Software provides instant messaging security.
Share:
Press Release Summary:
Utilizing anomaly detection techniques to analyze multiple characteristics of IM-borne worms and other malicious code, Day Zero Defense System provides protection against these threats without traditional security signatures. Attributes such as message frequency, content matching, and URL identification are used to detect malicious behavior and stop infections in real-time. Organizations can proactively identify and stop IM attacks before they occur in all leading IM applications.
Original Press Release:
FaceTime Unveils Next Generation Instant Messaging Security to Provide Enterprises Day-Zero Protection
Reports Twenty-fold Increase in IM, P2P and IRC Attacks in 2005
FOSTER CITY, Calif., Oct. 3 /-- FaceTime Communications, the leader in IM Management solutions, today announced the Day Zero Defense System, a new solution for preventing worms and spyware downloads over enterprise and public instant messaging (IM) networks. The system utilizes anomaly detection techniques to analyze multiple characteristics of IM-borne worms and other malicious code against normal behavior, and provides patent- pending protection against these threats without the need for traditional security signatures. For the first time, organizations can proactively identify and stop IM attacks before they occur in all leading enterprise and public IM applications -- including Lotus Sametime, Microsoft MSN, AOL, Yahoo, and Google Talk.
"Computers can be hijacked without a user's knowledge and buddy lists can be used to send IM messages with links to harmful worms and viruses," said Michael Osterman, founder of Osterman Research. "With FaceTime's technology, enterprises are able to better understand baseline IM usage within their organization and clearly delineate malicious IM behavior instantly."
IM usage in business -- both sanctioned and not -- is growing rapidly. And because IM opens up unsecured channels into the organization, malware creators have not wasted any time in exploiting this growth. FaceTime Security Labs, operating in three research centers worldwide, monitors the frequency and severity of risks posed by viruses, worms and other malware propagating through applications such as instant messaging and P2P file sharing. The labs released metrics today on the continued malicious attacks experienced by IM, IRC and P2P networks. Key findings include:
-- IM, IRC and P2P threats reported through the third quarter ending September 30, 2005 reached over 1,300 incidents, representing more than a twenty-fold increase in the number of incidents recorded for the same period in 2004.
-- In Q3 2005, the frequency of attacks was relatively flat from Q2 2005 levels, but was up over 900% compared to Q1 2005 levels
-- MSN Messenger was the most targeted public instant messaging service receiving more than 3 times the number of attacks on AOL IM and approximately 9 times the number on the Yahoo! Instant messaging service
This dramatic rise in the number of IM threats, the increasing sophistication of IM attacks, and the speed with which they propagate have made day-zero prevention a critical capability for maximizing productivity and reducing the costs associated with IM use in the enterprise.
A new IM threat has the greatest propensity to spread and infect organizations on Day Zero -- immediately after it is released by the creator. IM threats are extremely challenging for corporate IT because they utilize real-time communications channels and proven social engineering techniques to propagate significantly faster than email-based attacks. FaceTime's Day Zero Defense System utilizes attributes such as message frequency, content matching, URL identification and other heuristics to detect malicious behavior and stop infections in real-time - rather than the conventional approach which requires organizations to wait hours or even days for a signature to be created, tested and distributed. Key Components of the Zero Day Defense System include:
-- IM Anomaly Detection -- intelligently monitors IM communications and performs behavioral analysis across multiple attributes including message frequency, content, and message sender to determine anomalies against normal thresholds set by the organization.
-- Zero-Day Policy Management -- Provides administrators complete flexibility in defining the actions to be taken on IM communications when an anomaly is detected, including block, allow, log, send alert, challenge, and more. The system provides comprehensive reporting on all activity.
-- Patent-pending Challenge/Response Technology -- allows administrators to quarantine suspicious IM conversations and initiate a challenge to the sender which requires a human to successfully respond to the challenge. This stops malicious threats created by computer bots and allows uninterrupted delivery of legitimate communications sent by human sources
-- Integration with FaceTime Security Labs -- New threats are automatically reported to researchers for further analysis and evaluation by the largest security team dedicated to IM, P2P and spyware threats.
IM, P2P and spyware applications are part of a category of networked applications that FaceTime calls 'greynets.' Greynets are network-enabled applications that are installed on an end user's system without permission from IT and are highly evasive at the network level.
"We have created a future-proof prevention system that enables our customers to stop new IM based threats before they happen," said Kailash Ambwani, CEO of FaceTime Communications. "Our customers can be confident that legitimate IM messages are being delivered securely and malicious messages are stopped before causing damage to corporate networks and corporate data."
Availability
The Day Zero Defense System is integrated with IMAuditor 6.5.1 and FaceTime Enterprise Edition offerings, and will be available on October 31, 2005.
About FaceTime Communications
Founded in 1998, FaceTime Communications is the leading provider of security solutions for the management and control of Greynet applications such as adware/spyware, instant messaging, P2P file sharing, web conferencing and instant voice. FaceTime Security Labs delivers the industry's first IMPact Index, which assesses "point-in-time" risks posed by viruses, worms and other malware propagating through Greynet applications. FaceTime's award-winning solutions are used by over 500 customers, among them seven of the eight largest U.S. financial institutions. FaceTime also has strategic partnerships with all leading public and private IM network providers, including AOL, Microsoft, Yahoo!, IBM, Bloomberg, Jabber and Reuters. For more information, visit www.facetime.com.
NOTE: FaceTime is a registered trademark of FaceTime Communications, Inc. The FaceTime logo, IMAuditor, IM Director, RTGuardian, RTG, RTMatrix, RTMonitor and RTShield are trademarks of FaceTime Communications Inc. All other trademarks are the intellectual property of their respective owners.
Web site: www.facetime.com/
