Trustsphere uses security intelligence to uniquely counter socialattacks against organizations and executives

05/07/12 — TrustSphere ( ), a pioneer of digital communication integrity solutions, todayannounced the availability of TrustVault™, a trust-basedtechnology solution that protects organizations from some oftoday’s most difficult to handle email-based threats. “The cyber-threat landscape continues to evolve rapidly.Socially-based attacks delivered via email are increasinglytargeting an organization’s executives and not just rank-and-fileemployees. This complicates the task which many of today’s securitysystems have to perform, forcing them into a trade off betweengreater security and ensuring business continuity,” said ManishGoel, CEO of TrustSphere. “TrustVault works alongside existingsecurity solutions to ensure that trusted, genuine business trafficcan be rapidly recognized and ‘fast tracked’ to business users,enabling security systems to focus more intently on suspiciousmessages and other threats. The counter balance enables bothgreater security and improved efficiency for the organization.” TrustVault Social Graph TrustVault uses data already present in enterprise email systems tobuild a social graph of known and trusted senders.

Withoutinspecting message content, each email and sender is mapped againstthis ever-growing social graph and analyzed for proper delivery asprescribed by the organization’s own policies. Once positivelyidentified as genuine and trusted, a sender’s email can always bedelivered to intended recipients, even if other systems may haveerroneously blocked or quarantined the very same messages. “Using social graphs to validate trusted senders is an intelligentway to ensure that legitimate emails are always delivered,” saidMark Levitt, director of enterprise software and communications atresearch firm Strategy Analytics. “TrustSphere applies thisinnovative approach to address the false positive problem wherevalid email communications are not delivered because they looksuspicious based on known spam patterns.

TrustSphere uses this sameapproach to ensure delivery of legitimate emails that might beblocked by denial of service attacks and to identify suspiciousemails such as spear phishing that often evade spam filters.” TrustVault also applies a proprietary reputation and identityanalysis before authenticating senders for priority delivery oftheir messages. Called TrustCloud™, this global, dynamicwhitelist validates that senders are who they claim to be, andcontinuously checks their email “reputation” to protect recipientsagainst spear phishing attacks as well as messages from newlycompromised email accounts that can be laden with spam or malware. False Positive Mitigation A key problem that many enterprise IT organizations are unawarethey have is excessive email false positives — those legitimatemessages erroneously identified by spam filters as spam and sent tojunk folders or spam quarantines. Most analyst firms agree that theacceptable number of false positives is 3.5 messages per million(using the six sigma multiplier) or less. IPL Beauty Equipment

But after analyzinghundreds of millions of emails at enterprises across North America,TrustSphere finds the average number of false positives to be inexcess of 10,000 messages per million — with some organizationswell beyond that. Once senders can be recognized as genuine and trusted, there is noneed for their emails to go through probability-based spam checks.With TrustVault, known and trusted senders’ messages bypass suchsystems, delivering them straight to anti-virus and anti-malwaresystems and on to the inbox. Safeguarding Against DDoS Attacks With distributed denial of service (DDoS) attacks againstbusinesses on the rise, TrustVault provides an innovative way forIT departments to maintain active email communications during suchan attack. Not only does TrustVault identify known and trustedsenders, it also looks at the cadence of email conversations acrossthe organization and applies logic to identify those senders thatare most important to an enterprise. During a DDoS attack,TrustVault continuously builds critical data which is supplied toan organization’s gateway security systems which reserves a pool ofconnections to ensure delivery of messages from these trustedsenders. China Cryolipolysis Equipment

This method ensures business continuity regardless of theseverity of the attack. Protection Against Spear Phishing TrustVault also protects against threats posed by email that getsdelivered. Cyber criminals have found a new way to defraudexecutives and corporations of millions of dollars through spearphishing — email-based communication that lures victims intodivulging confidential information such as identity, bank accounts,passwords and more. Unlike its spam-based cousin phishing, a personis 24 times more likely to open and react to a spear phishingemail. Ultrasonic Cavitation Slimming Machine

TrustVault is able to distinguish between legitimate sendersand suspicious emails, which enables the IT security department toact on the results. Such actions often include delivering emails toappear in a different color in the inbox. Combating Social DDoS Attacks The same method for countering spear phishing can also be used tocombat voll-e, the socially engineered DDoS attacks. Voll-e hasgained prominence through the “Occupy” protest movement, whereprotestors are encouraged to send innocuous emails en masse toexecutives at banks and other financial institutions. Because theseemails have no content that would normally trigger a spam filterand come from multiple sources, they are able to elude conventionalemail protection and get delivered, rendering the recipient’s inboxvirtually unusable.

TrustVault differentiates between suspectmessages and those from trusted senders, delivering suspiciousemails into a separate inbox. This delivery method ensures that anorganization’s executives can continue to work as usual and remainuninterrupted even when under such an attack. “The technology advances in our next-generation solution,TrustVault, will have broader implications to enterprises beyondemail integrity,” adds Goel. “Through TrustVault we will beextending integrity to all f[ServletExceptionin:/common/layout/viewtemplate.jsp] null’.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s