Wedge Networks’ WedgeOS platform has been featured in Network Computing’s article “Rise Of HTML5 Brings With It Security Risks” by Robert Mullins. WedgeOS’ Deep Content Inspection approach is seen as a solution against the potential security flaws within the WebSocket API in HTML5.

Wedge Co-founder and CEO, Dr. Hongwen Zhang, provides insight on the Risks of Social Media Spam Attacks in the interview by Emily Holbrook of Risk Management Monitor. To learn more about these risks and to read the full interview, please visit Risk Management Monitor.

As organizations face increasing amounts of dynamic HTML5 content flowing through their networks, Wedge Networks, an innovator providing remediation-based Deep Content Inspection for high-performance, network-based Web security, today announced that its patented WedgeOS platform is the first in the industry to support, detect and mitigate against malware found in HTML5 specific content threats and the WebSocket protocol.

HTML5 provides a rich, responsive and standardized web application environment, enabling trends like mobile access and cloud-based applications. It is being rapidly adopted by organizations as web designers leverage the new protocols to create dynamic content to improve the overall end user experience. Fundamentally safer than previous versions, HTML5 however, does introduce new security challenges including unique malware channels using cross-site delivery/communication, broader Javascript capabilities and the WebSocket protocol. To take advantage of the benefits of HTML5 while maintaining security, organizations require solutions that first support the protocol, then use Deep Content Inspection techniques to understand and secure the content transferred through it.

The award-winning WedgeOS platform from Wedge Networks is the first platform to support and secure HTML5 content and protocols. In Wedge Network’s testing of leading Secure Web Gateways and Content Control devices, no other vendor was able to transmit HTML5 content and block viruses contained within. WedgeOS provides organizations with the ability to increase web security for existing and future protocols.

WedgeOS’ HTML5 security features are available immediately on all products and provide:

Advanced Protection

• Security against sophisticated malware threats hidden in the high volumes of concurrent traffic brought on by HTML5.
• Detection and remediation of both known and zero day threats, without impacting network performance.

Comprehensive Scanning

• Effectively taking the end user out of the security equation with protection from threats on hijacked sites. Wherever they go, whatever they click on, they are scanned and secured.

Support of Dynamic Content

• Inbound and outbound support for HTML5 content, over the performance-boosting WebSocket protocol.
• A scalable, real-time solution that understands the intent of Data-in-Motion and provides remediation when necessary.

Usability

• WedgeOS achieves line speed high performance scanning throughput, preventing bandwidth bottlenecks and end user latency; a new industry requirement for multiple concurrent sessions brought on by HTML5.

Supporting Quote:

Hongwen Zhang, president and CEO, Wedge Networks, said:

“HTML5 has created new, advanced protocols and codes, enhancing the content of today’s Internet, enabling greater incorporation of applications in the web browser and an overall richer web environment. WedgeOS secures the HTML5 content and protocols seamlessly, providing end users the ability to allow HTML5 websites and content into their organizations with the same security protection that applies to the rest of their network infrastructure.”

Supporting Resources:

For more information, including a video on HTML5 and the WedgeOS platform, visit the HTML5 section of our website.

Webinar: What every Security Professional Should Know about HTML5, January 26th, 2012 between 11:00am and 12:00pm MT with Wedge Networks Senior System Architect, Joe Bulman P. Eng. Click here to register.

The vast amount of Internet applications, Web services, and online social media outlets has quickly distorted the lines between corporate and personal usage, leading to an increase in malware outbreaks and data loss. Despite their functionality, services such as blogs, Facebook, LinkedIn, and Twitter pose a yet-to-be-realized threat in the workplace.

Many organizations will label these social media sites as trusted Web sites based on their popularity, but this does not take into account user-generated content. Hackers exploit this primary weakness and manipulate users into downloading malicious content or viewing malicious sites through friend news feeds, status, or recommendations. A recent study by Kaspersky Labs indicates social networking sites are 10 times more effective at delivering malware than the previous popular methods of e-mail delivery.

Dr. Hongwen Zhang, President and CEO of Wedge Networks discusses how to let your organization take advantage of social media’s benefits as it safeguards policies and compliance in this article by Enterprise Systems Journal

By J. ANGELO RACOMA (@JANGELO)  | Jun 24, 2011

Social networks are often an easy target for malware authors because of the social aspect. Unsuspecting social network users are often too trusting of content and network contacts, and usually end up transmitting and receiving all sorts of malicious code. Wedge Networks (news, site) addresses this by killing off malware at the source with the BeSecure appliance, now available for social networks.

To read the complete article, please visit CMSWire.com HERE.

Wedge Networks upgrades its Deep Content Inspection network gateway to monitor social media and Web application traffic for security risks.

By Kevin Casey InformationWeek
June 22, 2011 01:53 PM

If humans are the weakest link in online security, then social media is a potential nightmare for small and midsize business networks. So many links to click, from so many “trusted” sources–so little time before socially-borne threats are taking root inside the company like toxic weeds.

So what’s the security-minded SMB owner or IT pro to do? You could block access entirely, but where do you start? It’s not just a Facebook problem, although one of the world’s most-visited sites is certainly a place to start. What about the countless other Web applications that enable user-created content, collaboration, communication, and the like? These days, it seems you’d need to shut off Internet access altogether.

To read the full story, please visit InformationWeek.com HERE.

Best practices for keeping mobile devices safe.

By James Powell 06/21/2011 (Enterprise Strategies – ESJ.com)

When it comes to protecting mobile devices connected to enterprise resources, security managers face a dilemma: can security be enforced without negatively impacting productivity? To learn more about the state of mobile security, we turned to Dr. Hongwen Zhang, co-founder and chief executive officer at Wedge Networks and the co-inventor of his company’s WedgeOS security technology.

Enterprise Strategies: What unique challenges do mobile devices introduce into an environment?

Dr. Hongwen Zhang: I see four major challenges:
Mobile devices move in and out of the corporate perimeters, so perimeter-based defenses are not effective
These devices have zero or limited defense abilities; their primary design objectives are power consumption and portability, not security
They are easily stolen or lost, along with sensitive information and access tokens stored in them
It is very difficult to obtain a comprehensive audit trail for mobile devices because of the multiple service providers involved.

To read the whole interview, please visit esj.com HERE.

Since the beginning of this year 2011, the IT Security industry has been inundated with unending bad news: Epsilon, Sony Playstation Networks, Play.com, and the list goes on. With so much media publicity, it seems that our industry is doomed to failure since, no matter how strong an organization’s defences are, the “London Bridge is falling down”… eventually.

That’s why the news this morning about how Lockheed Martin managed to defend its data against a recent fierce attack piqued my attention.  This article also described a security breach at Lockheed Martin in 2009 whereby hackers obtained classified information about the F-35 fighter jet program.  Kudos to the guys/girls at Lockheed Martin for making things right and for turning the tides for our industry, at least on this day.

I’m sure that the “London Bridge” is exposed to dents and dings, on a daily basis, from the persistent forces all around it.  However, it remains solidly standing despite the age old nursery rhyme that describes its “falling down”, which has been around since the 1700′s.  The reason for this: during the course of its existence, it has been persistently maintained and even rebuilt.  As a matter of fact, at the same time in which Lockheed Martin has successfully defeated this round of security attacks, the city of London is hiring a Maintenance Electrician for, guess what?  The London Bridge.

As an IT security practitioner, my take on the moral of this news is: to win against APT (Advanced Persistent Threats), we need to have an APD (Advanced Persistent Defense). You may argue that not everyone will have the deep financial pockets that Lockheed Martin has; however, as long as there is hope, tools and automation will be implemented to drive down the costs and help us win this war.

Wedge Networks, the leader in high performance network-based Web security solutions, announced today that the Wedge BeSecure AntiMalware Gateway Series was named the winner in the Annual Info Security Products Guide 2011 Global Excellence Awards, in the category of Best Network Security Product. This prestigious global award recognizes Wedge Networks for its groundbreaking wire-speed full inspection security platform.

“With the increased threat of attacks from viruses, Trojans, worms and spyware, traditional desktop-based anti-virus software does not provide enough protection, particularly in environments with high traffic, high bandwidth networks,” said Hongwen Zhang, President and CEO of Wedge Networks. “It is an honor to be recognized in this distinguished industry awards program and it further demonstrates our leadership in providing multi-layer protection to help organizations stay ahead of these threats.”

The Wedge Networks BeSecure appliance provides complete network protection, ensuring clean content is delivered to all endpoints including desktops, laptops, mobile devices and servers for large enterprises, ISPs, fixed and mobile operators worldwide. It prevents these attacks by intercepting Web traffic at the application network layer, scanning the traffic at multi gigabit speeds and blocking malicious attacks.

Utilizing the patented WedgeOS, the BeSecure appliance scans complete objects in real-time, accesses and employs full signature databases, heuristic analysis and Deep Content Inspection to provide increased security protection to a market that previously lacked security options. This nomination further recognizes Wedge’s unique ability to deploy accurate protection in complex networks dealing with massive traffic volumes.

2011-Info Security Products Guide Award

Info Security Products Guide, the industry’s leading information security research and advisory guide, has named Wedge Networks’ BeSecure Anti-Malware Gateway Series the winner of the 2011 Global Excellence Awards in Network Security. Announced in San Francisco, more than 50 judges, from a broad spectrum of industry voices determined the 2011 Global Excellence Awards Finalists and Winners.

To see the YouTube video: Dr. Hongwen Zhang accepting the 2011 Info Security Products Guide Award