Web security has changed a lot in the past few years. It is no longer good enough to take a desktop antivirus scan engine and scan web content. URL filtering isn’t enough. It is not enough to put HTTP security on your corporate gateway.
The reason its not good enough to have a HTTP security gateway should be rather obvious. People go home. People travel. People work at client sites. People work at the Starbucks. An increasingly mobile workforce necessitates a mobile security solution.
URL filtering isn’t enough. URL filtering is reactionary and there are many new sites each day. When a legitimate site is compromised, URL filtering can categorize it as a malware serving site and block it. But how quickly will the site be rechecked after the virus is clean? Viruses are showing up on otherwise legitimate sites.
Sites can be compromised through lack of patching, through SQL Infection. In several cases advertising networks have inadvertently included malicious content. Some sites are potentially insecure by design. Web 2.0 sites accept user provided content with little controls in place. While some URL filtering solutions are better than others, it is an incomplete solution at best.
Some web security solutions are merely URL filtering combined with a desktop antivirus engine. I don’t think we need to rehash the failure of the antivirus engine. But there is better technology.
The best web security solutions (such as the Rustyice Solutions solution) include zero day protection as more than a marketing term. A web malware scanner is looking at the context of the file. The site its on. The number of requests for the file. The history.
Its then running it through heuristics in a way much more accurate than any desktop heuristic.
The web is a ready avenue of attack. Strengthened defenses against email and network attacks have left http the prime target for attackers.
Its a good time to be looking at alternative solutions. I think that SaaS web security has hit the sweet spot in what Gartner would call the hype cycle. Its at that point where you’re still on the leading edge but not on the bleeding edge.