SUNNYVALE, Calif., Feb. 28, 2011 /PRNewswire/ -- Zscaler today released its Q4 2010 State of the Web report, which details the enterprise threat landscape and the variety of web-based issues facing Internet users. Q4 saw shifts in the sources of enterprise web traffic, and even saw some popular sites attempt to improve user security. However, attackers continued to focus on social engineering attacks and circumventing legacy enterprise security systems.
Here are some of the top findings detailed in the latest Zscaler State of the Web report:
- Local apps are generating more direct HTTP and HTTPS traffic: Not all web traffic comes from browsers, and as this traffic shifts, web threats have a new attack vector.
- Internet Explorer 6 is on the decline in the enterprise. While this mitigates the security risks of the old browser platform, it could lead to a shift in attacks.
- Google is actively attempting to thwart search engine optimization (SEO) spam and fake AV attacks, the topmost Internet threats today. However, most users remain exposed to these threats.
- More sites, like Facebook and Gmail, are moving to HTTPS delivery. This is good for preventing sidejacking, but it allows savvy attackers a way to bypass traditional network-based security controls like IDS/IPS, which cannot decrypt traffic for inspection.
"Attackers know the limits of traditional security solutions," says Michael Sutton, VP of Security Research at Zscaler. "But they are also very good at taking advantage of emerging technologies and new vectors for attack. Standalone user applications, social engineering attacks, and the move to HTTPS all have the potential to introduce new threats. Now more than ever, enterprise security solutions must inspect traffic in real time, all the time, regardless of source, to provide true protection."
Zscaler's Security as a Services (SaaS) architecture, consisting of over 40 global enforcement nodes, means that Zscaler sees and prevents tens of thousands of attacks every day. Thanks to their NanoLog technology, which allows granular logging without storage or network overhead, Zscaler can provide real-time reporting at the transaction level, giving their research team the ability to identify new threats and new trends.
To obtain a copy of the Zscaler State of the Web report, please visit: http://www.zscaler.com/zscaler-state-of-the-web-q4-2010.html.
Zscaler's Cloud security solution enforces business policy for Web and email, mitigates risk, and provides twice the functionality of traditional solutions at a fraction of the cost. Through a multi-tenant, globally deployed infrastructure with over 40 data centers worldwide, Zscaler enables organizations to create and enforce security policy for every user, on any device, over any network. For more information, visit www.Zscaler.com.
Paula Dunne, Press Relations
Office: +1-408-776-1400, Mobile: +1-408-893-8750
Zscaler®, and the Zscaler Logo are trademarks of Zscaler, Inc. in the United States. All other trademarks, trade names or service marks used or mentioned herein belong to their respective owners.