The new Invincea Browser Protection automatically separates the browser's activities from the desktop's operating system in a way that's transparent to the end user. The application also runs behavior-based detection via sensors that alert the user about an attack and terminates any malicious activity. It also restores the browser session to a safe and untainted place, according to Invincea.
Invincea executives say the application can stop zero-day, targeted, and man-in-the-browser attacks, as well as advanced persistent threat attacks.
"Typically, when an APT hits, for example, it lodges in the operating system, usually in the kernel, beneath the radar of existing defense. But with Invincea Browser Protection, the threat impacts the isolated layer, but the virtual environment is disposable, so once the infection occurs, the environment is thrown out along with the malware," according to an Invincea whitepaper (PDF) about the technology.
The application also logs forensics intelligence about any attacks. Unlike sandboxing, where the browser runs natively in the host's OS, Invincea Browser Protection runs the browser as a virtual appliance on the desktop. The idea is to take security choices out of the hands of end users and to build in security, according to Invincea execs.
"Perimeter and cloud-based Web hygiene solutions are useful, but for complete layered protection, organizations also need non-intrusive ways to protect against browser-borne malware on the host systems themselves," said Diana Kelley, partner and analyst with SecurityCurve, in a statement.
Browser Protection is priced at $60 per seat, and Invincea offers volume discounts.
Meanwhile, while the initial version of the software is for IE, Invincea plans to later extend its Browser Protection tool to other browser types, including Firefox.
Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.