After email, the World Wide Web is among the most important tools available to people who use a computer as they perform their job. It offers a ready source of current information, an infrastructure for developing various types of content, and a platform for communications and collaboration.
However, the Web is also fraught with risks, such as malware that can be downloaded to a network or an individual's computer by doing nothing more than simply visiting a Web site. Further, even Web sites that are legitimate for use in a business context can serve as a source of these threats – there are thousands of examples of otherwise valid Web pages and entire sites that have become a source of malware ranging from simple keystroke loggers to much more malicious content.
The problem of Web-borne threats is not theoretical: millions of users have been impacted and the threat is getting worse. Today, Web threats are more numerous and more virulent than those that are delivered in email, and it is easier to be infected by them. Further, blended threats in which links to malicious Web sites are delivered in email, instant messages or through social networking communications are becoming more popular, making the simple act of Web surfing a potentially devastating threat to corporate networks and security.