Enterprise Insights

Blog archive

Zscaler Researchers’ Report Reveals Who’s Doing What on the Web

We know the Web can be a dangerous place. A new report from Zscaler’s research group, ThreatLabZ, quantifies that danger.

For example, you’d best surf at your own risk, because one out of five URLs is likely to be malicious. The company analyzed results from Zulu, its free, real-time service introduced this year that evaluates security risk and site-reputation information, rating a URL as benign, suspicious, or malicious depending on an analysis of a page’s content and hosting and DNS information. The researchers found that one fifth of 30,156 URLs evaluated were rated as “highest risk.”

Google search results are another part of the problem. The researchers point to a rise in “fake” Google search engine results; users are increasingly redirected to FakeAV malware or fraud sites.

Even the sites you think you can trust are being compromised with hosting injections and malicious content. According to the report, many top Alexa sites were compromised, as were top-rated Google SafeBrowsing sites.

Where are users browsing? Based on its customers’ use, Facebook remains the most popular Web app for enterprise and mobile (consumer and enterprise) users, though it’s mostly been on the decline since the first quarter of 2011. Next in popularity: Gmail, a melting-pot “other” category, YouTube, ad Twitter (where though the percent of use is small, use continues to grow).

Zscaler lets its customers set their own policies about what Web resources are accessible, including setting policies on social network pages. “Two categories of policy decisions make up about 84 percent of the Zscaler blocks enforced for the quarter: Web site category blocks and rate-limiting blocks,” the researchers point out.

IT may also want to pay closer attention to keeping browser running with the latest versions of add-ins. Zscaler scans its customers’ browsers looking for out of date add-ins, a favorite target of exploit kits. It found that, as a percent of the installed base for each add-in, Adobe Acrobat was the most outdated plug-in, with over 60 percent of installations not running the most recent release. Adobe Shockwave was second, at more than 35 percent of installed versions behind the times.

The other results were a mixed bag -- mostly few surprises. One fifth of all Web transactions are initiated by applications, not browsers. More than half (52 percent in June) of its customers are using Internet Explorer on the desktop (Firefox and Safari come in at 22 percent each), with version 7 of IE the most popular, used by nearly 58 percent of IE users. More than half of mobile users are working with iOS and roughly a third with Android browsers.

An infographic summarizing some of the results can be downloaded here, though a short registration is required.

Posted on 08/06/2012 at 11:53 AM