Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

3/10/2011
03:10 PM
50%
50%

M86 Launches SMB Security Suite

Packaged for organizations with up to 500 seats, M86's new Web and email security software runs on Windows Server or in virtualized environments.

12 Money Saving Tech Tips For SMBs
(click image for larger view)
Slideshow: 12 Money Saving Tech Tips For SMBs

M86 Security on Thursday debuted a new software suite designed to protect Web and email traffic on the networks of small and midsize businesses.

The M86 SMB Security Suite includes the company's M86 MailMarshal Secure Email Gateway, M86 WebMarshal, M86 Filter List, and M86 Marshal Reporting Console products. The package ships as software that can run on Windows Server or in virtualized environments and supports up to 500 users, the company said.

The rise of automated toolkits and other factors have shifted the threat balance from email to Web traffic, and traditional filtering approaches no longer work for SMBs, according to Paul Myer, M86's senior vice president of corporate development.

"What used to be considered just an enterprise or big business problem has made its way down -- everybody's being affected," Myer said in an interview. "The requirements for small business when it comes to malware are no different than a large enterprise."

The threat landscape has exploded in such a way that, from Myer's vantage point, the hacking trade is worth a multiple of the network security industry. That has made SMBs more sought-after prey: Even though a small company hack might not come with the same bragging rights as a Fortune 500 break-in, the data can be every bit as lucrative when aggregated over time.

"It used to be people just showing off: 'Hey, I can hack you and cause problems for you.' It's a legitimate business now," Myer said. "There are people all around the world who get up every morning and this is what they do for a living."

To identify exploits, M86's SMB platform taps into the same threat labs that serve the company's enterprise customers. Customers have the option of using Sophos or Norman antivirus modules with the WebMarshal portion of the suite. M86 also enables policy-based rules that govern both email and Web behavior on a corporate network, including controls that can limit user actions on social media sites. Rather than block Facebook entirely, for example, an admin could simply prevent employees from posting updates or uploading files to the site. Pricing is subscription-based at $25 per user, per year. Myer said M86 will offer multi-year discounts.

The M86 SMB Security Suite does not protect mobile devices unless they're connected to the corporate network, though Myer said the company is working on something in that vein. "We realize there's a challenge with mobile devices, and we're working to bring out products for that, but we don't have them on the market yet," he said.

Myer believes the mobile security challenge derives from a very specific source: "We trace it directly to the popularity of the iPad," he said. "Even in organizations that are all Windows-based, you've got executives now bringing iPads into the workplace and asking IT administrators to support that. It's not being driven by IT -- it starts at the upper executive levels and they're driving that into the IT infrastructure."

Myer said M86 has focused its mobile product development on iOS because of the iPad's early leadership in the tablet market, but the company sees Android and other operating systems complicating mobile security in the not-too-distant future. "We can see that tsunami coming," Myer said. "It's a cat-and-mouse game. We're just trying to stay in front of it."

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Edge-DRsplash-10-edge-articles
7 Old IT Things Every New InfoSec Pro Should Know
Joan Goodchild, Staff Editor,  4/20/2021
News
Cloud-Native Businesses Struggle With Security
Robert Lemos, Contributing Writer,  5/6/2021
Commentary
Defending Against Web Scraping Attacks
Rob Simon, Principal Security Consultant at TrustedSec,  5/7/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-16632
PUBLISHED: 2021-05-15
A XSS Vulnerability in /uploads/dede/action_search.php in DedeCMS V5.7 SP2 allows an authenticated user to execute remote arbitrary code via the keyword parameter.
CVE-2021-32073
PUBLISHED: 2021-05-15
DedeCMS V5.7 SP2 contains a CSRF vulnerability that allows a remote attacker to send a malicious request to to the web manager allowing remote code execution.
CVE-2021-33033
PUBLISHED: 2021-05-14
The Linux kernel before 5.11.14 has a use-after-free in cipso_v4_genopt in net/ipv4/cipso_ipv4.c because the CIPSO and CALIPSO refcounting for the DOI definitions is mishandled, aka CID-ad5d07f4a9cd. This leads to writing an arbitrary value.
CVE-2021-33034
PUBLISHED: 2021-05-14
In the Linux kernel before 5.12.4, net/bluetooth/hci_event.c has a use-after-free when destroying an hci_chan, aka CID-5c4c8c954409. This leads to writing an arbitrary value.
CVE-2019-25044
PUBLISHED: 2021-05-14
The block subsystem in the Linux kernel before 5.2 has a use-after-free that can lead to arbitrary code execution in the kernel context and privilege escalation, aka CID-c3e2219216c9. This is related to blk_mq_free_rqs and blk_cleanup_queue.