Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

3/14/2012
12:40 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Silver Tail Systems Introduces Profile Analyzer To Protect Websites From Cyberattacks And Fraud

Solution provides real-time analysis of both individual user behavior and crowd behavior

Menlo Park, CA – March 14, 2012 – Silver Tail Systems, the leading provider of web session intelligence, today announced Profile Analyzer, the world’s first product to provide real-time analysis of both individual user behavior and crowd behavior on websites to identify malicious activity online. The pace of innovation delivered by websites has expanded the capabilities and value delivered by financial services and ecommerce companies to their customer base. However, it has also prompted cybercriminals to look for new ways to exploit web functionality to commit fraud and other attacks.

“Traditional monitoring and end point protection tools are not keeping up with the rapid advancements of cybercriminals. Organizations are under great pressure to protect their businesses and remain compliant with industry regulations while embracing innovation. Real- time analysis of user behavior is essential to achieving these goals,” said Nick Edwards, Vice President, Marketing, at Silver Tail Systems. “Customers need full context of their users’ behavior to accurately determine what is legitimate web behavior and what is suspicious. Profile Analyzer provides that level of visibility, helping customers unlock the new capabilities afforded by innovation on the web without compromising security.”

Profile Analyzer builds upon Silver Tail Systems’ ability to identify anomalous web session behavior by enabling individual user behaviors to be modeled against their own past usage history on the website to determine if their activity is legitimate or suspicious. This approach combines the baseline established by the entire crowd’s website history with the context of specific users, increasing accuracy and response times to online threats.

In a recent Forrester report, Chenxi Wang, Ph.D., Vice President and Principal Analyst, writes that “Business analytics have changed the way that companies do business and approach decision-making. Security event data and logs are already approaching pervasive. But to derive accurate intelligence that you can act on, security analytics must be contextual.”1

Parameter Injection detection is also included with Profile Analyzer. Parameter Injection detection utilizes analytics to identify users being targeted by malware that modifies legitimate website content in the browser to request sensitive information such as social security numbers, debit card numbers, pin numbers and more without the users’ knowledge.

“Our mission is to provide fans a safe, convenient place to get tickets to events they want to see, and an easy way to sell their tickets when they can't go. Maintaining integrity with our users’ marketplace is paramount,” said Robert Capps, Senior Manager of Trust and Safety at

1 The Extended Enterprise: A Security Journey, Forrester Research, Inc., November 9, 2011.StubHub. “With Profile Analyzer we can monitor behavior on our platform and arm ourselves with the intelligence we need to identify fraudsters and protect our customers.”

About Silver Tail Systems, Inc.

Silver Tail Systems is a leading provider of web session intelligence and protects the world’s leading websites against fraud and cyber attacks at the navigation layer. Silver Tail Systems' award-winning solutions are made possible by the unmatched expertise of its management and technology teams, who bring deep experience, know-how and personal commitment to protect their customers' businesses against online fraud. For more information, visit Silver Tail Systems at www.silvertailsystems.com.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Edge-DRsplash-10-edge-articles
7 Old IT Things Every New InfoSec Pro Should Know
Joan Goodchild, Staff Editor,  4/20/2021
News
Cloud-Native Businesses Struggle With Security
Robert Lemos, Contributing Writer,  5/6/2021
Commentary
Defending Against Web Scraping Attacks
Rob Simon, Principal Security Consultant at TrustedSec,  5/7/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-29623
PUBLISHED: 2021-05-13
Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. A read of uninitialized memory was found in Exiv2 versions v0.27.3 and earlier. Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying th...
CVE-2021-32917
PUBLISHED: 2021-05-13
An issue was discovered in Prosody before 0.11.9. The proxy65 component allows open access by default, even if neither of the users has an XMPP account on the local server, allowing unrestricted use of the server's bandwidth.
CVE-2021-32918
PUBLISHED: 2021-05-13
An issue was discovered in Prosody before 0.11.9. Default settings are susceptible to remote unauthenticated denial-of-service (DoS) attacks via memory exhaustion when running under Lua 5.2 or Lua 5.3.
CVE-2021-32919
PUBLISHED: 2021-05-13
An issue was discovered in Prosody before 0.11.9. The undocumented dialback_without_dialback option in mod_dialback enables an experimental feature for server-to-server authentication. It does not correctly authenticate remote server certificates, allowing a remote server to impersonate another serv...
CVE-2021-32920
PUBLISHED: 2021-05-13
Prosody before 0.11.9 allows Uncontrolled CPU Consumption via a flood of SSL/TLS renegotiation requests.