Say Hello To Hybrid, Cloud Is So Yesterday

When we thought cloud was just beginning to take hold as the new buzz word, it seems the industry has already started moving away from cloud and moving towards a new buzz word, "Hybrid". The idea behind "hybrid" is to combine both on premise equipment along with a cloud offering into an integrated solution that solves the secure web gateway needs of both the on-site workers as well as the remote office and traveling workers.

The on premise appliance or gateway solution would continue to protect on-site workers, while the cloud offering (aka SaaS offering) would protect smaller remote offices that can't justify the expense of an appliance, along with protecting traveling and remote workers.

The big benefit to hybrid would be integrated reporting and management, that is the ability to get a unified report for all users in a single reporting infrastructure, and the ability to manage policy for both appliance and cloud from a single interface. This seems to be the direction many proxy vendors are starting to head towards so don't be surprised when you see the term hybrid in the latest advertising from secure web gateway vendors.

Websense Selects Image-Analyzer

Websense announced last week that they selected Image-Analyzer, a company that has a product with the ability scan images and determine their appropriateness for the corporate or organization, essentially another layer of protection for those companies that block pornography.

Right now, it's just an announcement of a partnership, but the eventual goal for Websense is to include the technology in their Triton solution. There's no date for when this will be accomplished yet, so stay tuned.

Image analysis technology isn't new, it's been around for a while, and this company in particular has been in existence since 2005. The reason technology like this hasn't gotten more traction in the past has been the latency involved in scanning images, as well as what has traditionally been extremely high false positive rates. It remains to be seen how Websense handles these issues when they integrate image analysis into their product.

Heidi Klum, More Dangerous Than You Think

McAfee recently came out with a list of the most dangerous celebrities. That is when you search for them on the Internet. Apparently searching for Heidi Klum gives you a 1 in 10 chance of landing on a malicious website. The top five most dangerous celebrities are:

1. Heidi Klum

2. Cameron Diaz

3. Piers Morgan

4. Jessica Biel

5. Katherine Heigl

All of which is a good reminder, why web security is so important, and making sure the secure web gateway or web proxy has protection against malware and phishing.

Your car, the next target for malware?

Last week McAfee released a new report talking about cars, and specifically car electronics as the likely next target for hackers who spread malware. While it still seems far-fetched today, as cars become more sophisticated, they are beginning to have complete computer systems, and while much of that is hidden from the driver, it will become more and more visible and interactive with the driver. Even my car today, has voice recognition, and interfaces with my cell phone to get me directions, news, weather stock quotes, etc, all given back to me through bluetooth, transferred directly through the radio's speaker system. So an attack if it's targeted like an APT, is certainly a possibility in the near future on car electronics.

The question though is what's in it for the hacker? As most know today, hackers today are driven by money, and creating malware is generally tied to making money in some manner. But where's the money in hacking a car? You could certainly hack a car and cause an accident, but until money or identity can be remotely retrieved from a person's vehicle, attacks on individual cars, probably remains unlikely, other than just as a curiosity.

Typo Squatting

While a lot of the mainstream press is calling this the latest attack vector, it's actually not new. Phishing attacks have long used the typo squatting method, basically relying on close, but misspelled domain names to capture personal information. The latest attack is being reported as new only because of they way the attack is implemented. Rather than imitating the domain's login page to capture login information from an unsuspecting user, the latest attack uses a pop up survey to collect personal identifying information, perhaps with the reasoning that an end-user will be less security conscious with a survey than they would with a fake login page.

As always, the best protection for threats like these is a good secure web gateway or web proxy, with the latest in malware and phishing protection. And because users aren't always on the organization's network, a good mobile or cloud solution should be available from your secure web gateway vendor as well.

Reverse Proxy Make A Comeback

It seems the latest news in the proxy world is all about Web Application Firewalls (WAF). It just goes to show you that everything old is new again. WAFs are of course nothing more than souped up reverse proxies, which were the rage when the dot com boom came about. Reverse proxies were used to prevent overload on webservers and distributed the web load to proxy servers that not only cached content, but also protected the web servers to some degree.

In today's world the WAF, is a bit more sophisticated in that there's more malware and more cybercrime in the world. The good news is that most reverse proxy vendors out there have improved their offering to include protection against schemes like SQL injection and Cross site scripting (XSS), regardless of whether they use the fancy new WAF terminology to label themselves as such. Also today's WAF or reverse proxy supports SSL proxy, important because more and more webservers today rely on SSL as a base protocol, rather than the exception.

So if you're trying to protect your webservers, remember to check out WAFs as well as reverse proxies, since reverse proxies probably do more than you remember them doing in the past.