Teros, the global leader in Web Application Firewalls, and Corillian Corp. (NASDAQ: CORI), the top provider of online banking and anti-fraud solutions to leading financial institutions, today announced a partnership to advance anti-phishing capabilities by blocking attempts to hijack web content and detecting potentially fraudulent web traffic.
Teros and Corillian will jointly market and sell the Corillian Fraud Detection System with the Teros Web Application Firewall. The solutions provide critical server-side protection and key forensic information required to shut down phishing sites and pursue legal action. These solutions help organizations detect potential phishers accessing the Website to create phishing attacks, as well as block attacks against web applications, which are not normally detected by firewalls and intrusion prevention systems.
"While prevention of online identity theft and phishing are often thought of as just an e-mail issue, today's sophisticated fraudsters use an organization's web site and logos against them," said Bob Walters, CEO of Teros. "This partnership gives banks and e-commerce companies a unique server-side tool that effectively breaks many of today's phishing kits."
The combination of web application protection, fraud prevention and phishing detection provides banking and enterprise customers with numerous benefits, including:
- Quickly discovering sophisticated phishing and fraud attempts
- Stopping legitimate websites from being turned against consumers
- Helping to identify customers whose private data may have been compromised by phishing or spyware
- Preventing web application attacks that attempt to steal databases of consumer information
"Identity theft threatens to undermine consumer confidence just as online banking is gaining widespread acceptance. Attacks and threats from today's sophisticated hackers and phishers not only steal information, but real identities," said Peter Cassidy, Secretary General of the Anti-Phishing Working Group. "As the financial services industry takes aggressive measures to protect consumer identities and raise consumer awareness, we encourage vendors to partner to create complete solutions."
The combination of Teros and Corillian solutions provides banks and e-commerce sites with complete web infrastructure protection and leading edge fraud detection systems.
"Financial institutions and e-commerce sites are often targeted for weeks, and even months, by hackers, fraudsters and phishers before they are able to detect an attack," said Jim Maloney, chief security executive of Corillian. "This combined solution provides early detection and blocking of phishing attacks before they occur and the necessary evidence to take down the fraudulent sites."
The Corillian Fraud Detection System is a patent-pending web log analysis solution and methodology providing companies with an innovative way to proactively address online fraud using a technique called Preemptive Forensics. Unlike other available anti-phishing techniques that wait to work until a phishing attack is launched, the Corillian Fraud Detection System provides companies with a way to identify phishing behaviors before they turn into attacks on the organization and its customers. The extensive rule base in the Corillian Fraud Detection System is not only effective against phishing attacks, but can detect many other types of cyber fraud and cyber attacks, and provides valuable information to help with anti-money laundering, regulatory compliance and web site reliability issues.
The Teros Web Application Firewall defends against real time web attacks with a positive security model that only permits valid web traffic to interact with the banking applications. It is a hardened security appliance that blocks all known and unknown application-layer attacks, including cross-site scripting, scraping and SQL injection. Teros' Deep Stream Inspection technology is applied to all Web and Web Services communications, even those that are SSL-encrypted. Each instance of such attacks against target web applications is logged and recorded, and can then be exported to the Corillian Fraud Detection System for analysis.