M86 Security Announces Rebranded and Enhanced Secure Web Gateway Appliances from Finjan

M86 Security, a global provider of Web and messaging security products, today announced that the newly branded M86 Security Secure Web Gateway, obtained from its acquisition of Finjan, will be available in the first quarter of 2010. Today's product news comes quickly after last week's release of Predictions 2010, a report on M86 Security Lab's expectations for Web and messaging-based threats for the coming year. The new Secure Web Gateway appliance will provide vital protection for medium to large organizations from Web-based threats, which are expected to grow in 2010. With this product, M86 Security becomes the largest Web security appliance vendor in the world.

M86's Web security products protect organizations from online threats including Trojans, spyware, scareware, botnets, blended threats and other malware. The Finjan technology provides enhanced protection with active real-time content inspection and code analysis technology. In addition, its anti-crimeware and anti-malware technology protects against malware specialized to penetrate Web 2.0 technologies. The new Secure Web Gateway product will continue to maintain Finjan's hardware and software base to ensure a smooth transition for new and existing customers.

The addition of the Finjan Secure Web Gateway product line rounds out M86's security offerings for Web security by adding to the company's appliance and software offerings. Said Michael Osterman, principal of Osterman Research, "With the addition of the Finjan Secure Web Gateway appliance and cloud services to their portfolio, M86 is now well positioned in the Web security market with software, cloud and appliance-based offerings for small, medium and large organizations."

M86's acquisition of Finjan establishes the company as the largest Web security appliance vendor based on revenue. According to an August 2009 IDC forecast about worldwide Web Security vendor shares from 20081, M86 Security's and Finjan's combined Web security appliance revenue amounts to $47 million, exceeding McAfee, BlueCoat, Imperva and Barracuda during the same timeframe.

"One of the goals of the Finjan deal was to acquire the best technology in the business in order to improve our stance as the recognized leader in comprehensive inbound and outbound content security," said William Kilmer, Chief Marketing Officer, M86 Security. "The Secure Web Gateway is the first of our product line integrations that will deliver on this promise and provide unmatched protection for our customers."

To Purchase 8e6 Technologies Product Visit http://www.8e6security.com

M86 Security Issues Predictions 2010 Report

M86 Security, a leading global provider of Web and messaging security products, today released Predictions 2010, a report on its expectations for Web and messaging-based threats for the coming year. The report is based on M86 Security Lab's extensive research into the current trends in threats over the past year and its views on the major vulnerabilities facing organizations. The report highlights the increasing sophistication of traditional threats such as botnets, scareware, compromised legitimate Web sites and blended threats. However, it also projects what the company sees are new threat vectors coming from open API's in Web 2.0 applications, the increased use of shortened URLs and the advent of non-Latin based domain names.

On the heels of a year filled with widespread exploits, including PushDo and Zbot trojans that have been reported on by M86 Security Labs, security professionals should apply lessons learned and brace themselves to combat an increase in the volume of attacks and new innovations in 2010. Specific 2010 security predictions from M86 Labs are as follows:

* Botnets Grow in Sophistication: Botnets continue to be a major problem, driving the majority of spam output and mass Web site attacks. Botnets have moved away from traditional IRC-based command and control, in favor of HTTP or other custom protocols, utilizing Twitter, Google and Facebook.
* Continued Rise of Scareware: Scareware is a traditional tactic that grew popular in the second half of 2009 because of its effectiveness. Consumers are prompted to download malicious software through convincingly crafted anti-malware landing pages. In 2010, these attacks should escalate, as the look and feel of scareware pages get updated and criminals find new ways to reach users.
* Poisoning Search Engine Results: A growing trend is the use of Search Engine Optimization (SEO) techniques to drive users to Web pages hosting malicious code. Also known as SEO poisoning, the technique aims to elevate malicious landing pages in search engine results rankings to ensure a steady supply of victims. The technique is commonly paired with scareware to capitalize on users' trust in search engines.
* Evolution of Web Site Infections: The standard attack vector for cybercriminals is to compromise legitimate Web sites to spread malware. In 2010, the majority of malicious behavior will reside on legitimate Web sites that have been compromised by various scripts and worms.
* Setting Sights on SaaS and Cloud Services: Cloud computing and SaaS have exploded in popularity during 2009, leading to a vast increase in service offerings. As a result, more and more corporate data is being stored outside of the network, making it difficult for IT administrators to have direct control over the data. In 2010, cybercriminals will target the larger cloud-based providers and attacks will increase.
* Exploiting Third Party Applications: Cybercriminals commonly exploit highly deployed third party applications, such as Adobe Flash and Acrobat Reader. The ability to embed one file type in another will result in more complex attacks gaining popularity in 2010, due to the ability to evade detection mechanisms.
* International Domain Name Abuse: In 2009, ICANN approved the registration of Internationalized Domain Names, enabling the use of non-Latin characters in domain names. As a result, phishing attacks should rise, as cybercriminals can register phony Web sites with URLs that are nearly indistinguishable from legitimate ones.
* Attacking Application Programming Interfaces: Social networks such as Twitter and Facebook are extending their services for third party development through the use of application programming interfaces (APIs). There is an implicit level of trust provided through the use of APIs, granting access to user profiles and data, so the threats that target them are likely to increase in 2010.
* URL Shortening Services Hide Nefarious Means: The popularity of Twitter and link sharing has given rise to URL shortening services that reduce the number of characters needed to parse a link. However, these services enable cybercriminals to spread spam and malware by obfuscating the destination of posted links.

"Looking back at some successes in 2009, the security industry was successful in disabling the Mega-D botnet and eliminating significant spam hosting and service providers," said Bradley Anstis, vice president of technical strategy, M86 Security. "However, the volume of spam and Web requests continues to grow and eclipses the levels seen before these takedowns. The first step in preventing serious Web abuse and widespread infection through the Web and other means is awareness of the threats. That is why M86 Security Labs is proud to share insight culled from our ongoing research in the Predictions 2010 report."

To Purchase 8e6 Technologies Product Visit http://www.8e6security.com

M86 Security Has Been Awarded the ‘Gold’

M86 Security, a global provider of Web and messaging security products, today announced that MailMarshal SMTP was found to have the highest level of spam detection in a study done by Virus Bulletin, the leading independent testing organization for anti-virus and anti-spam products.

In the side-by-side test performed by Virus Bulletin, a total of 14 products were tested. MailMarshal SMTP achieved a 99.62 percent Spam Detection rate, the highest of all the products tested, and was awarded the "Gold" level of certification. The anti-spam certification recently announced was for the November 2009 test.

Virus Bulletin's Anti-spam Test Director Martijn Grooten said, "With another increase in the number of products tested this month, the benchmarks used for this test were again stricter than in previous tests. At least one product reported better numbers, but won a lower-level award than in the last test. With developers of all products constantly improving their solutions, the competition is hotter than ever."

"We are very pleased that our MailMarshal SMTP product continues to be recognized for its industry-leading performance in spam detection," said Werner Thalmeier, M86 Security's Vice President of Product Management. "Our 'defense-in-depth' spam engine is well known for excellent protection with few false positives. Given that we achieved the highest spam detection of the test group before the introduction of our new features, such as the Blended Threat Module™ and IP Reputation which will further boost MailMarshal's spam and malware detection capabilities, is all the more impressive."

The accolades for MailMarshal come just in time to provide some assurance to customers in advance of Cyber Monday. A contender as one of the busiest online traffic days of the year, Cyber Monday is also subsequently one of the biggest spam days of the year.

"With people carrying heavier workloads and at their desks for longer hours, IT administrators have come to terms with the idea that employees will use corporate resources to conduct personal activities, putting corporate resources under greater threat," says Bradley Anstis, Vice President of Technical Strategy and Head of the M86 Security Labs. "That said, with Cyber Monday looming, now is the time to remind employees to be vigilant when online. Deal-seeking employees should be mindful of email and online ads touting hard-to-believe deals and while conventional wisdom also advises to steer clear of unknown or unfamiliar merchants, people need to remember that even mainstream Web sites could fall victim to enterprising hackers who have injected malicious code into areas of the merchant's Web site."

To Purchase 8e6 Technologies Product Visit http://www.8e6security.com

M86 Security Releases MailMarshal

M86 Security, a global provider of Web and messaging security products, today announced the availability of MailMarshal SMTP 6.7 which includes IP Reputation and the Blended Threat ModuleTM, the industry's first integrated "in the cloud" malware protection and blended threat offering. Staking its claim as the strongest threat protection approach available on the market today, MailMarshal SMTP 6.7 combines content security, Defense-in-Depth anti-spam engine, blended threat detection and IP reputation analysis and applies it to both inbound and outbound email communication.

Notoriously devious, blended threats defeat or bypass traditional gateway antivirus and spam solutions by replacing malicious attachments with a URL link to a legitimate-looking Website that often executes automated, drive-by downloads that infect users and expose them to vulnerability exploits. Blended threat emails often employ social engineering techniques and clever designs to lure recipients into clicking on the link that then triggers the infection. Once infected, a barrage of malicious activity can take place - from stealing confidential information and data leakage to setting up botnets to execute further criminal activity.

The new release of MailMarshal SMTP including the Blended Threat Module is the first M86 Security product to fully interact with the behavioral malware detection technology from Avinti, acquired by M86 earlier this year. The intelligence from the cloud-based Blended Threat Knowledge Service is also incorporated into the company's WebMarshal and R3000 Web Security products to enhance the blocking of malicious Websites.

"Blended threats are the most prominent malicious email security threat to organizations today. In fact, according to recent research from M86 Security Labs, blended email threats have spiked to exceed 30 percent of all spam, about one in every three messages," said William Kilmer, Chief Marketing Officer, M86 Security (former CEO of Avinti). "We are proud to offer a unique service that can solve a significant and recognized industry problem."

Behavioral malware technology provides the best countermeasure to prevent blended threats from entering the network. MailMarshal SMTP 6.7 is a comprehensive messaging security solution that unifies anti-spam, email threat protection, content security, policy enforcement and data leakage prevention. Powered by M86 Security's Defense-in-Depth anti-spam engine, MailMarshal SMTP 6.7 filters all incoming and outgoing email at the gateway perimeter.

"Blended threats are a growing threat to email," said David Ferris, President and Senior Analyst, Ferris Research. "M86 Security has an interesting and promising approach to suppressing this type of malware."

MailMarshal SMTP 6.7 includes two other significant capabilities: the M86 IP Reputation Service and SpamBotCensor. The M86 IP Reputation Service is derived from the M86 Security Labs and blocks incoming spam based on the sending IP address reputation to dramatically decrease bandwidth previously consumed by spam, freeing up network and IT resources for other business-critical functions. SpamBotCensor uses M86 Security Labs' vast knowledge of botnets to identify and block bot-based spam with a high degree of accuracy.

New features in MailMarshal SMTP 6.7

* Blended Threat Module - goes beyond traditional, signature-based antivirus offerings to block emails that contain malicious URL links and utilizes a cloud-based malware behavior analysis service for rapid identification of new malicious links.
* M86 IP Reputation Service - accurately rejects the majority of spam messages an organization would normally receive before the messages are transmitted to an organization's email gateway.
* SpamBotCensor - quickly and accurately identifies spam messages sent by known botnets. The M86 Security Labs was the first security research team to prove that 80-90 percent of the world's spam is produced by a handful of botnets - SpamBotCensor is a proprietary solution which builds on this research to block spam with near-zero false positives.

To Purchase 8e6 Technologies Product Visit http://www.8e6security.com

M86 Security Acquires Finjan

M86 Security, a global provider of Web and messaging security products, today announced the acquisition of Finjan, a leading provider of secure Web gateway solutions for the enterprise market. This acquisition adds Finjan's line of enterprise-class secure Web gateway and SaaS-based solutions to M86 Security's portfolio of Email and Web security solutions and significantly enhances the company's malware detection technology.

Under the terms of the agreement, M86 acquires Finjan's global operations, products, and technology, which merge into M86 Security effective immediately. The company will maintain a development center and operations in Netanya, Israel. M86 will also merge Finjan's security labs, Malicious Code Research Center, into M86 Security Labs, forming a comprehensive Email and Web threat research organization. As part of the agreement, M86 Security acquires a license to Finjan's patents.

M86 Security was formed by the November 2008 merger of Marshal and 8e6 Technologies. Finjan is the company's second acquisition in the last six months, following the March 2009 acquisition of behavioral malware detection company Avinti, Inc. The acquisition grows M86 Security's employee base to just more than 300 employees.

"We are very pleased to add Finjan's technology, products, customers and employees to the M86 team," said John Vigouroux, chief executive officer at M86 Security. "With M86's complementary Email security and reporting products and worldwide distribution, we anticipate a broad opportunity for Finjan's enterprise-class Web security solutions to existing and new customers."

Mr. Vigouroux joined M86 in April 2009 from his position as President and CEO of Finjan. Recently, the company had also hired Werner Thalmeier as vice president of product management. Thalmeier previously held the same position at Finjan. "With my own knowledge of Finjan's business, coupled with Werner's deep technical knowledge of the products, we're confident about our aggressive plan to integrate its secure Web gateway into the M86 product line," Vigouroux added.

The Finjan acquisition is well-timed for M86 as Web-based threats have increased dramatically to become the main point of attack. Many organizations are looking to implement malware protection in addition to existing Web filtering strategies.

According to Gartner, "The Web gateway represents the best location not only to filter inbound threats but also to intercept outbound malware communications, before vital information is lost. However, fewer than 20 percent of organizations have implemented malware detection in Web gateways. Implementing a secure Web gateway is the most effective and economical method to minimize malware infections." *

Finjan provides active real-time content inspection and code analysis technology focused on identifying malware delivered inbound through the Web channel. In addition, Finjan's Anti-Crimeware and Anti-Malware protection protects against Web 2.0-based malware. This technology addresses one of the most important entry points for malware into the business network and provides effective protection of Web threats that are not recognized by traditional signature-based technologies.

"We are very excited to see Finjan become part of M86 Security," said Gadi Maier, president and CEO of Finjan Software, Inc. "Finjan is well known for its advanced malware detection technology and leading secure Web gateway and hybrid SaaS solutions. Integrating it into M86's broader Web and messaging product lines and utilizing its worldwide distribution is a win-win for M86 Security and Finjan."

"The acquisition of Finjan supports our strategy to become the recognized leader in comprehensive inbound and outbound content security," added Vigouroux. "With their real-time code analysis and our behavior-based malware detection, M86 now offers industry-leading threat protection technologies on both the Web and Email, and can provide an effective way to enable these technologies on appliances, software, or in the cloud."

To Purchase 8e6 Technologies Product Visit http://www.8e6security.com

M86 Security Offers Free Year Subscription for Charities in EMEA

M86 Security, a global provider of Web and messaging security products, has announced a one time offer for charities in the EMEA region. Registered Charities that sign up to use WebMarshal 6.5 by the end of December will get a year's subscription for free*.
WebMarshal is a Secure Web Gateway solution is used by organizations of all sizes around the globe to address the full spectrum of Web-based security threats as well as the many requirements and issues that arise in managing workplace Internet use.



For organizations with a high proportion of temporary employees or volunteers, WebMarshal is ideally suited to reinforcing the company's Internet security by monitoring and restricting access to Webmail and Websites unless they are required for work-related tasks. Blocking bandwidth-hungry and malicious sites or implementing usage quotas help reduce bandwidth cost and enforce policies relating to Internet use at work.

"We appreciate that charities have been hard hit by the downturn and need to be very selective about IT investments, but the risk to their data hasn't gone away. We are offering the first ten organizations in each of our sub regions a year's free subscription as long as they can proof that they are a registered charity," said Nick Hawkins, Vice President of EMEA Sales, M86 Security

"WebMarshal addresses critical security concerns and bandwidth issues and is ideally suited for IT managers at charities that operate geographically dispersed environments with large numbers of temporary staff or volunteer. WebMarshal is easy to set up, offers all the advantages of centralized management and proactively protects against Web-based threats."

To Purchase 8e6 Technologies Product Visit http://www.8e6security.com

M86 Security™ Receives Behavior-Based Malware Detection Patent

M86 Security, a global provider of Web and messaging security products, today announced that it has been granted a patent from the US Patent and Trademark Office for the use of behavior-based malware detection technology.

The patent, Virus Detection by Executing Email Code in a Virtual Machine, covers the use of malware detection techniques by emulating environments to examine potentially malicious code using virtualization. The patent was issued as number 7,607,171 by the Patent and Trademark Office.

The patent covers real-time detection techniques for email code and applies to technology currently in use by M86 Security, including techniques to determine executable code, determining the environment of destination systems, emulating the environment of the destination system, and monitoring the executable in an emulated environment for the identification of malware.

"Behavior-based malware detection is a strategic differentiator for our business and an important part of our customer offering," said Bradley Anstis, vice president of technology strategy at M86 Security. "There is a need to support existing anti-virus offerings with additional malware detection techniques as malware becomes more sophisticated. We are pleased that the US Patent and Trademark Office has recognized M86 Security's unique contribution to malware detection."

The patent is one of several filed by Avinti Inc, a developer of behavior-based malware detection technology, prior to its acquisition by M86 Security in March 2009. M86 Security has announced that the technology acquired with Avinti would first be used in a cloud-based service to stop blended threat attacks. This service will be brought to market as the Blended Threats ModuleTM an optional service to M86 Security's flagship email filtering product, MailMarshal. M86 Security will announce general availability of this module in early November.

To Purchase 8e6 Technologies Product Visit http://www.8e6security.com