Cybersecurity-News_Rohde-Schwarz-New-realtime-detectionN.jpg

New realtime detection and extraction solution prevents JavaScript-based cyberattacks including sophisticated ransomware

To offer enterprises and organizations advanced network solutions for protection against script-based cyberattacks, leading IT security vendor Infotecs uses the new realtime JavaScript detection and extraction capabilities of Rohde & Schwarz Cybersecurity’s DPI engine in their next-generation firewall.

JavaScript attacks are devastating, especially for companies and organizations. Not only do they have to deal with data breach and damage to their reputation but also with direct costs. In particular, the advent of ransomware coded in JavaScript presents a new challenge for IT security administrators. According to security experts, ransomware cybercriminals took in about USD 1 billion last year. It is no secret that this figure – and the frequency of attacks on organizations – will grow to unprecedented levels in 2017.

To detect these dynamic attack vectors and protect organizations and enterprises from JavaScript-based cyberattacks, IT security vendor Infotecs has decided to embed JavaScript content & metadata extraction capabilities developed by Rohde & Schwarz Cybersecurity in their next-generation firewall.

"We saw a strong need to protect our customers against JavaScript-based attacks and are now pleased to offer them an innovative firewall which can cope with these security issues,” says Josef Waclaw, CEO at Infotecs GmbH. “The content and metadata extraction functionality provided by the Rohde & Schwarz Cybersecurity DPI engine R&S PACE 2 allows us to better identify and investigate dynamic web content in order to protect our customers from threats, such as sensitive data theft and tampering,” adds Waclaw.

JavaScript, which is one of the main technologies for building web content, is a popular tool for cybercriminals who abuse the programming language for malicious attacks. Particularly, cross-site scripting (XSS) and cross-site request forgery (CSRF) attacks are typical JavaScript security threats that top the list of web application vulnerabilities provided by the Open Web Application Security Project (OWASP).

Cross-site scripting enables attackers to use JavaScript to inject malicious scripts into web pages viewed by unsuspecting users. The script allows cybercriminals to steal sensitive user data, tamper with accounts, spread malware or steal financial credentials. The highly critical XSS security flaw in Yahoo’s consumer email service back in 2016 is one example of how a script-based attack can allow cybercriminals to read any user’s emails and affect millions of user accounts.

R&S PACE 2 – the Deep Packet Inspection (DPI) engine by Rohde & Schwarz Cybersecurity – now enables Infotecs’ ViPNet xFirewall to inspect web content for potential malicious or injected code and to block Javascript threats in realtime. This way, R&S PACE 2 and the ViPNet xFirewall ensure network security without compromising on performance.

Infotecs ViPNet xFirewall is a next-generation firewall that offers effective multi-level network security for business processes and protection against modern cyberattacks. The flexibility, easy management and unique intelligence of the ViPNet xFirewall not only provide comprehensive protection but also ensure major efficiency increases. In addition to application awareness (DPI mechanism), the ViPNet xFirewall includes inline configuration, stateful inspection, integrated antivirus and identity awareness.

リクエスト情報

ご質問や詳細な情報のご要望などがございましたら、こちらのフォームよりお気軽にお問い合わせください。担当者よりご連絡させていただきます。

マーケティング・パーミッション

次の手段によってローデ・シュワルツから情報を受信することを希望します。

詳細について

私は、このウェブサイトの出版物に記載されているRohde & Schwarz GmbH & Co. KGおよびRohde & Schwarzの法人および子会社が、
ここで選択した手段 (電子メールまたは郵便メール) を通じて、マーケティングおよび広告目的 (特別キャンペーンや値引きに関する情報など) で、私に連絡することに同意します。その内容は、電子計測、セキュリティ通信、モニタリングおよびネットワークテスト、放送およびメディア、そしてサイバーセキュリティ分野の製品やソリューションを含みますが、上記に限定されるものではありません。

お客様の権利

この同意表明は、件名が"Unsubscribe"の電子メールをnews@rohde-schwarz.com宛に送信することにより、いつでも取り消すことができます。これに加えて、今後の電子メール広告の購読を停止するためのリンクが、送信されるすべての電子メールに記載されています。個人データの使用と取り消し手順の詳細は、「プライバシーステートメント」に記載されています。

お問い合わせ内容が送信されました。 後ほどご連絡致します。
An error is occurred, please try it again later.