This disclosure generally relates to improving client-side security and more specifically relates to identifying and eliminating potential threats associated with web responses.
Today, computers face ever-growing threats to security and privacy on the Internet. These threats not only originate from direct attacks, such as by viruses, but also from indirect attacks in the form of monitoring programs referred to as malware (malicious software). Spyware, for example, is a form of malware that serves to surreptitiously monitor and report computer user activities to third parties. The rapid proliferation of malware has significantly increased the number of client-side vulnerabilities, including vulnerabilities in web browsers, in office software, in media players, and in other desktop applications. Some other well-known web security vulnerabilities include cross-site scripting (XSS) and phishing websites. Security attacks increasingly lead to unauthorized activities on the Internet, such as identity theft, data corruption, and theft of company trade secrets, and thus require security measures to protect valuable information.
An enterprise, for example, can implement internal security measures at network edges by employing firewalls, gateway security agents, content filtering software, malware detection software, and similar known tools. Such security solutions, however, require the installation and management of hardware and software, either in-line or directly on enterprise machines. Typically, organizations have many, or even several thousand, computing systems. Also, the security software and hardware must be updated periodically. In general, to avoid large number of software installations and updates, a number of organizations presently employ a “software as a Service” (SAAS) model or ‘in the cloud’ implementations for managing enterprise data. A SAAS, or “in the cloud,” model, also referred to as cloud computing, is a software deployment model that hosts applications or infrastructure as services for users across the Internet. For example, an application service provider (ASP) can provide data management through web services to an enterprise or individual user, eliminating the need for software installed on an individual user's computer.
Conventional threat detection services in a SAAS model operate to either allow or block a web page based on the content of the page. As web content becomes increasingly dynamic, such binary decision services are less effective. Moreover, some conventional security services provide security features by inspecting and processing a web response within the cloud. Such processing in the cloud may not be desirable for certain confidential applications, such as banking transactions. Further, a user or an enterprise may object to having sensitive transactions or documents processed off-premises.
Thus, there remains a need for a centralized security service that is dynamic, easy to handle, and effective, which results in improved security for users.