Shields Windows machine from Web-borne attacks
September 13, 2010
Invincea, a security firm originally funded by the Defense Advanced Research Projects Agency (DARPA) to build a prototype virtualized browser, today rolled out a Windows application that places Internet Explorer (IE) into a virtual environment in order to protect the underlying system from Web-based attacks.
The new Invincea Browser Protection automatically separates the browser's activities from the desktop's operating system in a way that's transparent to the end user. The application also runs behavior-based detection via sensors that alert the user about an attack and terminates any malicious activity. It also restores the browser session to a safe and untainted place, according to Invincea.
Invincea executives say the application can stop zero-day, targeted, and man-in-the-browser attacks, as well as advanced persistent threat attacks.
"Typically, when an APT hits, for example, it lodges in the operating system, usually in the kernel, beneath the radar of existing defense. But with Invincea Browser Protection, the threat impacts the isolated layer, but the virtual environment is disposable, so once the infection occurs, the environment is thrown out along with the malware," according to an Invincea whitepaper (PDF) about the technology.
The application also logs forensics intelligence about any attacks. Unlike sandboxing, where the browser runs natively in the host's OS, Invincea Browser Protection runs the browser as a virtual appliance on the desktop. The idea is to take security choices out of the hands of end users and to build in security, according to Invincea execs.
"Perimeter and cloud-based Web hygiene solutions are useful, but for complete layered protection, organizations also need non-intrusive ways to protect against browser-borne malware on the host systems themselves," said Diana Kelley, partner and analyst with SecurityCurve, in a statement.
Browser Protection is priced at $60 per seat, and Invincea offers volume discounts.
Meanwhile, while the initial version of the software is for IE, Invincea plans to later extend its Browser Protection tool to other browser types, including Firefox.
Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.
About the Author(s)
You May Also Like
Securing Code in the Age of AI
April 24, 2024Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024Where and Why Threat Intelligence Makes Sense for Your Enterprise Security Strategy
May 15, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024