LOS GATOS, CA--(Marketwired - Jun 30, 2015) - Spikes Security, the isolation security company, today introduced the Isla family of web malware isolation appliances, designed for all businesses that want complete protection against malware delivered through web browsers. Isla eliminates this significant attack vector by processing all web content on secure appliances deployed outside the network, where content remains in hardware-isolated VMs created for each user session. All web content -- audio, video, text, and graphics -- is then instantly and continuously transformed into a benign, malware-free format and delivered to end user browsers using patent-pending technology developed by Spikes Security. No original web content is ever delivered to endpoint devices.
Web browsers have become the most strategically important application for business, but also the application most vulnerable to cyber attacks because they are permitted to download program code from unknown sources and fully render it inside a secure network. Research conducted with the Ponemon Institute earlier in 2015 revealed that using web browsers cost organizations an average of $5.62M each year. This total includes the cumulative costs associated with detection, prevention, forensics, and remediation of malware attacks directly related to undetectable browser-borne malware. Isla (Spanish for "island") is an innovative solution specifically focused on eliminating all web malware attacks delivered through browsers.
"Isla is the result of over two years of intense engineering effort to build an enterprise-class solution that is fast, convenient, and powerful, yet makes no compromises on security," explained Branden Spikes, Founder, CEO and CTO of Spikes Security. "Based on early response from customers, we expect Isla to be broadly adopted and designed into enterprise network security architectures. It solves a massive security problem that has plagued organizations for years."
The Isla solution consists of a range of appliances deployed outside the network, which each support a specified range of concurrent, isolated web sessions for users inside the network. Appliances can scale linearly to support any number of users across any number of locations. Users working off premise with corporate-owned or mobile devices can establish a VPN connection through Isla to the Internet, to ensure they are always protected from web malware. The entire web malware isolation system is configured and managed by the Isla Control Center application.
Key features of Isla include:
· Secure, hardened Linux appliances optimized for high performance, isolated web sessions
· Private VMs completely isolated from each other, with additional hardware-assisted isolation using Intel-VT processor extensions
· Isolates all web content, including any potentially malicious content, APTs, zero-day malware, and targeted browser attacks
· Transparent integration with all modern browsers, including Chrome, Firefox, Explorer, Safari, and the new Microsoft Edge to end user optimal user experience
· Optional native Isla client viewer that can replace commercial browsers in high security organizations that prefer not to have browsers on endpoint devices
· Full support for all major browser plug-ins, including Java, Flash, Quicktime, and Adobe Reader
· Secure viewing of all Word, Excel, PowerPoint, and Adobe files, and secure printing of these files after content is automatically transformed into a benign malware-free format
· Centralized control by IT of all web file downloads, enabling security teams to apply appropriate policies and content scanning before forwarding to end users
· Dual web content rendering engines on Isla to ensure optimal web site compatibility
· Transparent bypass feature allowing desktop browsers direct access to internal web apps and trusted external web sites
· Centralized management and reporting of multi-site deployments via Isla Control Center
The Isla web malware isolation system has been tested by ICSA Labs, and in their final test report the security of Isla was confirmed: "Throughout the malicious URL testing, network traffic was monitored to confirm that the malicious payload was sent. The Isla system remained unchanged and showed no signs of an attack or infection."
Isla is currently in limited release, with general availability scheduled for later in Q3. Pricing starts at $35,000 for the Isla appliance, plus an annual software license for Control Center and multiple customer support options.
A short video introducing Isla and its key features can be viewed here: https://youtu.be/_kXQUOmBSVw
About Spikes Security: Spikes Security is a venture-backed Silicon Valley start-up founded in 2012. The company is focused on delivering secure, scalable, high performance appliance and software solutions that empower businesses with the freedom to safely leverage the web without fear of cyber-attacks. Its flagship offering is a powerful web malware isolation system that prevents all browser-borne malware from entering corporate networks and infecting endpoints, including mobile devices, without requiring installation of any endpoint software. https://spikes.com/index.html
Comments From Industry Analysts:
“There are multiple examples of security breaches due to browser-borne malware over the last six months, so organizations really need to take a 'big picture' look at solutions to address these breaches. ESG research indicates that cybersecurity professionals may be open to a new approach; one that offers a secure, scalable, and high performance solutions that can empower businesses with the freedom to safely use the web without fear of cyber-attacks. The Isla appliances from Spikes Security may fit this description as they can isolate web content in DMZ-deployed virtual machines, then safely transform content to end users keeping malware away from the user and off the network.”
Jon Oltsik, Senior Principal Analyst, Enterprise Strategy Group (ESG)
“Much malware is delivered through web activity, either visiting infected web sites or clicking on links embedded in emails. The increasing sophistication of the malware makes it harder to detect using conventional signature based techniques. The use of isolation technology, such as Spikes Security’s Isla appliance, ensures that web content is transformed prior to being delivered to end-points, so this approach should be of interest to organizations that want to eliminate such attacks.”
Bob Tarzey, Analyst and Director, Quocirca Ltd.
"Isla is an elegant solution that should be of great interest in today's mobile enterprise because it can potentially eliminate the web browser as a primary attack vector. The Spikes Security team recognized that virtually every enterprise includes mobile as a key work platform, and that cyber threats don’t respect the traditional security boundaries that enterprises typically rely upon. It’s essential to prevent lateral threat movement from mobile across the enterprise, and Isla lets enterprise employees safely leverage the web using their mobile devices on-premises or remotely - a compelling advantage that can encourage decision makers to rethink their security model.”
Michael Osterman, Osterman Research
“Spikes Security is tackling cyber threats head on with Isla. Their isolation appliance approach doesn’t try to detect anything – we’ve seen the declining effectiveness of detection technologies over the last two years. Instead, because Isla assumes everything is bad, it can isolate all web content in VM sessions outside of the firewall, so that no original web code ever has the ability to reach the endpoint and infect those devices."
Richard Stiennon, Lead Analyst, IT-Harvest
“The architectural approach that Spikes Security is taking to protect companies against browser-borne threats is significant. User activity, including tablets and mobile devices, that used to bypass corporate security can now pass through Isla appliances positioned outside the firewall. The fact is that most enterprises underestimate how often they’re attacked through browsing sessions because they are unable to identify the breach until long after it has occurred. Isla makes that a non-issue because security teams can isolate threats on the appliance, orchestrate security scanning of all downloads, and relieve IT from the burden of managing additional endpoint security software.”
Eric Ogren, Security Analyst, Ogren Group.