Twitter Tackles Anti-Malvertising Security Through Acquisition Of Dasient

Twitter is buying Dasient for its malware-detecting Website scanner to combat malicious online links and ads

Twitter has acquired security company Dasient, making its second security deal in three months.

Twitter acquired the company “effective immediately”, and the team will join Twitter’s revenue engineering team, Neil Daswani, co-founder and CTO of Dasient, wrote on the company blog. Terms of the deal were not disclosed, but it was a big buy “in terms of sheer size of the team”, reported TechCrunch, citing unnamed sources.

Online link scanning

Dasient was founded in 2008 by Daswani, Ameet Ranadive and Shariq Rizvi. The company launched its first Web anti-malware platform capable of scanning links and Websites for harmful content in 2009. The following year it introduced a service designed to protect advertising networks and publishers from malicious online advertisements.

The anti-malvertising service secured ads and content being served on ad networks and Websites, wrote Daswani. The company’s Web Protection API allows customised scans of individual domains and links.

Twitter confirmed the deal with a tweet: “Dasient is joining the flock! Welcome guys.”

Twitter has been working hard to stop malicious links on the site, scams trending as top topics and high-profile attacks on user accounts. Dasient’s scanning software follows links to the actual site to determine if there is any malware on the site, a technology that may be particularly attractive to Twitter, which is interested in “pre-scanning malicious links at scale”, said Alisdair Faulkner, chief products officer of ThreatMetrix.

Right now “Twitter is a gift from heaven for crime gangs pushing infecting links”, especially since it is “nearly impossible” to verify and scan links in real time without cybercrime intelligence, said Faulkner.

However, it is Dasient’s capabilities in the ad security space that may be the driving force behind the deal, as Twitter is working on new advertising strategies to monetise the microblogging platform. Twitter ad revenue is expected to top $140 million (£90m) this year. There have been recent reports that Twitter is planning self-service ads.

The security skills and knowledge provided by Dasient’s team of anti-spam experts would allow Twitter to filter out malicious advertisers from the site. But the real value of the deal “is in the talent”, Faulkner said.

Cyber-criminals frequently use malvertisements to serve up links to harmful sites on legitimate sites. They do not need to compromise the Website to embed malicious code, and users may be more likely to click on the ad because it is on a site they trust. Visitors to the London Stock Exchange’s Website were compromised last year because of some malicious ads.

“Dasient will be able to apply its technology and team to the world’s largest real-time information network,” Daswani said.

A Twitter post that delivers the “ticking time bomb” is bad for the site’s business, especially since having users interact and click on advertisers’ links and sponsored stories is crucial to their business model, according to Faulkner. “Social networks need real-time protection at the point-of-click, and you will see other social networks beef up their acquisitions in this area,” Faulkner said.

“Neil Daswani, Shariq Rizvi and Ameet Ranadive have created technology that provides network security and malware prevention service for some of the largest ad networks in the world. Their team has an excellent understanding of advertising platform-related security issues and will be a valuable addition to the revenue engineering team,” Twitter told Wired.

Dasient is Twitter’s third acquisition in recent months. The company acquired news aggregation company Summify on 19 January and acquired security company Whisper Systems in November. The “revenue engineering” department at Twitter acquired AdGrok back in June.