Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

6/30/2015
05:00 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Spikes Security Introduces Isla, Web Malware Isolation System

Isla Appliances Work Transparently With All Modern Browsers, Securing Local and Remote Users on All Platforms, Including Windows, OSX, Linux, Android, iOS, and Blackberry

LOS GATOS, CA--(Marketwired - Jun 30, 2015) - Spikes Security, the isolation security company, today introduced the Isla family of web malware isolation appliances, designed for all businesses that want complete protection against malware delivered through web browsers. Isla eliminates this significant attack vector by processing all web content on secure appliances deployed outside the network, where content remains in hardware-isolated VMs created for each user session. All web content -- audio, video, text, and graphics -- is then instantly and continuously transformed into a benign, malware-free format and delivered to end user browsers using patent-pending technology developed by Spikes Security. No original web content is ever delivered to endpoint devices.

Web browsers have become the most strategically important application for business, but also the application most vulnerable to cyber attacks because they are permitted to download program code from unknown sources and fully render it inside a secure network. Research conducted with the Ponemon Institute earlier in 2015 revealed that using web browsers cost organizations an average of $5.62M each year. This total includes the cumulative costs associated with detection, prevention, forensics, and remediation of malware attacks directly related to undetectable browser-borne malware. Isla (Spanish for "island") is an innovative solution specifically focused on eliminating all web malware attacks delivered through browsers. 

"Isla is the result of over two years of intense engineering effort to build an enterprise-class solution that is fast, convenient, and powerful, yet makes no compromises on security," explained Branden Spikes, Founder, CEO and CTO of Spikes Security. "Based on early response from customers, we expect Isla to be broadly adopted and designed into enterprise network security architectures. It solves a massive security problem that has plagued organizations for years."

The Isla solution consists of a range of appliances deployed outside the network, which each support a specified range of concurrent, isolated web sessions for users inside the network. Appliances can scale linearly to support any number of users across any number of locations. Users working off premise with corporate-owned or mobile devices can establish a VPN connection through Isla to the Internet, to ensure they are always protected from web malware. The entire web malware isolation system is configured and managed by the Isla Control Center application.

Key features of Isla include:

·  Secure, hardened Linux appliances optimized for high performance, isolated web sessions

·  Private VMs completely isolated from each other, with additional hardware-assisted isolation using Intel-VT processor extensions

·  Isolates all web content, including any potentially malicious content, APTs, zero-day malware, and targeted browser attacks

·  Transparent integration with all modern browsers, including Chrome, Firefox, Explorer, Safari, and the new Microsoft Edge to end user optimal user experience

·  Optional native Isla client viewer that can replace commercial browsers in high security organizations that prefer not to have browsers on endpoint devices

·  Full support for all major browser plug-ins, including Java, Flash, Quicktime, and Adobe Reader

·  Secure viewing of all Word, Excel, PowerPoint, and Adobe files, and secure printing of these files after content is automatically transformed into a benign malware-free format

·  Centralized control by IT of all web file downloads, enabling security teams to apply appropriate policies and content scanning before forwarding to end users

·  Dual web content rendering engines on Isla to ensure optimal web site compatibility

·  Transparent bypass feature allowing desktop browsers direct access to internal web apps and trusted external web sites

·  Centralized management and reporting of multi-site deployments via Isla Control Center


The Isla web malware isolation system has been tested by ICSA Labs, and in their final test report the security of Isla was confirmed: "Throughout the malicious URL testing, network traffic was monitored to confirm that the malicious payload was sent. The Isla system remained unchanged and showed no signs of an attack or infection."

Isla is currently in limited release, with general availability scheduled for later in Q3. Pricing starts at $35,000 for the Isla appliance, plus an annual software license for Control Center and multiple customer support options.

A short video introducing Isla and its key features can be viewed here:   https://youtu.be/_kXQUOmBSVw

About Spikes Security:  Spikes Security is a venture-backed Silicon Valley start-up founded in 2012. The company is focused on delivering secure, scalable, high performance appliance and software solutions that empower businesses with the freedom to safely leverage the web without fear of cyber-attacks. Its flagship offering is a powerful web malware isolation system that prevents all browser-borne malware from entering corporate networks and infecting endpoints, including mobile devices, without requiring installation of any endpoint software. https://spikes.com/index.html

Comments From Industry Analysts:

 

“There are multiple examples of security breaches due to browser-borne malware over the last six months, so organizations really need to take a 'big picture' look at solutions to address these breaches.  ESG research indicates that cybersecurity professionals may be open to a new approach; one that offers a secure, scalable, and high performance solutions that can empower businesses with the freedom to safely use the web without fear of cyber-attacks.  The Isla appliances from Spikes Security may fit this description as they can isolate web content in DMZ-deployed virtual machines, then safely transform content to end users keeping malware away from the user and off the network.”

Jon Oltsik, Senior Principal Analyst, Enterprise Strategy Group (ESG)

 

“Much malware is delivered through web activity, either visiting infected web sites or clicking on links embedded in emails. The increasing sophistication of the malware makes it harder to detect using conventional signature based techniques. The use of isolation technology, such as Spikes Security’s Isla appliance, ensures that web content is transformed prior to being delivered to end-points, so this approach should be of interest to organizations that want to eliminate such attacks.”

Bob Tarzey, Analyst and Director, Quocirca Ltd.

 

"Isla is an elegant solution that should be of great interest in today's mobile enterprise because it can potentially eliminate the web browser as a primary attack vector. The Spikes Security team recognized that virtually every enterprise includes mobile as a key work platform, and that cyber threats don’t respect the traditional security boundaries that enterprises typically rely upon. It’s essential to prevent lateral threat movement from mobile across the enterprise, and Isla lets enterprise employees safely leverage the web using their mobile devices on-premises or remotely - a compelling advantage that can encourage decision makers to rethink their security model.”

Michael Osterman, Osterman Research

 

“Spikes Security is tackling cyber threats head on with Isla. Their isolation appliance approach doesn’t try to detect anything – we’ve seen the declining effectiveness of detection technologies over the last two years. Instead, because Isla assumes everything is bad, it can isolate all web content in VM sessions outside of the firewall, so that no original web code ever has the ability to reach the endpoint and infect those devices."

Richard Stiennon, Lead Analyst, IT-Harvest

 

“The architectural approach that Spikes Security is taking to protect companies against browser-borne threats is significant.  User activity, including tablets and mobile devices, that used to bypass corporate security can now pass through Isla appliances positioned outside the firewall. The fact is that most enterprises underestimate how often they’re attacked through browsing sessions because they are unable to identify the breach until long after it has occurred. Isla makes that a non-issue because security teams can isolate threats on the appliance, orchestrate security scanning of all downloads, and relieve IT from the burden of managing additional endpoint security software.”

Eric Ogren, Security Analyst, Ogren Group.

 

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
lorraine89
50%
50%
lorraine89,
User Rank: Ninja
10/4/2016 | 10:04:58 AM
Cyber security
Well on the same note,  I say somehting must and I repeat must also be releaased with heavly funded apporach for vpn technology as well as there lie severe lack of interest in the field. We have developed programs and anti malware softare but what about securing our IP addresses how would we be able to protect it? I'd say users must start investing in some nice and genuine vpn provider like I have been ppurevpn for 3 years now and it has protected my IP as of now from scams.  
lorraine89
50%
50%
lorraine89,
User Rank: Ninja
10/4/2016 | 10:04:39 AM
Cyber security
Well on the same note,  I say somehting must and I repeat must also be releaased with heavly funded apporach for vpn technology as well as there lie severe lack of interest in the field. We have developed programs and anti malware softare but what about securing our IP addresses how would we be able to protect it? I'd say users must start investing in some nice and genuine vpn provider like I have been ppurevpn for 3 years now and it has protected my IP as of now from scams.  
97% of Americans Can't Ace a Basic Security Test
Steve Zurier, Contributing Writer,  5/20/2019
TeamViewer Admits Breach from 2016
Dark Reading Staff 5/20/2019
How a Manufacturing Firm Recovered from a Devastating Ransomware Attack
Kelly Jackson Higgins, Executive Editor at Dark Reading,  5/20/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Building and Managing an IT Security Operations Program
As cyber threats grow, many organizations are building security operations centers (SOCs) to improve their defenses. In this Tech Digest you will learn tips on how to get the most out of a SOC in your organization - and what to do if you can't afford to build one.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-5798
PUBLISHED: 2019-05-23
Lack of correct bounds checking in Skia in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
CVE-2019-5799
PUBLISHED: 2019-05-23
Incorrect inheritance of a new document's policy in Content Security Policy in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to bypass content security policy via a crafted HTML page.
CVE-2019-5800
PUBLISHED: 2019-05-23
Insufficient policy enforcement in Blink in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to bypass content security policy via a crafted HTML page.
CVE-2019-5801
PUBLISHED: 2019-05-23
Incorrect eliding of URLs in Omnibox in Google Chrome on iOS prior to 73.0.3683.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
CVE-2019-5802
PUBLISHED: 2019-05-23
Incorrect handling of download origins in Navigation in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page.