Risk-Management : Business Risk Information : Analytics :
Security Threats Outside the Firewall that Pose Hazards to Customers
August 7, 2014 02:00 PM
Platform Automates Global Discovery, Assessment and Intelligence Gathering to Remediate Malware Planted in Company’s Websites and Mobile Apps
RiskIQ, the company that reveals enterprise risks outside the firewall, has announced an automated platform with global reach that enables organizations to discover, scan for malware and gather threat intelligence on all websites and mobile apps that are legitimately or illegally associated with their business. The technology provides companies with actionable intelligence needed to prevent criminals from exploiting their brands to plant attacks that target unsuspecting users. RiskIQ will demonstrate its platform this week at Black Hat USA booth 122.
“The current incident prevention/response approach for information security lacks the ability to see threats that target users of a company’s websites and mobile apps. What’s needed instead is an ‘Advanced Detection’ model that can automate the monitoring and discovery of risks outside the firewall,” said Jon Oltsik, Senior Principal Analyst at ESG. “The RiskIQ technology supports Advanced Detection by enabling organizations to automate the continuous discovery and scanning of web and mobile app properties associated with their brand. By doing so, they can detect threats that put their customers at risk. In this way, RiskIQ can help address fraud and other types of attacks that are carried out by compromising a company’s online assets.”
In a recent assessment of the more than 27,000 websites associated with the top five healthcare companies in the US, the RiskIQ service discovered that 16 percent had broken SSL certificates and 77 percent contained pages that were either inactive, redirecting traffic or broken. This snapshot illustrates the scale of the problem that large companies face in trying to keep track of their legitimate web properties, police them for malware and identify sites that may be impersonating their brand.
Real Time, Automated, Global Discovery
The RiskIQ platform deploys a worldwide network of software-based virtual users to automatically discover and inventory websites, online ads and mobile apps that are legitimately or fraudulently linked to a company or any of its brands. RiskIQ’s continuous discovery capabilities can identify all instances associated with a company on the internet including those on third party sites, in embedded and referring URLs, and across 90 different app stores.
Session and DOM Capture
For each discovered asset, RiskIQ automatically captures full session and document object data (DOM) to create a dynamic inventory of its attributes (registration date, owner, geography, etc.). This global visibility enables organizations to conclusively know and manage their web and mobile foot print.
Risk and Malware Detection
To pinpoint a company’s web and mobile assets that are posing a risk to its customers, RiskIQ’s virtual user software interacts with web pages, launches mobile apps and follows embedded URLs the way a human user would. This technology disarms evasion techniques used by malware to hide from traditional web crawlers and mobile app scanning agents. RiskIQ automatically and continuously assesses/classifies each web page for the presence of malware, malicious advertisements, capturing of personally identifiable information, etc. It also discovers copycat, malicious and data stealing mobile apps.
“For most companies, maintaining an inventory and policing their websites and mobile apps for malware and brand infringement is manually impossible. Nevertheless, they’re still responsible for detecting and taking down threats that place users at risk,” said Elias Manousos, CEO of RiskIQ. “We enable companies to immediately regain visibility and control over their web and mobile resources, including those that are usurping their brand, to keep them free of malware and other threats.”
Threat Intelligence and Analytics
To help enterprises manage, audit and uncover threat patterns across their web and mobile assets, RiskIQ provides an intelligence and analytics dashboard populated with three years of current and historical threat data. It enables users to run Big Data queries across their web and mobile assets for expired SSL certificates, third party scripts and cookies, instances of malware, typo squatting, exploit kits and more. RiskIQ can be used to discover co-occurrences, such as the presence of a specific malware across all assets, and to perform compliance assessments.
Availability and Pricing
The RiskIQ platform for Web and Mobile is available immediately from RiskIQ and its business partners. Pricing is based on volume and frequency of examined assets.
RiskIQ detects online threats that exploit customers and damage enterprise brands. The company discovers and continuously analyzes web and mobile assets from the user perspective to detect malware, fraud and brand infringements. RiskIQ’s cloud service is used by eight of the 10 largest financial institutions in the U.S. and five of the nine leading Internet companies in the world. The company is headquartered in San Francisco and is backed by Battery Ventures and Summit Partners.