Archive for February, 2013

The Predictability of URL Filtering

While changes (fine-tuning) to a heuristic system often have unpredictable consequences, additions to URL filtering are absolutely predictable – it will block one spam campaign and nothing else. For example, consider a legitimate newsletter from drugstore.com (a legitimate retailer) that advertises various health products and perhaps has “free” offers. Many heuristic systems will have trouble accepting this as a legitimate email due to “spam-like” content. Because SpamStopsHere almost completely ignores normal content, this email would not be blocked.

Now consider a spammer that takes the drugstore.com newsletter and changes all URL links from drugstore.com to drugstorerx.com (assuming this is the spammer’s domain and website), and then sends this to a huge email list. This would be a heuristic system’s nightmare. First the spammer’s newsletter would likely not be blocked; then after many user reported the spam, the legitimate newsletter would also be blocked in the future.

With URL filtering, only the drugstorerx.com domain needs to be added to the blocking database. If not already in the blocking database, the SpamStopsHere technology would likely add it automatically and then have its 24/7 staff confirm it.

With URL filtering, the legitimate drugstore.com newsletter will never be blocked while the spammer’s newsletter (with nearly identical content) will be blocked 100%. Also, with URL filtering, the anti-spam vendor can determine precisely what will be blocked by policy. For example, the vendor can decide to block all emails that link to pornographic, casino and betting sites. Without blocking even vulgar personal emails, or discussions about casinos.

, , , , ,

Leave a comment

Built-in Compliance Capabilities

Advanced, built-in security protection and remote auditing help your organization comply with industry security standards, including Payment Card Industry Data Security Standard (PCI DSS), HIPAA, Basel II, and SOX, in a cost-effective way—without requiring multiple appliances, application changes, or rewrites. BIG-IP ASM reports previously unknown threats, such as layer 7 denial-of-service (DoS) and SQL injection attacks, and it mitigates web application threats to shield the organization from data breaches. All reports are GUI-driven and provide drill-down options with a click.

PCI

PCI reporting

With PCI reporting, BIG-IP ASM lists security measures required by PCI DSS 1.2, determines if compliance is being met, and details steps required to become compliant if not.

Geolocation reporting

Geolocation reporting informs you of the country where threats originate in addition to attack type, violation, URL, IP address, severity, and more. You can also schedule reports to be sent to a designated email address automatically for up-to-date reporting.

geoloc

Easy-to-read format for remote auditing

BIG-IP ASM makes security compliance easier and saves valuable IT time by exporting policies in human readable format. The flat, readable XML file format enables auditors to view the policies off site. Auditors working remotely can view, select, review, and test policies without requiring time and support from the web application security administrator.

, , , , , , ,

Leave a comment

%d bloggers like this: