Targeted malware When malware targets your organization and user base – whether in the form of web injection, session-hijacking, or other methods – the ability to both detect and protect against these malicious attacks in real-time is paramount. And being able to protect your entire user base via a clientless solution becomes all the more critical, particularly given the number of devices from which users transact online. While detecting the many varieties of targeted malware – whether it be Zeus, Carberp, Citadel, Gozi, SpyEye, Torpig, amongst others – is in many cases achievable by either client-side software or even server-side solutions – the ability to meaningfully protect organizations and their users in real-time is still problematic. Removing malware from infected devices is not the answer, as the more malicious versions cannot be removed, beyond even the risk of reinfection.
- WebSafe and MobileSafe are able to detect all malware types, whether targeted or generic in nature. By identifying any changes to the genuine web or mobile application – as well using honeypots to draw out generic malware – organizations are able to identify which of their users are infected, with what malicious code, while also gleaning critical information about the attacker’s C&C, drop zones, and more.
- WebSafe and MobileSafe employ advanced application-level encryption of all key user data, such that any potentially compromised information will be rendered worthless to the attacker. A one-time Public and Private key ensure that only the organization is able to decrypt the data.