Websense Inc’s chief executive Gene Hodges has said the company is set to diversify next year with a new product for web threat analysis and another that will take it into the nascent segment for information leakage detection and prevention systems.
The web filtering software vendor is best known for its content filtering software that blocks employees from accessing websites by category or keyword, or restricts surfing to particular parts of the working day. Not only do organizations face a perceived loss in productivity from work-hours surfing, but there are genuine security concerns over the Internet access habits of office workers.
One year into the job as CEO, Hodges said the strategy for 2007 will be to position Websense as a supplier of a diversified set of security products.
The enterprise market for web filtering is mature, particularly in the US and western Europe, Hodges said. But after a couple of quarters of poor billings earlier in the year, he said that business looks promising again.
It’s a $500m market and we estimate we have a 30% share, but all the oil is in the new fields of Asia Pacific, eastern Europe and the SMB sector, he said. The vendor will do around $180m in sales for 2006 and will post a healthy 31% operating profit.
The emerging sector of information leakage detection is one area marked down for growth, and Websense has plans to deliver new Deep Content Control technology to control the unwanted dissemination of sensitive and confidential information.
The company has already signed up Port Authority Technologies Inc’s PreciseID fingerprinting software for information classification and content identification. The plan by Q2 of 2007 is to have integrated this with existing Websense policy management infrastructure software to produce classification and enforcement technology that would provide automated data protection.
Many of the issues of detecting and preventing information leakage are similar in nature to those we handle in controlling access to URLs. It is often roles-based and calls for real-time data synchronization with Active Directory or LDAP systems, Hodges said.
The San Diego, California-based supplier also intends to release a new line in content gateways in 2007, with a system which will incorporate attack avoidance technology based on some existing ThreatSeeker assets that are being worked up for commercial release.
The system is a web vector threat analyzer which uses web crawlers to build a map of web-based applications and executables to identify the location and state of existing and new malware threats.
The company has already built up a catalog of two million executables to date, which Hodges says are in the process of being dissected, decompiled and categorized to reveal a map of all the bad stuff and where it exists on the web. It will pick up existing malware, it will detect zero-day attacks and it will identify potential attacks that are still in development, he said.
Together the products developments will place the business in a position where it can prevent any inside or outside web-based threat, he claimed.