Increasingly, organizations are relying on web and mobile channels to communicate and engage with customers and partners. So often we focus our security efforts on the internal infrastructure, we forget that web portals and mobile applications offer an easy way into enterprises. Many consumer-facing websites are targeted as the first step to a broader attack on an enterprise. Many of us are leaving that door wide open.
Today RSA launched the next generation of RSA Web Threat Detection, which is designed to help organizations shore-up that front door by providing enhanced visibility into what’s occurring across the website and the mobile channel. The sheer amount of traffic seen across a website can be overwhelming. Security and fraud teams need insight into these sessions at each step: when an end user begins their session, through login, transactions – and everywhere in between. Criminals try to hide among the noise of the general population’s traffic looking for holes in the business logic of the web application, attempting fraudulent transactions, probing for vulnerabilities or injecting malicious code.
As engineered, RSA Web Threat Detection shines a light on web session data and provides real-time analytics and threat scoring to identify the criminals from customers. Streaming all sessionized web data combined with transactional analytics scoring enables powerful integration into big-data initiatives and other security products, for cross-channel analysis and deeper understanding of the threat landscape. This is vastly important to help security and fraud teams prioritize and focus their efforts across the thousands of alerts they receive every day from multiple systems.
If the website is your front door, your mobile channels are open windows. Many organizations are operating under the mantra, “mobile first”. End users demand access to their information and accounts wherever, whenever and from whatever device they are carrying in their pocket. As more and more business goes mobile, cybercriminals have shifted their efforts to this channel – making it more important than ever to secure those windows. RSA Web Threat Detection is built to now add visibility into native mobile applications to offer insight into mobile browser activity and allows organizations to create mobile specific rules that will help close the windows on the threats originating in this rapidly increasing channel.
Greater insight into the online threat environment supports faster and more accurate detection of Web threats so security analysts can spend more focused time on monitoring the highest priority threats and proactively protecting their organization. In combination with enhanced mobile visibility, better threat detection across groups and the power to stream web intelligence, RSA Web Threat Detection drives a more effective defense strategy across fraud and information security teams.
Web and mobile applications are the front door and windows to an organization – it’s important to see what’s happening so you can separate welcome guests (customers) from dangerous intruders.
Interested in learning more, check-out these assets:
- RSA Web Threat Detection Overview Video: http://youtu.be/fYnxySlad64
- Countering Cyber Threats By Monitoring “Normal” Website Behavior: http://www.emc.com/collateral/data-sheet/h13317-ds-countering-cyber-threats.pdf
- 2014 Threat Detection Checklist: Six Ways To Tell a Criminal From a Customer http://www.emc.com/collateral/solution-overview/h13318-so-2014-threat-detection-checklist.pdf