Web attacks will continue to increase in 2016, experts tell us. But web security is getting cleverer - and here’s what you need to know about it.
The European Union’s latest ENISA Threat Landscape report tells us that web attacks will continue to increase in the future. So, no surprises there, then!
But web security hasn’t stood still. In fact, there are many web security features now available that give security partners and their customers much deeper insight into web threats, as well as more effective tools to combat and manage them.
Here are just a few web security developments you might want to look out for in 2017.
URL analysis to beat zero-day threats
The backbone of web security has often typically relied on comparing a URL to a database of known malicious URLs, and blocking access if a match is found.
Clearly, there are severe limitations to this approach. Zero-day threats, for instance, won’t be on any URL blacklist, because they are simply too new, as we’ve explored in a previous post.
But web security solutions can now ‘sandbox’ a URL (quarantine it so that interactions with it cannot pass threats onto the network) and automatically analyse the behaviours of the destination site.
This way, even zero-day and unknown threats can be spotted and blocked, before they can cause any damage.
Centrally managed content filtering and reporting
Web content filtering is also a critical security requirement for most organisations, to ensure that employees don’t access inappropriate or reputationally risky material.
Historically, however, it’s been easier said than done. Endpoint security solutions have rarely proven themselves up to the task; they typically cannot monitor or report on web access unless there is a policy in place on that endpoint for that specific website. (Hardly an all-encompassing strategy, eh?)
Web security solutions can totally transform this situation, because security policies and their actions can be applied from a central dashboard to users and roles, independently of the endpoints they’re working from.
A senior manager who has good cause to investigate questionable content on a website, for example, might simply be monitored; a more junior user attempting the same thing might have access to that website blocked.
Decoupling web filtering from endpoints also means that reports can be created and run in real-time, simply by clicking on widgets in the centralised dashboard - and these cover all web use, not just pre-selected sites.
Web application control: the new ‘must have’
As we touched on in a previous post, it is now possible for web security solutions to control access not only to cloud applications like, for example, Facebook, but to specific features within them – by individual, role, device and location.
These can include, for example, functions that enable users to upload or delete profile images, remove a public link, permanently delete files from a recycle bin, disable a security group, and many other types of actions that can be high-risk in certain contexts, both with and without malicious intent.
As businesses rely more and more on cloud and social applications to carry out everyday processes, this kind of web security is set to become mission-critical.
Gains in performance, deployability, and more
But it’s not just the security features themselves that are worthy of note.
A host of innovations around performance, deployment, usability and productivity mean that web security solutions are now a more attractive proposition from the point of view of end-users (who are looking for service excellence) as well as security partners (who are looking for differentiators and ease of management) than ever before.
From the performance point of view, the latency (lag) often associated with cloud-delivered solutions, for example, is a thing of the past, thanks to locally stored caches that wake up instantly.
From the deployment point of view, flexibility is high on the agenda, with agentless options, and multiple authentication methods, including SAML, direct, and agent-based – pretty much whatever the end-user prefers, in fact.
And when it comes to usability, guest users on VLAN and mobile workers are protected without the additional complication of connecting to a VPN (or the danger of failing to do so), supporting risk-aware productivity.
Something tells me threat actors, users and security partners alike will be watching web security very carefully in 2017.