IMlogic Tackles Zero-Day Chat Threats

Officials at instant messaging (IM) management vendor IMlogic launched a new
service Tuesday to stop zero-day viruses and worms before they cripple the
enterprise network.

The Real-Time Threat Protection System (RTTPS) uses a combination of threat
filters and reputation scoring to predict whether a link contains a security
vulnerability. If a message meets the requirements, the content is blocked
at the server level before it is sent to the end user.

Zero-day threats refer to security vulnerabilities, like worms and viruses,
that haven’t been discovered by security vendors who write virus
definitions and pass them along to the end user’s security
application.

The protection is commonly found in e-mail anti-virus applications from
vendors, such as Symantec and McAfee ,
but officials at
IMlogic said there’s no comparable technology for instant messaging.

That’s a problem for network administrators, said Jon Sakoda, IMlogic CTO.
End users see an IM window pop up looking like a message from a manager,
co-worker or family member and click on the link, not realizing until it’s
too late that they’ve corrupted the system.

“[IM] lends itself to a fast-hitting, very virulent type of threat which
burns very quickly through a corporate environment once infected,” Sakoda
said.

Every day is a zero-day in an IM environment, he added.

According to Sakoda, RTTPS is based on four key components:

  • a predictive threat filter that analyzes a chat message based on the
    number of people it’s trying to connect with and known threat
    profiles, then blocks the IM if it seems like a threat;
  • reputation scoring based on the potential threat level of the
    content;
  • the ability to intercept and redirect embedded URLs to
    show end users the level of risk suspicious IM content poses;
  • integration with IMlogic’s threat center, launched
    last year
    as a database of known IMB threats and viruses, for the latest
    information on known or potential outbreaks.

Administrators can monitor RTTPS traffic through dashboards. The new
product integrates with the Waltham, Mass.-based company’s IM Manager
versions 7.0 and 7.5.

RTTPS costs companies $10 per user for a one-year subscription contract or
$18 per user if they sign a two-year contract. Volume discounts are
available, officials said.

Get the Free Newsletter!

Subscribe to our newsletter.

Subscribe to Daily Tech Insider for top news, trends & analysis

News Around the Web