Called ThreatSeeker, the technology scans the Web for threats and blocks exploits before they can get on the network, protecting companies until patches and signatures are created, said John McCormack, senior vice president of product development at Websense.
Although the San Diego-based security vendor hasn't previously discussed the technology, the company has been using it in its products for the past five years, according to McCormack. Antivirus and intrusion-prevention technologies have been ineffective in stopping exploits, and emerging threats such as rootkits have created a need for technology that can proactively identify and stop malware, he said.
"Basic security technologies are becoming commoditized, and a system that identifies exploits and malware on the Internet and prevents them from being delivered is far more effective," McCormack said.
Many vendors are rolling out products with proactive threat protection, including Cisco Systems with its Adaptive Security Appliance (ASA) line, but Websense's strong track record in the space gives the vendor a head start, said Allen Allison, vice president of security at MTM Technologies, a Stamford, Conn.-based solution provider.
"Websense has the systems in place that are already doing the scouting, whereas others don't have the same breadth of technology," Allison said.
Most of ThreatSeeker's intelligence gathering is done automatically, but researchers from Websense Security Labs play an important role in identifying emerging online threats, according to McCormack.
"Our Web analysts look at pages served up to them and can see exploits forming on the Internet before they're published or known," he said.
Allison said the human element is a key component that will sharpen ThreatSeeker's accuracy. "This is one of those technologies that you cannot completely automate. There are so many opportunities for false positives and false negatives, so you have to have a significant amount of human intervention," he said.
Websense also unveiled Web Security Suite version 6.3 and Websense Web Security Suite Lockdown Edition version 6.3, both of which will be released in mid-November. The products include ThreatSeeker as well as reporting upgrades and integration with Citrix Presentation Server to improve security in virtualized computing environments, McCormack said.