Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

3/14/2012
12:40 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Silver Tail Systems Introduces Profile Analyzer To Protect Websites From Cyberattacks And Fraud

Solution provides real-time analysis of both individual user behavior and crowd behavior

Menlo Park, CA – March 14, 2012 – Silver Tail Systems, the leading provider of web session intelligence, today announced Profile Analyzer, the world’s first product to provide real-time analysis of both individual user behavior and crowd behavior on websites to identify malicious activity online. The pace of innovation delivered by websites has expanded the capabilities and value delivered by financial services and ecommerce companies to their customer base. However, it has also prompted cybercriminals to look for new ways to exploit web functionality to commit fraud and other attacks.

“Traditional monitoring and end point protection tools are not keeping up with the rapid advancements of cybercriminals. Organizations are under great pressure to protect their businesses and remain compliant with industry regulations while embracing innovation. Real- time analysis of user behavior is essential to achieving these goals,” said Nick Edwards, Vice President, Marketing, at Silver Tail Systems. “Customers need full context of their users’ behavior to accurately determine what is legitimate web behavior and what is suspicious. Profile Analyzer provides that level of visibility, helping customers unlock the new capabilities afforded by innovation on the web without compromising security.”

Profile Analyzer builds upon Silver Tail Systems’ ability to identify anomalous web session behavior by enabling individual user behaviors to be modeled against their own past usage history on the website to determine if their activity is legitimate or suspicious. This approach combines the baseline established by the entire crowd’s website history with the context of specific users, increasing accuracy and response times to online threats.

In a recent Forrester report, Chenxi Wang, Ph.D., Vice President and Principal Analyst, writes that “Business analytics have changed the way that companies do business and approach decision-making. Security event data and logs are already approaching pervasive. But to derive accurate intelligence that you can act on, security analytics must be contextual.”1

Parameter Injection detection is also included with Profile Analyzer. Parameter Injection detection utilizes analytics to identify users being targeted by malware that modifies legitimate website content in the browser to request sensitive information such as social security numbers, debit card numbers, pin numbers and more without the users’ knowledge.

“Our mission is to provide fans a safe, convenient place to get tickets to events they want to see, and an easy way to sell their tickets when they can't go. Maintaining integrity with our users’ marketplace is paramount,” said Robert Capps, Senior Manager of Trust and Safety at

1 The Extended Enterprise: A Security Journey, Forrester Research, Inc., November 9, 2011.StubHub. “With Profile Analyzer we can monitor behavior on our platform and arm ourselves with the intelligence we need to identify fraudsters and protect our customers.”

About Silver Tail Systems, Inc.

Silver Tail Systems is a leading provider of web session intelligence and protects the world’s leading websites against fraud and cyber attacks at the navigation layer. Silver Tail Systems' award-winning solutions are made possible by the unmatched expertise of its management and technology teams, who bring deep experience, know-how and personal commitment to protect their customers' businesses against online fraud. For more information, visit Silver Tail Systems at www.silvertailsystems.com.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
Former CISA Director Chris Krebs Discusses Risk Management & Threat Intel
Kelly Sheridan, Staff Editor, Dark Reading,  2/23/2021
Edge-DRsplash-10-edge-articles
Security + Fraud Protection: Your One-Two Punch Against Cyberattacks
Joshua Goldfarb, Director of Product Management at F5,  2/23/2021
News
Cybercrime Groups More Prolific, Focus on Healthcare in 2020
Robert Lemos, Contributing Writer,  2/22/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Building the SOC of the Future
Building the SOC of the Future
Digital transformation, cloud-focused attacks, and a worldwide pandemic. The past year has changed the way business works and the way security teams operate. There is no going back.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-27132
PUBLISHED: 2021-02-27
SerComm AG Combo VD625 AGSOT_2.1.0 devices allow CRLF injection (for HTTP header injection) in the download function via the Content-Disposition header.
CVE-2021-25284
PUBLISHED: 2021-02-27
An issue was discovered in through SaltStack Salt before 3002.5. salt.modules.cmdmod can log credentials to the info or error log level.
CVE-2021-3144
PUBLISHED: 2021-02-27
In SaltStack Salt before 3002.5, eauth tokens can be used once after expiration. (They might be used to run command against the salt master or minions.)
CVE-2021-3148
PUBLISHED: 2021-02-27
An issue was discovered in SaltStack Salt before 3002.5. Sending crafted web requests to the Salt API can result in salt.utils.thin.gen_thin() command injection because of different handling of single versus double quotes. This is related to salt/utils/thin.py.
CVE-2021-3151
PUBLISHED: 2021-02-27
i-doit before 1.16.0 is affected by Stored Cross-Site Scripting (XSS) issues that could allow remote authenticated attackers to inject arbitrary web script or HTML via C__MONITORING__CONFIG__TITLE, SM2__C__MONITORING__CONFIG__TITLE, C__MONITORING__CONFIG__PATH, SM2__C__MONITORING__CONFIG__PATH, C__M...