Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

3/14/2012
12:40 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Silver Tail Systems Introduces Profile Analyzer To Protect Websites From Cyberattacks And Fraud

Solution provides real-time analysis of both individual user behavior and crowd behavior

Menlo Park, CA – March 14, 2012 – Silver Tail Systems, the leading provider of web session intelligence, today announced Profile Analyzer, the world’s first product to provide real-time analysis of both individual user behavior and crowd behavior on websites to identify malicious activity online. The pace of innovation delivered by websites has expanded the capabilities and value delivered by financial services and ecommerce companies to their customer base. However, it has also prompted cybercriminals to look for new ways to exploit web functionality to commit fraud and other attacks.

“Traditional monitoring and end point protection tools are not keeping up with the rapid advancements of cybercriminals. Organizations are under great pressure to protect their businesses and remain compliant with industry regulations while embracing innovation. Real- time analysis of user behavior is essential to achieving these goals,” said Nick Edwards, Vice President, Marketing, at Silver Tail Systems. “Customers need full context of their users’ behavior to accurately determine what is legitimate web behavior and what is suspicious. Profile Analyzer provides that level of visibility, helping customers unlock the new capabilities afforded by innovation on the web without compromising security.”

Profile Analyzer builds upon Silver Tail Systems’ ability to identify anomalous web session behavior by enabling individual user behaviors to be modeled against their own past usage history on the website to determine if their activity is legitimate or suspicious. This approach combines the baseline established by the entire crowd’s website history with the context of specific users, increasing accuracy and response times to online threats.

In a recent Forrester report, Chenxi Wang, Ph.D., Vice President and Principal Analyst, writes that “Business analytics have changed the way that companies do business and approach decision-making. Security event data and logs are already approaching pervasive. But to derive accurate intelligence that you can act on, security analytics must be contextual.”1

Parameter Injection detection is also included with Profile Analyzer. Parameter Injection detection utilizes analytics to identify users being targeted by malware that modifies legitimate website content in the browser to request sensitive information such as social security numbers, debit card numbers, pin numbers and more without the users’ knowledge.

“Our mission is to provide fans a safe, convenient place to get tickets to events they want to see, and an easy way to sell their tickets when they can't go. Maintaining integrity with our users’ marketplace is paramount,” said Robert Capps, Senior Manager of Trust and Safety at

1 The Extended Enterprise: A Security Journey, Forrester Research, Inc., November 9, 2011.StubHub. “With Profile Analyzer we can monitor behavior on our platform and arm ourselves with the intelligence we need to identify fraudsters and protect our customers.”

About Silver Tail Systems, Inc.

Silver Tail Systems is a leading provider of web session intelligence and protects the world’s leading websites against fraud and cyber attacks at the navigation layer. Silver Tail Systems' award-winning solutions are made possible by the unmatched expertise of its management and technology teams, who bring deep experience, know-how and personal commitment to protect their customers' businesses against online fraud. For more information, visit Silver Tail Systems at www.silvertailsystems.com.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
Inside the Ransomware Campaigns Targeting Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
Commentary
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-3243
PUBLISHED: 2021-04-15
Wfilter ICF 5.0.117 contains a cross-site scripting (XSS) vulnerability. An attacker in the same LAN can craft a packet with a malicious User-Agent header to inject a payload in its logs, where an attacker can take over the system by through its plugin-running function.
CVE-2021-29448
PUBLISHED: 2021-04-15
Pi-hole is a Linux network-level advertisement and Internet tracker blocking application. The Stored XSS exists in the Pi-hole Admin portal, which can be exploited by the malicious actor with the network access to DNS server. See the referenced GitHub security advisory for patch details.
CVE-2021-30138
PUBLISHED: 2021-04-15
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
CVE-2021-27112
PUBLISHED: 2021-04-15
LightCMS v1.3.5 contains a remote code execution vulnerability in /app/Http/Controllers/Admin/NEditorController.php during the downloading of external images.
CVE-2021-20288
PUBLISHED: 2021-04-15
An authentication flaw was found in ceph in versions before 14.2.20. When the monitor handles CEPHX_GET_AUTH_SESSION_KEY requests, it doesn't sanitize other_keys, allowing key reuse. An attacker who can request a global_id can exploit the ability of any user to request a global_id previously associa...