Q&A: Dasient and current threats

Ameet Ranadive is a co-founder of Dasient, an Internet security company that protects websites from web-based malware attacks. In this interview he introduces his team at Dasient and talks about current threats.

How has your team’s experience of working at Google prepared them to tackle web security at Dasient?
Our co-founding team consists of two ex-Googlers, Neil Daswani and Shariq Rizvi. The prior Google experience has helped our team in a few ways. First, we have the Google DNA in our company, which means we believe in the power of operating at web scale and web speed, in an automated way. At Google, for example, there is an emphasis on data, systems, and software automation, which often leads to being able to tackle difficult problems with fewer people.

Neil worked on Google’s security team for just over three years. He helped defend Google from a variety of malware-related threats, including “clickbots” that would engage in click fraud with Google ads. He published a book called “Foundations of Security: What Every Programmer Needs to Know,” which became standard issue for new engineers at Google. Shariq worked on Google’s Web Server team and App Engine team. He worked on the world’s most scalable web server, and built security features into Google’s cloud-computing platform.

How does Dasient plan to address web security threats? Introduce your products/services to our readers.
Over the past few years, the way that malware is spreading has fundamentally changed, and web-based malware is the new frontier. Hackers are now attacking legitimate websites and turning them into distribution platforms for malware. Every day, thousands of innocent websites are being compromised and infected with web-based malware. When this happens to a website, the site is infecting its own users with a virus, and can get blacklisted by search engines, browsers, and anti-virus companies.

Blacklisted websites suffer losses of traffic, revenue, and brand. We have interacted with websites that have lost thousands of dollars of e-commerce or advertising revenue due to being blacklisted. When we observed this market need, we also saw that there were no solutions in the market to help websites and webmasters defend themselves against the threat of web-based malware attacks.

This is why we created the world’s first Web Anti-Malware (WAM) service. Dasient WAM provides end-to-end protection by monitoring websites for web-based malware infections. When an infection is detected, Dasient WAM Monitoring will alert the website owner and provide diagnostic information to remove the malicious code on the site. Dasient WAM can also automatically quarantine any malicious code injected onto the website if the customer (or their hosting provider) has deployed the Dasient WAM Quarantining service.

How do you plan to compete with other players in the marketplace? What do you see as your advantages?
In many ways, our service is complementary to other existing security products. Web Anti-Malware is an important component of a defense-in-depth approach to securing websites. Our service focuses on detection and recovery, which is important given that malware attacks on websites are growing so quickly. Malware attacks can occur via stolen FTP credentials, malicious ads, or infected third-party content that a legitimate website sources in. There is no preventative solution that will prevent such attacks from occurring. That is why websites need a mechanism to detect and recover from malware attacks when they occur. In general, our advantages include the following:

• Patent-pending technology, including our malware analysis platform and quarantining technology.
• Proprietary data about attacks collected by monitoring millions of websites across the web, as well as data aggregated from best-of-breed providers.
• Google DNA that is part of our company (operating at web scale, web speed, automation).

Dasient is a new company. What has been your biggest challenge starting it up?
There are no shortage of security problems on the Internet. One of our challenges in these early days is prioritizing among all the different security problems that we can potentially solve. Our approach has been to address the biggest, most immediate pain point today. As a result, we decided to focus on the need for malware detection and recovery by introducing our Web Anti-Malware service. We have already helped thousands of websites with their malware issues, and have been iterating our product based on feedback from these customers. The approach of interacting with customers has helped us prioritize and improve our product over time.

With the constant evolution of threats, what kind of technology challenges do you expect to run into?
There is a saying in the security world that says that “attacks only get better.” I’d say that the biggest technology challenge will be to develop automated, scalable techniques, methods, and algorithms that will continue to catch attacks as miscreants evolve and make their attacks more sophisticated. With much of the technology that we have developed to date, we have primarily focused on behavioral analysis — which has in turn allowed us to continue to catch new attacks quickly, and in many cases without any modifications to our systems. Our algorithms often detect attacks that we didn’t explicitly program them to catch, and due to our use of anomaly detection and machine-learning-like techniques, they enable us to defend our customers against many new attacks.