Malicious Code: Dynamic and Obfuscated

Previously, enterprises experienced static attacks. Small, unknown Web sites served malicious code, so it was fairly easy to define a signature and to block it with an Anti-Virus solution. Today, cybercriminals develop dynamic and obfuscated code; serving it from legitimate Web sites and Web 2.0 sites. These dynamic attacks heighten the infection ratio and minimize the chance of detection by Anti-Virus, URL filtering and reputation-based services.

Web pages aren't the only place cybercriminals are placing malicious code. Rich-content file types such as PDF and Flash are also popular targets. M86 Security's Acrobat Flash and PDF content inspection features also enable the detection and prevention of active content embedded in rich content types, in real time.

The unpredictable and shifting nature of these techniques require organizations to detect and block malware in real time, before it enters the network.

M86 Security's patented, active, real-time code inspection combats these dynamic and obfuscated attacks. M86's Secure Web Gateway solutions inspect inbound and outbound Web traffic, regardless of its originating URL and without signature matching, preventing data-stealing malware from infiltrating networks and laptops.

M86 Security's unique technology scans each and every piece of incoming and outgoing Web content in HTTP/HTTPS/FTP to detect and block crimeware, malware, trojans, targeted attacks and other malicious Web content, even when hiding in SSL traffic. The active content's behavior-profile — built in real time — is compared to the security policy.

Inspected content remains encrypted when entering and exiting the appliance, ensuring that unencrypted traffic doesn't leave the appliance, avoiding leaked data.