Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News

1/29/2016
04:00 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Authentic8 Expands Silo Integration with Corporate Network Infrastructure

Secure virtual browser can now seamlessly authenticate with existing enterprise gateway proxies

MOUNTAIN VIEW, CA - January 28, 2016- Authentic8, maker of Silo, the cloud-based secure browser for business, has enhanced its integration with enterprise-class network infrastructure.  Many organizations, especially in highly regulated industries, put rigorous controls around who can access which areas of the Web.  The common approach is to require devices to authenticate and connect to the web through a gateway proxy, giving IT a single choke point to monitor and control web access.

Network traffic from traditional browsers and local applications is controlled via PAC (Proxy Auto-Config) rules that IT has implemented to route web traffic through specific proxies.

However, Silo users don’t run a browser locally or connect to the Internet directly.  Instead, the Silo client connects securely to a remote browser via an alternate port and interacts with the browser via an encrypted display protocol.  In the Silo model, the browser runs on infrastructure outside of the corporate network environment, shifting the attack surface away from the corporate environment area to the cloud.  While this solution creates a perfect insulation layer between the user’s device and the Internet, it bypasses the corporate control infrastructure.

With this release, the Silo Windows client is now PAC file capable, and it can also perform authentication against proxy gateways using Windows domain tokens.  Mac and Linux platform support will follow.

“Our enterprise customers have been asking to integrate these features, pointing to the inherent vulnerability of the traditional browser and the shift by information security teams away from threat identification to isolation,” said Ramesh Rajagopal, co-founder and Head of Product at Authentic8.  “Some of the most sophisticated organizations in the world with the most crucial information security requirements are adopting Silo, and we need to fit with their existing infrastructure.”

Seamless access to existing network infrastructure can also, depending on the proxy platform, allow URLs clicked in a local environment to render within Silo.  The Silo client registers itself with the local system as a handler for any URL encoded with an A8:// prefix. With proxy capability to re-write URLs on the fly, a common feature supported in leading platforms, users can have website content automatically render within Silo.  

While Silo is a secure and private browsing environment, organizations still need to ensure that their users maintain compliance with corporate policies.  Authentic8 can be configured to restrict access to particular websites, control data transfer and to store detailed log data on device access details, site activity and content posted to forms.  This log data is encrypted with a customer-supplied encryption key and can be extracted via authenticated API for decryption.

These features are available immediately, and at no additional cost, as part of Silo. Supported network proxy architectures include popular open source solutions, such as Squid, and mainstream commercial vendors, such as Websense, Bluecoat, and Zscaler and other platforms that support kerberos and NTLM.

 

About Authentic8
Founded in 2010 by principals from Postini, Authentic8 is redefining how the browser is used to access sensitive web data. Silo, our flagship product, is a cloud-based secure browser. Silo secures access to sensitive sites, creating an insulation layer between the computer and the web service. Silo helps manage login credentials, access controls and data use policies. Silo is built fresh at session start, and destroyed at session end, ensuring that users remain secure, compliant, and anonymous online. Try Silo risk free at www.authentic8.com.

All trademarks are the property of their respective owners.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Why Cyber-Risk Is a C-Suite Issue
Marc Wilczek, Digital Strategist & CIO Advisor,  11/12/2019
6 Small-Business Password Managers
Curtis Franklin Jr., Senior Editor at Dark Reading,  11/8/2019
Unreasonable Security Best Practices vs. Good Risk Management
Jack Freund, Director, Risk Science at RiskLens,  11/13/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Navigating the Deluge of Security Data
In this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-18885
PUBLISHED: 2019-11-14
fs/btrfs/volumes.c in the Linux kernel before 5.1 allows a btrfs_verify_dev_extents NULL pointer dereference via a crafted btrfs image because fs_devices->devices is mishandled within find_device, aka CID-09ba3bc9dd15.
CVE-2019-18895
PUBLISHED: 2019-11-14
Scanguard through 2019-11-12 on Windows has Insecure Permissions for the installation directory, leading to privilege escalation via a Trojan horse executable file.
CVE-2019-18957
PUBLISHED: 2019-11-14
Microstrategy Library in MicroStrategy before 2019 before 11.1.3 has reflected XSS.
CVE-2019-16863
PUBLISHED: 2019-11-14
STMicroelectronics ST33TPHF2ESPI TPM devices before 2019-09-12 allow attackers to extract the ECDSA private key via a side-channel timing attack because ECDSA scalar multiplication is mishandled, aka TPM-FAIL.
CVE-2019-18949
PUBLISHED: 2019-11-14
SnowHaze before 2.6.6 is sometimes too late to honor a per-site JavaScript blocking setting, which leads to unintended JavaScript execution via a chain of webpage redirections targeted to the user's browser configuration.