According to the company's TRACElabs, blended threats have grown from peaking at 42 percent of spam in Q4 2008 to 58 percent at the end of Q1 2009. Blended threats, which utilize well-engineered email messages with often sensationalist subject lines to encourage users to click on the URL links to sites infected with malware, have been utilized more by attackers because current email and Web security solutions are not able to effectively and consistently block them. In fact, TRACElabs estimates that during the four days of RSA 2009, the number of blended threats will increase by 25,500,000 each day based on the current growth rate of blended email attacks on the Internet.
"Most malware these days comes in the form of a blended attack " innocent looking email containing a link to a malicious Web site," says Carol Baroudi, research director, Aberdeen Group. "As a result, products that simply scan email attachments looking for the malware aren't going to detect it. Web filters that focus on content aren't going to find it. You need something that can actually look at a link inside an email message and determine if that link is pointing to a dangerous site."
Based on Avinti's unique behavior-based technology, Marshal8e6's Blended Threat Module for MailMarshal SMTP and R3000 products will provide organizations a cloud-based service to stop blended threats. The service, which uses centralized intelligence to identify Web sites that distribute malware, will provide frequent updates to both products to block emails that contain malicious links as well as block user access to malicious Web sites.
"While most organizations have some malware protection on their email gateway, many don't have the ability to catch blended threats, and their Web gateways don't block Web-based malware hosted on legitimate but hacked sites," said John Vigouroux, CEO, Marshal8e6. "As part of Marshal8e6's enterprise-class email and Web security solutions, Avinti's technology is the critical zero-day malware detection capability that we needed to protect all inbound and outbound communications streams."
Marshal8e6's Blended Threat Module will enhance the accuracy and effectiveness of Marshal8e6's existing email and Web security solutions. The new data stream will be delivered as an automated feed from the cloud-based Blended Threat Service into a new threat category in Marshal8e6's extensive URL Library, the backbone for the company's Web filtering technology, including the R3000 appliance. As a result, Marshal8e6's Web and email solutions will be capable of blocking malware threats not detected by signature-based solutions, providing true protection from zero-day threats, malware variants, targeted attacks and blended threats.
Availability The Blended Threat Module for MailMarshal SMTP and the R3000 will be available as an optional service that installs easily and connects to Marshal8e6's in-the-cloud Blended Threat Service. Both services will be available in the third quarter of 2009.
More information on blended threats and Marshal8e6's new Blended Threat Module are available at the Marshal8e6 Booth #723 at RSA 2009, April 20-23, and the following week at Stand # G15 at Infosecurity Europe 2009, April 28 " 30.
About Marshal8e6 Marshal8e6 is a global provider of Secure Web Gateway (SWG) and email security products. We are the only security company able to provide integrated, reliable and effective enterprise-class multi-layered solutions. Our deep expertise in Web and email allows us to correlate real-time threat intelligence to protect organizations from current and emerging threats. With 20,000 customers and 16 million end users in 96 countries, the company is privately held and based in Orange, California with international headquarters in London and offices worldwide. For more information about Marshal8e6, please visit http://www.marshal8e6.com.