Welcome!

Java IoT Authors: Pat Romanski, Carmen Gonzalez, Elizabeth White, Liz McMillan, Mehdi Daoudi

News Feed Item

NSS Labs Tests Show Enterprise End Point Protection Solutions Improving Ability to Block Exploits, Evasions and Phishing Attacks

AUSTIN, TX -- (Marketwire) -- 02/25/13 -- NSS Labs today released three new 2013 Corporate End Point Protection Comparative Analysis Reports, which evaluated 11 enterprise level end point protection (EPP) products to test their effectiveness in blocking exploits and evasions. While only 3 of the 11 vendors -- McAfee, Kaspersky and Microsoft -- scored 100% across all 6 types of evasion testing, the average score across all vendors increased to an average of 87% in 2013 testing, compared to 27% in NSS' 2010 tests. In exploit testing, the top 3 vendors -- McAfee, Kaspersky and Symantec -- all scored over 90%, with an overall group average of 74.5%, also an improvement over 2010 test results.

Read the Reports:
NSS 2013 Corporate End Point Protection Comparative Analysis Report - Exploits
NSS 2013 Corporate End Point Protection Comparative Analysis Report - Evasions
NSS 2013 Corporate End Point Protection Comparative Analysis Report - Phishing

NSS vulnerability research has shown that the number of vulnerabilities disclosed in 2012 jumped 26% after a 5-year decline. Given the growing availability of exploit toolkits that automate the creation of evasions and exploits targeting newly-discovered and existing vulnerabilities, NSS recommends that enterprises -- especially those that have implemented a bring your own device (BYOD) policy -- fully understand the ability of their EPP solutions to adequately protect against key exploits and types of evasions.

NSS's research yielded several key conclusions:

  • Enterprise EPP products differ up to 53% in effectiveness at blocking exploits: Protection levels in the 2013 tests ranged from 97% (McAfee) to 41% (Panda). The top 3 vendors all scored over 91% with half (4) of the remaining 8 vendors scoring in the 70 - 80% range. In 2010 exploit testing, the overall block rate ranged from 20% to 100% with an overall average of 67%.

  • Default vendor settings may favor performance over security: While all of the vendors tested were able to block exploits once malicious files were decompressed, only 3 of the 11 vendors -- ESET, Kaspersky, and Trend Micro -- blocked all of the compressed threats upon download. NSS believes having a default setting that does not inspect compressed downloads is typically a choice of performance over security and that malicious downloads inside of compressed files should be blocked by default.

  • Vendors' anti-evasion protection against encoded payloads and layered evasions has greatly improved since 2010: In 2010, none of the products scored 100% and most scored below 40% in their ability to handle encoded payloads. In 2013 tests, 8 of the 11 vendors scored 100% in these tests -- followed by one vendor scoring 83% and two that only scored 17%. In 2010, even single layers of evasion caused problems for many vendors, but in 2013, all 11 vendors scored 100% even when attempts to use as many as 4 levels of obfuscation were used.

  • Web browsers rather than EPP should be considered the first line of defense against phishing: Modern Web browsers now offer 90% to 94% protection against phishing according to recent NSS tests. Only one of the vendors tested -- Trend Micro -- scored as well or better than current Web browsers did in these latest tests. Organizations should still take time to educate users about phishing and best practices for avoiding phishers' increasingly deceptive attacks.

  • Detection of exploits delivered via HTTP vs. HTTPS can vary as much as 39% in a single product: Only 3 of the 11 vendors blocked the same percentage of exploits when delivered via HTTP and HTTPS. On average, there was a 7% difference in the ability of products across the board to block HTTPS vs. HTTP exploit attacks. NSS believes security product should ideally protect against all exploits for a given vulnerability, regardless of the transport protocol.

  • Enterprise Using Internet Explorer 6 (IE6) may be less protected against exploits: Because some enterprises are still using IE6, NSS ran tests using exploits requiring IE6 and those that did not. For exploits not requiring IE6, the average block rate across all products was 77% with a range of 44% to 98%. For those requiring IE6, the average block rate dropped to 65% with a range of 20% to 100% effectiveness. Enterprises running IE6 should be aware of this discrepancy and evaluate their EPP defenses carefully, given IE6's impact on their attack surface.

Commentary: NSS Labs Research Director Randy Abrams
"The simple detection of malware is insufficient to cope with the multitude of attacks that companies face today; for example, Facebook and Apple have both recently fallen prey to Java exploits that resulted in breaches," said Randy Abrams, Research Director at NSS Labs. "With phishing and targeted drive-by attacks (ambiguously referred to as watering hole attacks) targeting users who may be outside perimeter defenses, endpoint protection products are often the last line of defense and criminals can -- and do -- use obfuscation techniques to evade malware detection. Most Endpoint protection products are dealing well with evasions for the exploits they detect, however there is still a lot of room for improvement in the detection of known exploit attempts and simply detecting exploits alone falls short of the protection needed by today's enterprises."

To read more NSS Labs research and reports, visit www.nsslabs.com.

About NSS Labs, Inc.
NSS Labs, Inc. is the world's leading information security research and advisory company. We deliver a unique mix of test-based research and expert analysis to provide our clients with the information they need to make good security decisions. CIOs, CISOs, and information security professionals from many of the largest and most demanding enterprises rely on NSS Labs' insight, every day. Founded in 1991, the company is located in Austin, Texas. For more information, visit www.nsslabs.com.

© 2013 NSS Labs, Inc. All rights reserved. All brand, product and service names are the trademarks, registered trademarks, or service marks of their respective owners.

Add to Digg Bookmark with del.icio.us Add to Newsvine

More Stories By Marketwired .

Copyright © 2009 Marketwired. All rights reserved. All the news releases provided by Marketwired are copyrighted. Any forms of copying other than an individual user's personal reference without express written permission is prohibited. Further distribution of these materials is strictly forbidden, including but not limited to, posting, emailing, faxing, archiving in a public database, redistributing via a computer network or in a printed form.

@ThingsExpo Stories
For basic one-to-one voice or video calling solutions, WebRTC has proven to be a very powerful technology. Although WebRTC’s core functionality is to provide secure, real-time p2p media streaming, leveraging native platform features and server-side components brings up new communication capabilities for web and native mobile applications, allowing for advanced multi-user use cases such as video broadcasting, conferencing, and media recording.
Smart Cities are here to stay, but for their promise to be delivered, the data they produce must not be put in new siloes. In his session at @ThingsExpo, Mathias Herberts, Co-founder and CTO of Cityzen Data, discussed the best practices that will ensure a successful smart city journey.
Web Real-Time Communication APIs have quickly revolutionized what browsers are capable of. In addition to video and audio streams, we can now bi-directionally send arbitrary data over WebRTC's PeerConnection Data Channels. With the advent of Progressive Web Apps and new hardware APIs such as WebBluetooh and WebUSB, we can finally enable users to stitch together the Internet of Things directly from their browsers while communicating privately and securely in a decentralized way.
"Tintri was started in 2008 with the express purpose of building a storage appliance that is ideal for virtualized environments. We support a lot of different hypervisor platforms from VMware to OpenStack to Hyper-V," explained Dan Florea, Director of Product Management at Tintri, in this SYS-CON.tv interview at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York City, NY.
Data is an unusual currency; it is not restricted by the same transactional limitations as money or people. In fact, the more that you leverage your data across multiple business use cases, the more valuable it becomes to the organization. And the same can be said about the organization’s analytics. In his session at 19th Cloud Expo, Bill Schmarzo, CTO for the Big Data Practice at Dell EMC, introduced a methodology for capturing, enriching and sharing data (and analytics) across the organization...
Manufacturers are embracing the Industrial Internet the same way consumers are leveraging Fitbits – to improve overall health and wellness. Both can provide consistent measurement, visibility, and suggest performance improvements customized to help reach goals. Fitbit users can view real-time data and make adjustments to increase their activity. In his session at @ThingsExpo, Mark Bernardo Professional Services Leader, Americas, at GE Digital, discussed how leveraging the Industrial Internet and...
Data is the fuel that drives the machine learning algorithmic engines and ultimately provides the business value. In his session at 20th Cloud Expo, Ed Featherston, director/senior enterprise architect at Collaborative Consulting, will discuss the key considerations around quality, volume, timeliness, and pedigree that must be dealt with in order to properly fuel that engine.
Why do your mobile transformations need to happen today? Mobile is the strategy that enterprise transformation centers on to drive customer engagement. In his general session at @ThingsExpo, Roger Woods, Director, Mobile Product & Strategy – Adobe Marketing Cloud, covered key IoT and mobile trends that are forcing mobile transformation, key components of a solid mobile strategy and explored how brands are effectively driving mobile change throughout the enterprise.
IoT is at the core or many Digital Transformation initiatives with the goal of re-inventing a company's business model. We all agree that collecting relevant IoT data will result in massive amounts of data needing to be stored. However, with the rapid development of IoT devices and ongoing business model transformation, we are not able to predict the volume and growth of IoT data. And with the lack of IoT history, traditional methods of IT and infrastructure planning based on the past do not app...
With major technology companies and startups seriously embracing IoT strategies, now is the perfect time to attend @ThingsExpo 2016 in New York. Learn what is going on, contribute to the discussions, and ensure that your enterprise is as "IoT-Ready" as it can be! Internet of @ThingsExpo, taking place June 6-8, 2017, at the Javits Center in New York City, New York, is co-located with 20th Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry p...
"LinearHub provides smart video conferencing, which is the Roundee service, and we archive all the video conferences and we also provide the transcript," stated Sunghyuk Kim, CEO of LinearHub, in this SYS-CON.tv interview at @ThingsExpo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
Internet of @ThingsExpo, taking place June 6-8, 2017 at the Javits Center in New York City, New York, is co-located with the 20th International Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. @ThingsExpo New York Call for Papers is now open.
The 20th International Cloud Expo has announced that its Call for Papers is open. Cloud Expo, to be held June 6-8, 2017, at the Javits Center in New York City, brings together Cloud Computing, Big Data, Internet of Things, DevOps, Containers, Microservices and WebRTC to one location. With cloud computing driving a higher percentage of enterprise IT budgets every year, it becomes increasingly important to plant your flag in this fast-expanding business opportunity. Submit your speaking proposal ...
"There's a growing demand from users for things to be faster. When you think about all the transactions or interactions users will have with your product and everything that is between those transactions and interactions - what drives us at Catchpoint Systems is the idea to measure that and to analyze it," explained Leo Vasiliou, Director of Web Performance Engineering at Catchpoint Systems, in this SYS-CON.tv interview at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York Ci...
WebRTC is the future of browser-to-browser communications, and continues to make inroads into the traditional, difficult, plug-in web communications world. The 6th WebRTC Summit continues our tradition of delivering the latest and greatest presentations within the world of WebRTC. Topics include voice calling, video chat, P2P file sharing, and use cases that have already leveraged the power and convenience of WebRTC.
20th Cloud Expo, taking place June 6-8, 2017, at the Javits Center in New York City, NY, will feature technical sessions from a rock star conference faculty and the leading industry players in the world. Cloud computing is now being embraced by a majority of enterprises of all sizes. Yesterday's debate about public vs. private has transformed into the reality of hybrid cloud: a recent survey shows that 74% of enterprises have a hybrid cloud strategy.
Discover top technologies and tools all under one roof at April 24–28, 2017, at the Westin San Diego in San Diego, CA. Explore the Mobile Dev + Test and IoT Dev + Test Expo and enjoy all of these unique opportunities: The latest solutions, technologies, and tools in mobile or IoT software development and testing. Meet one-on-one with representatives from some of today's most innovative organizations
DevOps is being widely accepted (if not fully adopted) as essential in enterprise IT. But as Enterprise DevOps gains maturity, expands scope, and increases velocity, the need for data-driven decisions across teams becomes more acute. DevOps teams in any modern business must wrangle the ‘digital exhaust’ from the delivery toolchain, "pervasive" and "cognitive" computing, APIs and services, mobile devices and applications, the Internet of Things, and now even blockchain. In this power panel at @...
Data is the fuel that drives the machine learning algorithmic engines and ultimately provides the business value. In his session at Cloud Expo, Ed Featherston, a director and senior enterprise architect at Collaborative Consulting, discussed the key considerations around quality, volume, timeliness, and pedigree that must be dealt with in order to properly fuel that engine.
The WebRTC Summit New York, to be held June 6-8, 2017, at the Javits Center in New York City, NY, announces that its Call for Papers is now open. Topics include all aspects of improving IT delivery by eliminating waste through automated business models leveraging cloud technologies. WebRTC Summit is co-located with 20th International Cloud Expo and @ThingsExpo. WebRTC is the future of browser-to-browser communications, and continues to make inroads into the traditional, difficult, plug-in web co...