Outbound Attack Simulator Uncovers80 Percent of Web Gateway Solutions Miss 80 Percent of Malicious Outbound Communication
Seculert, the leader in attack detection and analytics, today announced new findings that 80 percent of secure web gateways installed by Fortune 1000 companies miss 80 percent of malicious outbound communications. The critical gaps in organizations’ defense systems were uncovered after hundreds of tests with global enterprises with the recently launched Seculert Javelin Attack Simulator, the industry’s first attack simulator for web gateways.
The Seculert Javelin Attack Simulator is an easy-to-use tool that allows IT and security professionals to determine how well their secure web gateways, next-generation firewalls and proxies prevent the latest, real-world attacks from communicating with a perpetrator’s command and control servers. The Javelin test results are based on Seculert’s unique knowledge of the latest, real-world attack behavior observed from Seculert’s Attack Detection Platform. The Javelin attack simulator provides immediate visibility on the gateway’s response to each simulated attack. Javelin users can then apply the associated “fix” to their gateway to allow it to contain attacks should live versions subsequently appear.
After conducting hundreds of tests with Fortune 1000 companies, the Seculert Javelin Attack Simulator consistently uncovered significant holes in the secure web gateway solutions companies had deployed. The secure web gateways examined included those from Barracuda, BlueCoat, Fortinet, Cisco, Intel/McAfee, Palo Alto Networks, Forcepoint/Websense and Zscaler. The tool replicated attacks from the 12 latest and most dangerous threats, discovered via Seculert’s Attack Detection Platform, on an organization’s gateway, through individual attack communication simulations. Key findings include:
- 80 percent of secure web gateways tested blocked 0-2 of the 12 threats
- 15 percent blocked 3-9 threats
- Five percent blocked 10-12 threats
“With the increasing sophistication of today’s cyber attacks, anyone and everyone is vulnerable, even with a ‘secure’ web gateway in place,” said Richard Greene, CEO of Seculert. “The Javelin Attack Simulator brings unique visibility into how an organization’s security posture is performing to the fingertips of the IT team – all in a matter of minutes. It’s critical for organizations to understand if their defenses have holes, what type of attacks could communicate out and how to remediate the problem.”