Rubicon Expands the REVVolution With Brand Protection


armor.jpgAs news broke of The Rubicon Project’s acquisition of malware battler SiteScout, the trolls slithered to the comment section of TechCrunch, though not quite in force this time.

“The Rubi-‘con’ Project,” wrote one smarmy, anonymous fellow. Making light of Rubicon’s successful venture capital funding, he/she added: “The $42 million joke is on the investors!”

The reaction lacked the vitriol on display when Rubicon released its manifesto, “Principles of a REVVolution, or the Ad Server Is Dead,” in February and the trolls swarmed on TechCrunch. Some called the company worthless, saying it didn’t live up to its promises, while others claimed that the bold words outlined in the strategy signaled a company in its death throes.

Even before the launch of the REVV platform in October and the company’s strategic shift from optimizing ad networks to enabling publisher management of all non-guaranteed inventory, Rubicon has found a flurry of vocal, faceless detractors in various online forums that claim it merely sells snake oil.

However, the company’s rapid growth during less than two years in operation, impressive client list and now the acquisition of SiteScout would seem to refute some of the venomous accusations. Some of the complainants fail to recognize that results may vary: REVV doesn’t work for everyone.

“We were the first to admit it,” says COO and founder Craig Roah. “When we launched the product, we said we think this is the right solution for everybody. Our technology was ready to support the blogs, but the demand side of the business wasn’t there…. Ad networks wouldn’t buy on publishers they didn’t know.”

Rubicon doesn’t advertise its solution as a miracle cure to instantly win over the affection of ad networks. If a publisher has lackluster traffic, it’s not worthwhile for ad networks to apply their technology and run campaigns, especially when a good deal of manual input is still required. Although advertisers talk a good game about audience, they still actually crave brand when it comes to where their ads show up.

Google aggregates smaller publishers well with AdSense, but the demand is lacking to “drive the needle for a lot of these small players,” Roah says. “We think that’s going to change.”

While Rubicon aims to work its way further down the tail, not on the top of the agenda. “We’re still building out the platform,” he adds. “Once we make it work for the head, it will be a lot easier to adapt for the tail.”

The latest step is buffering brand protection through integrating SiteScout’s technology. While malvertising and malware have been causing malcontent for a long time, they’ve been making headlines in the last year as big publishers like and Gawker fell prey to massive attacks. As Rubicon has prided itself on improving based on client feedback, it saw a response was in order to publisher concerns stemming from the very public attacks.

Over the last seven years, SiteScout has built technology that examines online advertising streams and websites for malicious content — many times codes that infect computers or download malware or some other nasty bit that will play havoc with a user’s system and possibly try to steal personal information

“These days there’s all kinds of traffic, from direct tags to ad network tags, and all of it is a fertile ground for the bad guys,” says Rob Lipschutz. “We’ve built a system that helps publishers find and detect malvertising proactively and get rid of it before it starts causing problems for their customers and their brands. With Rubicon in the center of the publishers and the revenue departments, it’s a great place for us to sit and uncover malicious content.”

The two companies partnered at the beginning of the year and were impressed that their technologies were highly compatible. Discussions about merging began a few months ago.

“It just made sense,” Roah says. “We looked at a lot of other players in the space and SiteScout’s technology was better at finding malvertising, faster and more consistent.”

But while the move to merge was based in technology — the corporate cultures were also compatible. As they sit in the dim hotel restaurant, buoyant Spanish music in the background, the ease Roah and Lipschutz share with one another is infectious. They pass conversational cues like a basketball and even complete the each others sentences.

“Integration is always a dirty word, but this going to be an easy one,” Lipschutz comments.

“It’s really just tying in their back-end stuff to our front-end [user-interface] so its one platform for our publishers,” Roah adds.

Already they’ve found that the system detects a great deal of malware, including a wide variety of species — some that show their ugly faces immediately while others lie dormant until the user performs a certain action.

When malvertising does show up on a site, the blame almost immediately falls on ad networks. A publisher will shut down the ad tech and go hunting for the culprit — and costing ad revenue.

“They’re running around, chasing a bouncy ball, and eventually the problem will get solved most times, but it’s a totally inefficient process without technology that will typically catch it before any of that happens,” Roah says.

Rubicon’s brand protection solution monitors both third-party and direct ad sales (another offering manages a publisher’s entire site — user-generated content can spring up some nasty stuff) as research shows two-thirds of malvertising comes from the former, but one-third is from the latter. Both the high-profile NYTimes and Gawker fiascos were the results of direct buys.

Once the malvertising is cornered, the SiteScout’s technology identifies its make, model and entry point and then assesses the entire system to make sure the offensive tag is purged from all of Rubicon’s publishers. If the malvertising makes it onto the site, Rubicon alerts the publisher of all the relevant information so it can quarantine the tag.

SiteScout’s technology allows Rubicon to compare the tag with the rest of an ad network’s property to determine whether the issue is limited or global. As soon as an anomaly is discovered, Rubicon jumps on the phone with the ad network and helps solve the issue.

The addition of malware protection is a big step in making publishers feel secure in using more demand sources and furthers Rubicon’s goal of becoming a platform built for publishers to meet all their advertising needs. Roah notes there are hundreds of various demand sources out there — each time you add another layer, you need to make sure you do it in a safe, efficient and automated way.

The move also supports Rubicon’s the traditional ad server is dead. As a standalone product, Roah says, the adserver is an antiquated and poor solution on the indirect front. The rise of DSPs in particular have show ad servers to be a thing of the past.

“Just having a solution that delivers ads based on something that’s sold is okay; it serves a purpose,” Roah says. “but we’re trying to build a platform — and we’ve built a good portion of it — that helps publishers find the right way to access sources of demand, not just deliver campaigns.

“Our job is to make sure we’re tight with all the non-direct advertiser-agency dollars,” he continues. “If there are dollars being spent by advertisers with a third-party we should be connected. Are we connected to everyone? No, but we’re connected to the best.”


Please enter your comment!
Please enter your name here