How will this affect users who run things such as no-script to block
JavaScript from running?
Will it prevent the use of the website all together or provide a
warning, etc..
That could potentially lead to many false positives or alerts to your
staff (in relationship to the anti-trojan portion)
As far as the vendor I have no experience with them but I would be
asking a great deal of questions surrounding the above mentioned items
and what Allison mentioned regarding the potential of bypassing the
solution all together.
--
Thank you,
Robert Miller
http://www.armoredpackets.com
Twitter: @arch3angel
On 1/2/13 11:15 PM, allison nixon wrote:
For the anti phishing/pharming protection, the concept seems pretty
easy to implement without buying a product. Probably not worth it
unless it's cheap and you don't have people to spare for projects.
For the anti trojan protection, the idea of detecting infected users
browsing your site is interesting. I have no idea if it's well
implemented. The idea has potential. their claim that their soft
keyboard will protect against malware is bunk though. If versafe
achieves any measure of success I guarantee you it will not.
On Wed, Jan 2, 2013 at 6:54 PM, Brian Erdelyi <[email protected]
<mailto:[email protected]>> wrote:
Happy New Year.
How to detect and prevent man-in-the-browser attacks like
those involved in "High roller" and "Euro Grabber"?
I'm evaluating Versafe's anti-trojan and anti-phishing
technologies and would appreciate feedback from anyone using their
products or something similar.
For the anti-trojan protection Versafe embeds Javascript code on
our wensite that is transparently distributed and executed by
every visitor of our site. This javascript is capable of scanning
the browser content for suspicious activity common to
man-in-the-browser attacks.
For the anti-phishing protection Versafe embeds javascript code on
our website. If this code were copied to another website, the
javascript would detect this and send an alert back to us. I'm
still sceptical of this because a savvy attacker could delete this
javascript code from the phished site before it generates the alert.
Is anyone familiar with these technologies? Any suggestions for
solutions from other vendors?
Brian
_______________________________________________
Pauldotcom mailing list
[email protected] <mailto:[email protected]>
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com
--
_________________________________
Note to self: Pillage BEFORE burning.
_______________________________________________
Pauldotcom mailing list
[email protected]
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com
_______________________________________________
Pauldotcom mailing list
[email protected]
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com
