|By PR Newswire||
|November 20, 2012 10:30 AM EST||
BEDFORD, Mass., Nov. 20, 2012 /PRNewswire/ --
- RSA® Adaptive Authentication On Premise solution uses a Big Data approach to help combat threats posed by more than 30 million variants of malware targeting end users for account takeover attacks
- According to recent research by Aite Group, in 2011, account takeover attacks costs corporations over $400 million, a number that is expected to grow by 94% in 2016
- The latest version of the RSA Adaptive Authentication On Premise solution is designed to enhance mobile defense and Trojan Detection capabilities and adds innovative ATM channel protection
RSA, The Security Division of EMC (NYSE: EMC), today announced major enhancements to its RSA® Adaptive Authentication On Premise solution designed to help organizations in wide range of industries achieve the right balance of security against advanced threats, like those posed by Zeus, Citadel and the recently discovered Gozi Prinimalka Trojan, without compromising end user experience.
According to recent research by Aite Group, account takeover attacks resulted in over $400 million in losses in 2011, which are expected to grow by 94% to nearly $800 million by 2016. Powered by the RSA® Risk Engine, the RSA Adaptive Authentication solution is engineered to mitigate the risk of account takeover by using a 'Big Data' approach to risk, drawing from a series of more than 100 different risk indicators, including device identification and behavior profiling, to validate user activity. With an estimated 30 million pieces of malware targeting end users for account takeover, the latest RSA Adaptive Authentication solution is built to address changing customer requirements for convenience and ease of use while providing effective security against cybercriminal threats.
Enhanced Trojan Defenses
Organizations are constantly battling new forms of advanced threats. By incorporating additional Trojan detection features including Proxy and HTML injection protection, the RSA Adaptive Authentication On Premise solution is engineered to address Man in the Browser (MITB) and Man in the Middle (MITM), techniques employed by the latest Trojan attacks, including Gozi Prinimalka, in an attempt to compromise end user accounts. With the RSA Adaptive Authentication solution, anomalous interactions are detected and flagged to the organization that can then take action to block, monitor or require additional authentication measures to complete a transaction. RSA Adaptive Authentication includes new features designed to:
- HTML Injection Protection – Detects and flags fraudulent changes to end users' browser display via MITB attacks which attempt to either manipulate payments or harvest additional user credentials like social security number, credit card number or PIN.
- Man vs. Machine Protection – Defends against advanced Trojans using automated script attacks to fraudulently add payees and transfer money to mule accounts. RSA Adaptive Authentication software utilizes innovative Man vs. Machine protection to determine whether mouse or keystroke movements are associated with data input. Additionally, the RSA Adaptive Authentication solution differentiates between users who have the browser auto complete feature turned on and can adjust the risk score accordingly.
- Proxy Attack Detection – Cybercriminals utilize proxy attacks to log on to banks from a proxy IP address that can allow penetration of user accounts via the genuine end user IP to gain positive device identification. RSA Adaptive Authentication solutions determine when a login or transaction is being performed via a proxy which is anomalous to the user by identifying the true IP used, and dynamically adjusts the risk response appropriately.
New Mobile Protections
RSA has updated the RSA Adaptive Authentication On Premise solution's innovative and dedicated risk model to include location awareness and enhanced mobile device identification. Location awareness gathers location data through WiFi, cell tower triangulation and GPS to identify anomalous locations that are new to the user, fraudulent transaction attempts by impossible ground speed differences, and when an access attempt comes from a known high risk location. Additionally, mobile device characteristics are gathered through the RSA Adaptive Authentication platform for a mobile device or directly through a Software Development Kit (SDK).
Automated Teller Machine (ATM) Protection
In addition, the RSA Adaptive Authentication solution now protects against account takeover fraud in the ATM channel by assessing ATM-specific activity including date and time of access, transaction amount, frequency of withdrawal, ATM owner and ID and location of ATM in order to assess risk. With the rise of ATM-based account takeover and mule withdrawal attacks, the RSA Adaptive Authentication solution has been enhanced to detect and monitor against these threats without requiring additional software to be installed on ATM machines.
RSA Executive Quote:
Manoj Nair, General Manager, RSA Identity & Data Protection group
"Account takeover is currently the single most important issue for many of our customers. As sophisticated malware continues to proliferate and cybercriminals evolve their methods, it's our responsibility to quickly adapt to help customers mitigate the threat. The enhancements made to the RSA Adaptive Authentication On Premise solution is part of a cohesive strategy designed to address the changing needs of our customers and mitigate ongoing risks associated with the latest malware hitting online, mobile and ATM channels."
Industry Analyst Quote:
Julie Conroy, Research Director, Aite Group
"The trajectory of cybercrime is increasing at a frightening pace, driven by international organized crime rings intent on financial gain. Organizations that need to protect web resources are looking to security solutions that keep them one step ahead of cybercriminals while also balancing convenience for the end-user."
RSA Adaptive Authentication On Premise 7.0 is available now.
- Learn more aboutRSA® Identity and Data Protection Solutions
- Speaking of Security Blog: Emerging Threats and Account Takeover Fraud Needs an Innovative Defense Approach
- Speaking of Security Podcast: Protecting Banking Users from Online Account Takeover
- Infographic: Managing Fraud with Risk-Based Authentication
- Learn more about Trusted IT from EMC
- Connect with RSA via Twitter, Facebook, YouTube, LinkedIn and the RSA Speaking of Security Blog and Podcast.
RSA, The Security Division of EMC, is the premier provider of security, risk and compliance management solutions for business acceleration. RSA helps the world's leading organizations succeed by solving their most complex and sensitive security challenges. These challenges include managing organizational risk, safeguarding mobile access and collaboration, proving compliance, and securing virtual and cloud environments.
Combining business-critical controls in identity assurance, encryption & key management, SIEM, Data Loss Prevention and Fraud Protection with industry leading eGRC capabilities and robust consulting services, RSA brings visibility and trust to millions of user identities, the transactions that they perform and the data that is generated. For more information, please visit www.EMC.com/RSA.
RSA and EMC are either registered trademarks or trademarks of EMC Corporation in the United States and/or other countries. All other products and/or services referenced are trademarks of their respective companies.
SOURCE EMC Corporation
In high-production environments where release cycles are measured in hours or minutes — not days or weeks — there's little room for mistakes and no room for confusion. Everyone has to understand what's happening, in real time, and have the means to do whatever is necessary to keep applications up and running optimally. DevOps is a high-stakes world, but done well, it delivers the agility and performance to significantly impact business competitiveness.
Dec. 21, 2014 07:00 PM EST Reads: 1,325
"Our premise is Docker is not enough. That's not a bad thing - we actually love Docker. At ActiveState all our products are based on open source technology and Docker is an up-and-coming piece of open source technology," explained Bart Copeland, President & CEO of ActiveState Software, in this SYS-CON.tv interview at DevOps Summit at Cloud Expo®, held Nov 4-6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
Dec. 21, 2014 06:00 PM EST Reads: 2,742
ScriptRock makes GuardRail, a DevOps-ready platform for configuration monitoring. Realizing we were spending way too much time digging up, cataloguing, and tracking machine configurations, we began writing our own scripts and tools to handle what is normally an enormous chore. Then we took the concept a step further, giving it a beautiful interface and making it simple enough for our bosses to understand. We named it GuardRail after its function - to allow businesses to move fast and stay sa...
Dec. 21, 2014 02:30 PM EST Reads: 1,292
The Internet of Things is not new. Historically, smart businesses have used its basic concept of leveraging data to drive better decision making and have capitalized on those insights to realize additional revenue opportunities. So, what has changed to make the Internet of Things one of the hottest topics in tech? In his session at @ThingsExpo, Chris Gray, Director, Embedded and Internet of Things, discussed the underlying factors that are driving the economics of intelligent systems. Discover ...
Dec. 21, 2014 02:00 PM EST Reads: 3,073
SYS-CON Media announced today that Sematext launched a popular blog feed on DevOps Journal with over 6,000 story reads over the weekend. DevOps Journal is focused on this critical enterprise IT topic in the world of cloud computing. DevOps Journal brings valuable information to DevOps professionals who are transforming the way enterprise IT is done. Sematext is a globally distributed organization that builds innovative Cloud and On Premises solutions for performance monitoring, alerting an...
Dec. 21, 2014 01:00 PM EST Reads: 1,228
"BSQUARE is in the business of selling software solutions for smart connected devices. It's obvious that IoT has moved from being a technology to being a fundamental part of business, and in the last 18 months people have said let's figure out how to do it and let's put some focus on it, " explained Dave Wagstaff, VP & Chief Architect, at BSQUARE Corporation, in this SYS-CON.tv interview at @ThingsExpo, held Nov 4-6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
Dec. 21, 2014 01:00 PM EST Reads: 2,612
The major cloud platforms defy a simple, side-by-side analysis. Each of the major IaaS public-cloud platforms offers their own unique strengths and functionality. Options for on-site private cloud are diverse as well, and must be designed and deployed while taking existing legacy architecture and infrastructure into account. Then the reality is that most enterprises are embarking on a hybrid cloud strategy and programs. In this Power Panel at 15th Cloud Expo (http://www.CloudComputingExpo.com...
Dec. 21, 2014 11:30 AM EST Reads: 3,149
Verizon Enterprise Solutions is simplifying the cloud-purchasing experience for its clients, with the launch of Verizon Cloud Marketplace, a key foundational component of the company's robust ecosystem of enterprise-class technologies. The online storefront will initially feature pre-built cloud-based services from AppDynamics, Hitachi Data Systems, Juniper Networks, PfSense and Tervela. Available globally to enterprises using Verizon Cloud, Verizon Cloud Marketplace provides a one-stop shop fo...
Dec. 21, 2014 11:00 AM EST Reads: 2,651
Leysin American School is an exclusive, private boarding school located in Leysin, Switzerland. Leysin selected an OpenStack-powered, private cloud as a service to manage multiple applications and provide development environments for students across the institution. Seeking to meet rigid data sovereignty and data integrity requirements while offering flexible, on-demand cloud resources to users, Leysin identified OpenStack as the clear choice to round out the school's cloud strategy. Additional...
Dec. 21, 2014 11:00 AM EST Reads: 2,782
The move in recent years to cloud computing services and architectures has added significant pace to the application development and deployment environment. When enterprise IT can spin up large computing instances in just minutes, developers can also design and deploy in small time frames that were unimaginable a few years ago. The consequent move toward lean, agile, and fast development leads to the need for the development and operations sides to work very closely together. Thus, DevOps become...
Dec. 21, 2014 10:00 AM EST Reads: 2,790
SYS-CON Events announced today that IDenticard will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. IDenticard™ is the security division of Brady Corp (NYSE: BRC), a $1.5 billion manufacturer of identification products. We have small-company values with the strength and stability of a major corporation. IDenticard offers local sales, support and service to our customers across the United States and Canada...
Dec. 21, 2014 10:00 AM EST Reads: 2,728
SYS-CON Events announced today that Windstream, a leading provider of advanced network and cloud communications, has been named “Silver Sponsor” of SYS-CON's 16th International Cloud Expo®, which will take place on June 9–11, 2015, at the Javits Center in New York, NY. Windstream (Nasdaq: WIN), a FORTUNE 500 and S&P 500 company, is a leading provider of advanced network communications, including cloud computing and managed services, to businesses nationwide. The company also offers broadband, p...
Dec. 21, 2014 08:30 AM EST Reads: 2,945
SYS-CON Events announced today that AIC, a leading provider of OEM/ODM server and storage solutions, will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. AIC is a leading provider of both standard OTS, off-the-shelf, and OEM/ODM server and storage solutions. With expert in-house design capabilities, validation, manufacturing and production, AIC's broad selection of products are highly flexible and are conf...
Dec. 21, 2014 06:30 AM EST Reads: 2,606
The BPM world is going through some evolution or changes where traditional business process management solutions really have nowhere to go in terms of development of the road map. In this demo at 15th Cloud Expo, Kyle Hansen, Director of Professional Services at AgilePoint, shows AgilePoint’s unique approach to dealing with this market circumstance by developing a rapid application composition or development framework.
Dec. 20, 2014 11:00 PM EST Reads: 2,101
SYS-CON Events announced today Isomorphic Software, the global leader in high-end, web-based business applications, will exhibit at SYS-CON's DevOps Summit 2015 New York, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. Isomorphic Software is the global leader in high-end, web-based business applications. We develop, market, and support the SmartClient & Smart GWT HTML5/Ajax platform, combining the productivity and performance of traditional desktop software ...
Dec. 20, 2014 11:00 PM EST Reads: 1,981
AppZero has announced that its award-winning application migration software is now fully qualified within the Microsoft Azure Certified program. AppZero has undergone extensive technical evaluation with Microsoft Corp., earning its designation as Microsoft Azure Certified. As a result of AppZero's work with Microsoft, customers are able to easily find, purchase and deploy AppZero from the Azure Marketplace. With just a few clicks, users have an Azure-based solution for moving applications to the...
Dec. 20, 2014 09:00 AM EST Reads: 1,694
“In the past year we've seen a lot of stabilization of WebRTC. You can now use it in production with a far greater degree of certainty. A lot of the real developments in the past year have been in things like the data channel, which will enable a whole new type of application," explained Peter Dunkley, Technical Director at Acision, in this SYS-CON.tv interview at @ThingsExpo, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
Dec. 20, 2014 08:00 AM EST Reads: 2,254
The cloud is becoming the de-facto way for enterprises to leverage common infrastructure while innovating and one of the biggest obstacles facing public cloud computing is security. In his session at 15th Cloud Expo, Jeff Aliber, a global marketing executive at Verizon, discussed how the best place for web security is in the cloud. Benefits include: Functions as the first layer of defense Easy operation –CNAME change Implement an integrated solution Best architecture for addressing network-l...
Dec. 20, 2014 05:00 AM EST Reads: 2,144
“We help people build clusters, in the classical sense of the cluster. We help people put a full stack on top of every single one of those machines. We do the full bare metal install," explained Greg Bruno, Vice President of Engineering and co-founder of StackIQ, in this SYS-CON.tv interview at 15th Cloud Expo, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
Dec. 19, 2014 11:45 PM EST Reads: 2,145