Invincea Browser Protection Eliminates Web2.0 Security Risks

April 27, 2010 By BobGourley

I’m excited to be part of a great new company called Invincea. They have appointed me to their advisory board along with Bob Flores and Gary McGraw.

So I’d like to take the opportunity to provide you with some background on why Invincea is going to be a game changer in the industry.

Invincea plugs a major entry point of malicious code into the enterprise. It stops web-borne attacks. Most attacks against enterprises come via web browsers. And most of those attacks are things that cannot be stopped by guards and gateways and legacy anti-virus programs. Many web-borne attacks come through very crafty insertion of malicious code in websites, and most of those (71%) come from websites that your enterprise thinks is legit to use but have been hacked, so legacy guards that try to block bad sites with access control lists do nothing to stop them.

Invincea provides a fully-virtualized browser solution that runs your browser in its own virtual environment separate from the desktop operating system. The result: the desktop operating system is protected from all web-borne threats.

From the Invincea website:

Web-borne threats are up 225 percent. Stealth malware lurks within legitimate sites, poised to attack through browsers.

Browser-Based Threats: The majority of today’s Web-based malware attacks enter an organization through the browser. Some are blatant—a user is tricked into downloading and opening a file containing malware that then installs on the PC. However, the greatest threat comes from malware that lurks within legitimate Web and social media sites.

Explosive Proliferation: According to Websense Labs, the number of malicious Web sites grew 225 percent in the second half of 2009, and 71 percent of which are legitimate sites that have been compromised. According to PandaLabs, more than 25 million new strains of malware were created in 2009 – that’s more than all the malware created over the past 20 years combined.

Increasingly Sophisticated Attacks: New strains of Web-based malware utilize stealth installation, also known as Drive-By Downloads, Zero-Day Attacks and Advanced Persistent Threats to exploit flaws in the browser and allow the malicious agent into a PC unbeknownst to the user. Whether blatant or stealth, malware can expose vital business resources and information to untrusted networks via the simple and necessary activity of Web browsing.

Invincea™ Browser Protection enables users to knock out sophisticated Web-borne threats – in real time.

Invincea™ Browser Protection shields PC users against all types of Web-borne threats by seamlessly moving desktop Web browsers into a controlled virtual environment.

Exceptional Protection: Invincea provides a fully isolated browser environment to maximize PC protection. It automatically detects and terminates a threat in real time, disposes of the tainted environment, and restarts a pristine one.

Signature-Free Detection: Unlike other solutions, Invincea does not rely on malware signatures for detection, nor does it rely on users to make correct security decisions. Instead, it automatically identifies malware attacks based on behaviors and actions inside a controlled environment.

Easy to Use & Deploy: The Invincea secure browsing environment has the same look and feel as your unprotected browser, with no difference in use and negligible PC performance impact. Invincea Browser Protection can be easily distributed and updated using your existing desktop management system.

Forensic Intelligence: Invincea captures actual, real-time malware attack details that can be used to bolster other security devices.

If you are concerned with web-borne attacks I hope this grabs your attention. See http://invincea.com for more info. I also recommend you review and consume their blog at http://www.invincea.com/wordpress We are also tracking invincea on our new compatriot site http://ctolabs.com, a place we will talk more about in the future.

More later,
Bob