seven competing security solutions. Websense distinguished itself at protecting against known and emerging threats, earning Miercom’s ‘Performance Verified Certification’ in the process for its overall security effectiveness. We’re pleased to have performed well, but even more so because of the strict methodology Miercom applied in the testing, which embodied the testing principles we advocate at Websense.
We’ve long championed high standards for test methodologies and performance benchmarks to produce reliable, accurate and relevant results and Miercom demonstrated their commitment to that model. The modern threat landscape is an environment where attacks are frequently multilayered and often encompass several stages of the security kill chain and as such, security efficacy validation testing should reflect the complex nature of modern threats.
Miercom tested a wide diversity of live threats that took into account the multilayered nature of advanced threats to demonstrate that only solutions that can detect and stop threats at the various stages of the kill chain are able to offer a wide protection footprint necessitated by current malware delivery techniques. Also, the threat types tested were representative of relevant attack types that organizations face today, including evasive binary malware and web scripting designed to bypass traditional security technologies. Currently prevalent threat families were tested across the different threat categories in the study, giving the test results immediate relevancy to organizations considering the adoption of a security solution equipped with real-time advanced contextual analytics that can stop malicious infections and prevent data breaches without the reliance on static threat signatures.
The test focused on testing threats for which signatures were very unlikely to exist due to their dynamic and evasive nature. Many of the threats were hosted on compromised legitimate websites as well as dynamic short-lived websites that many of the tested security platforms were unable to detect due to heavy reliance on reputation and static signatures. The test demonstrated security detection effectiveness beyond URL database and AV signature matching. Detecting threats on compromised websites requires real-time advanced contextual analysis of its web code and its payloads to detect and block threats such as malicious IFrames, redirects, botnets, exploits and others. All product vendors were afforded a fair test notification to demonstrate their product’s performance and all products tested utilized the latest publicly available software, databases, AV and malware signature updates and were configured to employ all available cloud-based resources.