Blue Coat Expands Malware Defenses In WebPulse Service

Blue Coat has added to the service a mal-PDF scanner and mal-script detector

September 16, 2010

3 Min Read


SUNNYVALE, Calif., September 13, 2010 – Blue Coat Systems, Inc. (Nasdaq: BCSI), the technology leader in Application Delivery Networking, today announced that it has expanded the malware defenses in its cloud-based WebPulse™ service to provide customers with more timely and comprehensive protection against Web-based threats. The new defenses in WebPulse are immediately available to all users without requiring software downloads or updates.

“The speed with which malware and malicious content evolves demands a defense that can move equally as fast,” said Roger Harrison, director of data quality at Blue Coat Systems. “With the WebPulse service, Blue Coat provides customers with a defense that can be rapidly expanded in response to new threats, attack vectors and malicious content to immediately and seamlessly protect more than 70 million users in real time.”

As Web-based threats continue to rapidly evolve and new content is added to the Internet, it is important that Web defenses be just as agile. In the past 90 days alone, Blue Coat has added more than 100 new detection rules to the WebPulse service to target malicious traffic, such as botnets and exploit kits, and to more quickly identify new and unknown content. Roughly 65 percent of these new rules are designed to help identify malware and its sources, typically targeting traffic from a specific malware ring or botnet. Blue Coat malware experts continuously analyze intelligence from the WebPulse service to fine tune and expand these detection rules, eliminating the need for customers to become experts in all Web defenses.

Additionally, Blue Coat has developed and added to the WebPulse service a mal-PDF scanner to protect users from exploit sources that include malicious PDF files targeting specific vulnerabilities in Acrobat and Acrobat Reader. This scanner flags mal-PDFs in real time and PDFs that are merely suspicious for additional background research. The mal-PDF scanner recently protected WebPulse users from several attacks in which malicious PDFs were served to innocent Websites via an infected advertising server.

To provide further intelligence about malicious and suspicious content, Blue Coat has added a mal-script detector to the background processes of the WebPulse service. The detector logs JavaScript from the millions of Web pages that are requested every day. Using this intelligence, Blue Coat researchers can identify the characteristics that are indicative of suspicious behavior and create appropriate defenses. This new detector recently identified and protected WebPulse users from a network of suspicious download sites with heavily encrypted fake AV scanner exploits.

These new defenses augment existing WebPulse defenses, such as malware signature and behavioral scanners, proprietary malware behavioral analyzers and statistical analysis techniques, real-time proprietary Phishing detection engines, Web reputation algorithms and third-party intelligence sources, to categorize new and unknown content, identify malware and protect more users. To match the speed with which malicious sites change their domains, the Blue Coat WebPulse service also utilizes advanced fingerprinting modules that quickly recognize when similar sites appear on new servers. These techniques, coupled with unparalleled visibility into the real-time requests of 70 million users, make WebPulse the most comprehensive Web security defense available.

About Blue Coat Systems

Blue Coat Systems is the technology leader in Application Delivery Networking. Blue Coat offers an Application Delivery Network Infrastructure that provides the visibility, acceleration and security required to optimize and secure the flow of information to any user, on any network, anywhere. This application intelligence enables enterprises to tightly align network investments with business requirements, speed decision making and secure business applications for long-term competitive advantage. For additional information, please visit

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights