Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

3/14/2012
12:40 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Silver Tail Systems Introduces Profile Analyzer To Protect Websites From Cyberattacks And Fraud

Solution provides real-time analysis of both individual user behavior and crowd behavior

Menlo Park, CA – March 14, 2012 – Silver Tail Systems, the leading provider of web session intelligence, today announced Profile Analyzer, the world’s first product to provide real-time analysis of both individual user behavior and crowd behavior on websites to identify malicious activity online. The pace of innovation delivered by websites has expanded the capabilities and value delivered by financial services and ecommerce companies to their customer base. However, it has also prompted cybercriminals to look for new ways to exploit web functionality to commit fraud and other attacks.

“Traditional monitoring and end point protection tools are not keeping up with the rapid advancements of cybercriminals. Organizations are under great pressure to protect their businesses and remain compliant with industry regulations while embracing innovation. Real- time analysis of user behavior is essential to achieving these goals,” said Nick Edwards, Vice President, Marketing, at Silver Tail Systems. “Customers need full context of their users’ behavior to accurately determine what is legitimate web behavior and what is suspicious. Profile Analyzer provides that level of visibility, helping customers unlock the new capabilities afforded by innovation on the web without compromising security.”

Profile Analyzer builds upon Silver Tail Systems’ ability to identify anomalous web session behavior by enabling individual user behaviors to be modeled against their own past usage history on the website to determine if their activity is legitimate or suspicious. This approach combines the baseline established by the entire crowd’s website history with the context of specific users, increasing accuracy and response times to online threats.

In a recent Forrester report, Chenxi Wang, Ph.D., Vice President and Principal Analyst, writes that “Business analytics have changed the way that companies do business and approach decision-making. Security event data and logs are already approaching pervasive. But to derive accurate intelligence that you can act on, security analytics must be contextual.”1

Parameter Injection detection is also included with Profile Analyzer. Parameter Injection detection utilizes analytics to identify users being targeted by malware that modifies legitimate website content in the browser to request sensitive information such as social security numbers, debit card numbers, pin numbers and more without the users’ knowledge.

“Our mission is to provide fans a safe, convenient place to get tickets to events they want to see, and an easy way to sell their tickets when they can't go. Maintaining integrity with our users’ marketplace is paramount,” said Robert Capps, Senior Manager of Trust and Safety at

1 The Extended Enterprise: A Security Journey, Forrester Research, Inc., November 9, 2011.StubHub. “With Profile Analyzer we can monitor behavior on our platform and arm ourselves with the intelligence we need to identify fraudsters and protect our customers.”

About Silver Tail Systems, Inc.

Silver Tail Systems is a leading provider of web session intelligence and protects the world’s leading websites against fraud and cyber attacks at the navigation layer. Silver Tail Systems' award-winning solutions are made possible by the unmatched expertise of its management and technology teams, who bring deep experience, know-how and personal commitment to protect their customers' businesses against online fraud. For more information, visit Silver Tail Systems at www.silvertailsystems.com.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
Inside the Ransomware Campaigns Targeting Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
Commentary
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-0488
PUBLISHED: 2021-04-15
In pb_write of pb_encode.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-178754781
CVE-2021-27129
PUBLISHED: 2021-04-15
CASAP Automated Enrollment System version 1.0 contains a cross-site scripting (XSS) vulnerability through the Students > Edit > ROUTE parameter.
CVE-2021-27544
PUBLISHED: 2021-04-15
Cross Site Scripting (XSS) in the "add-services.php" component of PHPGurukul Beauty Parlour Management System v1.0 allows remote attackers to execute arbitrary code by injecting arbitrary HTML into the "sername" parameter.
CVE-2021-27545
PUBLISHED: 2021-04-15
SQL Injection in the "add-services.php" component of PHPGurukul Beauty Parlour Management System v1.0 allows remote attackers to obtain sensitive database information by injecting SQL commands into the "sername" parameter.
CVE-2020-7270
PUBLISHED: 2021-04-15
Exposure of Sensitive Information in the web interface in McAfee Advanced Threat Defense (ATD) prior to 4.12.2 allows remote authenticated users to view sensitive unencrypted information via a carefully crafted HTTP request parameter. The risk is partially mitigated if your ATD instances are deploye...