Surendra Singh, Regional Director (SAARC), Websense
What are the ways by which the TRITON Solution, developed by Websense, provides comprehensive security?
TRITON is an architecture that unifies three areas of security– web, email and data. As the threats become blended and complex, organisations require real-time intelligence for dealing with all kinds of malware that can take away their confidential information. Websense TRITON security solutions offer point-of-click protection with inline, real-time defences from Websense ACE (Advanced Classification Engine). ACE unites seven security defence assessment areas into a composite scoring model using predictive analysis.
These unmatched real-time defences are backed by the Websense ThreatSeeker Network — the world’s largest security intelligence network — and the expertise of Websense researchers. Websense TRITON provides integration, innovation and reduced costs. DLP endpoint protection functions off network and uses registered (fingerprinted) data for Windows and Mac OS systems. Portable decryption secures data from endpoints on USB devices and portable media.
Provide us with an overview of the main features of Websense ACE.
Websense ACE (Advanced Classification Engine) delivers real-time security ratings to all products built on the Websense TRITON architecture. ACE uses seven defence assessment areas, which provide checks and balances to minimise false positives and improve accurate classification.
Our approach to security is different as compared to that of most other vendors. We don’t rely on single threat analytics; instead we use multiple threat analytics. Today cyber criminals tend to research the profile of the employees of any particular organisation that they wish to target. They send a targeted ‘spear-phishing’ email, prepared after a thorough study of the user and the company and written in a manner that is designed to make the user think it is from an authentic source. The mail takes the victim to a compromised website where malware is downloaded onto their machine without their knowledge. This can then be the first step in the surveillance of classified information in the organisation and sending it to servers located at other locations.
What kind of work is being done by Websense ThreatSeeker Network?
The Websense ThreatSeeker Network is the world’s largest information security intelligence network. It seeks out threats contained within web, social media and email content. It unites more than 900 million endpoints and, with the help of Websense ACE (Advanced Classification Engine), analyses the content of 3–5 billion requests per day.
The ThreatSeeker Network collects content in various online forms: web pages, documents, executables, streaming media, emails, mobile applications and other Internet traffic. It processes this massive amount of data to identify trends in online threats.
In turn, this intelligence informs further types of content to collect. The ThreatSeeker Network assesses popular websites to see if they’ve been hijacked. It uses hot news and social media topics to identify additional websites to assess. ThreatSeeker monitors viral sites and content and tracks geographical hot spots.
How does Websense view the Indian market? Tell us about your investments in the country?
Websense has made significant investments in India. In 2011, we invested in a local data centre to support our Cloud business; in 2012 we started our technical support centre in Chennai to better support our Indian customers. All this is backed by fairly large clientele in India. Websense works closely with the enterprise segment, and has clients in all industry verticals, including the government, IT, telecom and BFSI. Some of the Websense customers include TCS, Wipro, Cognizant, Infosys, HCL, Bharti, Vodafone and Idea.