Malvertising is a type of attack where malicious code is injected into legitimate online advertising networks. Once in place, the code redirects users to malicious websites, forcing the browser to redirect the user to a malicious site or pop up unwanted advertising. It can steal identification, financial, and contact data, encrypt or delete information, change/ hijack core computer functions, and even spy on computer activities without the owner’s knowledge or permission. From an enterprise point of view, malvertising can corrupt critical operating systems and also destroy an entire network of systems. They can also target confidential information in the enterprise machines, including bank account specifics. Here is where Confiant comes into the picture, with their first-of-its-kind technology that actively and continually detects bad ads in real time, enabling user experience protection without losing time. According to Louis-David, “LD” Mangin, Co-founder, and CEO, “Cyber threats that use ads as a vector have been evolving. Over the past six years, the detection signal mechanism has required constant upgrades in tandem with the introduction of more sophisticated vectors.”
Needless to say, the first four years of Confiant’s business were spent in rigorous R & D, where they figured out methods to integrate into the ad technology infrastructure. This enabled them to properly collect data and create feedback loops that would help Confiant control the vector. The next stage, integration, which would provide the necessary data needed to protect the network, had been quite a difficult feat to accomplish. However, as Louis confirms, “Integration is one of our superpowers. We have now built more than 130 integrations into the ad infrastructure, across large global enterprise organizations and large platforms like Trade Desk and Magnite among others.” The result is a unique dataset on these malvertising attacks.
According to Louis, three big attacks are wreaking havoc via malvertising. One is investment fraud which shifted from Javascript-based redirects and phishing attacks to token based investment scams.
Confiant’s integration with clients’ unique data gives crucial visibility that shows how security can be compromised and what measures can be taken to combat them. Last year, a benchmark against Google’s Virus Total, which they keep track of regularly, gave the company a 96 percent uniqueness score.
Integration is one of our superpowers. We have now built more than 130 integrations into the ad infrastructure, across large global enterprise organizations and large platforms like Trade Desk and Magnite among others
Confiant is now entering Phase 2 of its operations, focusing on enterprise security by going deep into the attack data and layering on trade intelligence, integrating takedown actions, and bringing this attack data to companies whose clients were affected.
Confiant’s unique capabilities and offerings have garnered quite a few accolades in its journey and have earned them an honorable mention in the Google Security Hall of Fame. The company also has over half a dozen browser CVSs for significant exports over the past 2-3 years and was the first to detect a new malware last year. Committed to their dedicated course and true to core cybersecurity principles, Confiant is honored to be an ally in the enterprise cybersecurity space.
