SlideShare a Scribd company logo

Browser isolation (isc)2 may presentation v2

Wen-Pai Lu, profile picture
Wen-Pai Lu

The document discusses the vulnerabilities and risks associated with web-based attacks, particularly phishing and malicious websites, while proposing browser isolation as an effective method for breach protection. It details the distinction between client-side and server-side browser isolation and outlines the benefits and challenges of implementing such solutions. With a growing adoption rate from 1% in 2017 to 25% in 2022, browser isolation can significantly reduce the impact of web-based attacks on enterprises.

Technology
1 of 41
1
2
Most read
3
4
5
6
7
8
9
10
11
12
13
14
Most read
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
Zero-Trust Breach Protection Browser Isolation 1 Wen-Pai Lu May 14, 2019 (ISC)2 Silicon Valley Chapter
Contents • The Problems? – Phishing, Malicious Web Sites, Threat injections • Current available solutions • What is Browser Isolation? • Two types of Browser Isolation – Client side – Server Side • Current players • Issues & Challenges 2
It starts with the Wild Wild Internet 3
Update Your Official Record
Phishing Example – Services Restart your membership Suspended Account
Phishing Examples – Bank Account 6
Phishing Examples – Unexpected Refunds and Payment 7
Spear-Phishing Examples Sent “From” Recipient’s Bank Sent “From” Recipient’s CFO 8
Spear-Phishing Examples From Recipient CEO 9
How to Id Phishing 10
Malicious Websites and Drive-by Download • Suspicious Domain on the Internet from isc.sans.org* – Malware Domain List.com – Domain Blocklist From Malwaredomains – Abuse.ch Ransomware Domain Blocklist – Threatexpert.com Malicious URLs – Virustotal Domains – Zeus Command And Control Server from Abuse.ch • Malware Domain List – https://www.malwaredomainlist.com/ • Drive-by Download – concerning the unintended download of computer software from the Internet [wiki] – Downloads which a person has authorized but without understanding the consequences (e.g. downloads which install an unknown or counterfeit executable program, ActiveX component, or Java applet) automatically. – Any download that happens without a person's knowledge, often a computer virus * https://isc.sans.edu/suspicious_domains.html 11
The Data say … 12
Breaches • 2014 Yahoo had at least 500 million user accounts were affected • 2015, Office of Personnel Management (OPM) had experienced two separate incidents that affected 22 million personnel files • 2017, Equifax and 2018, Marriott • Cyber crime will cost the world $6 trillion annually by 2021, from $3 trillion in 2015* • In 2018, average cost of a data breach is $3.86 million, up 3.86% from 2017§ – Mean time to identify a breach in 2018 was 197 days – Meantime to contain a breach in 2018 was 69 days • Average cost for each lost record rose from $141 to $148 in 2018 Cost of Data Breach Study • From 2009 to 2018, the total number of malware incidents grew from 12.4 million to 812.67 million • Number of crypto malware incident remained < 1 million in 2017, but skyrocketed to 5.5 million in 2018 • Worldwide spending on information security products and services was at 86.4 billion in 2017, up 7% over 2016 (Gartner Report) * 2017 Annual Cybercrime Report from Cybersecurity Ventures § 2018 Data Breach Study by Ponemon Institute, 13 https://www.bloomberg.com/graphics/corporate-hacks-cyber-attacks/
14 https://www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/ World’s Biggest Data Breaches & Hacks
15 from the user's physical desktop and enterprise network, any attacks on the remote browser session are constrained in their ability to cause damage. Every browser session is isolated and treated as if it might have been compromised and, ideally, every session is reset back to a known good state from immutable templates when completed. The very act of users browsing the internet and clicking on URL links opens the enterprise to significant risk. Symantec's  2017 Internet Threat Report (https://www.symantec.com/security-center/threat-report) found that an average of 2.4 new browser vulnerabilities are discovered per day, and its labs detected an average of 229,000 web-based attacks per day. In the Kaspersky Security Bulletin: Overall Statistics for 2017 report, 1 browser-based exploits still represented the bulk of exploits used in cyberattacks (see Figure 2). Figure 2. Distribution of Exploits Used in Cyberattacks, by Type of Application Attacked, November 2016 to October 2017 Source: Adapted from Kaspersky Lab Attacking through the browser is too easy, and the targets are too rich. Depending on the nature of the underlying vulnerability What Symantec 2017 Internet Threat Report: • An average of 2.4 new browser vulnerabilities are discovered per day • An average of 229,000 web-based attacks per day • 76% of all websites contain a critical vulnerability Kaspersky Lab
It’s all Because of … 16
17
18
What Can We Do? 19
Provide Protection • Perimeter-based – Firewall – Secure Web Gateway – Web Application Firewall – Signature-based Malware Scanning – AI/ML • Endpoints – Anti-Virus – Malware Detection – Agent-based – Device Control – Endpoint intelligent – Asset Management – Compliance 20
Do they works? May be… • Agent-based software • Scale – # of endpoints – Platform manageability and scalability • Resources – Resource-intensive platform productivity • Accuracy and Efficacy – Detection rate – False positive • Administration and Deployment – Large enterprises – Small business • Can’t effectively protect 21
So… What is the Alternative? 22
23
Security Through Physical Isolation 24 Internet Enterprise Air Gapping
We Know that … • Web-based attacks prevention is the goals but difficult to achieve • Perfect prevention of breaches is not possible. Strategy must be the isolation and containment of an attacker’s ability to do damage • Browser-based attacks are primary threat vector • Vulnerable browser and plug-ins are easy targets • It is never good enough no matter how good we do patching and attacks blocking • Need to acknowledge and accept some attacks will succeed no matter what we do • Should focus on contain attackers’ ability to cause damage and reduce attack surface 25
Browser Isolation Concept
The Browser Isolation Provides … • Using browser isolation can separate end user internet browsing session from enterprises endpoints and networks • Browser isolation can dramatically reduce web-based attacks • An air-gap between the device and the browser • Detach web browser from the endpoint. • Software to secure endpoints by providing end-users with virtual, abstracted web browser • Protection from intrusion or malware injection, only browsers, not devices, are infected • Zero Trust Framework 27
Browser Isolation Types 28
29
Client-Based Browser Isolation • Actual isolation on the user local machine • Create new virtual instance in the client • Local hypervisor • Advantages – No need additional server – Leverage local machine computing resources • Problem – Physical isolation? – Potentially break out the virtual instance 30
31 Internet Content Rendered Into stream of pixels Back to devices Attacks isolated HTML5, Web Apps Email, PDF, DOC JavaScript, WebApps Browser Servers Out-of-band Attacks
Server-based Browser Isolation • Isolation on remote machines • New virtual instance created for each session • VM or container based • Advantages – Better Isolation – No Agent software installed – Can implement without any changes • Problem – Need appliance/server – Bandwidth 32
The Players 33
Current List of Players • Apozy • Appsulate • Authentic8 Silo • Bromium • Cigloo • Crusoe Isolation Platform • Cyberinc Isla • Cyberwall • Ericom Shield • Garrison • Light Point Web • Menlo Security • Ntrepid Passages • ProofPoint • Randed Isolation Technology (RITech) • Symantec Web Isolation (acquired FireGlass) • WebGap 34
Benefits and Challenges 35
Benefits • Completely isolated browser activities and the devices • Agentless implementation – in server-based • Breaches in the browser do not affect devices • Protect from unpatched browsers and plug-ins • Effectively web-based cyber attacks and malware protection • Browser session reset to a known good state after use • Centralize policy management • Additional security functions with SWG, WAF, etc. 36
Challenges • Latency • Performance • Bandwidth • Scalability & high availability • Cloud-based vs. on-prem • Seamless experiences • Some browser capabilities may be limited (cut/paste) • Mobile devices 37
Browser Isolation Services Internet Cloud Browser Services DMZ On-prem Appliance Content Rendered Into stream of pixels Attacks isolated HTML5, Web Apps Email, PDF, DOC JavaScript, WebApps 38
Summary • Provide alternative for isolating and containing attackers’ ability to damage • Reduce of web-based attack impact and breach prevention • Eliminate the persistent of undetected and stealthy attacks • Isolated user activities from Internet attacks • Current adoption rate is 1% in 2017 to 25% in 2022* • Organization can experiences 70% reduction in attacks that compromised end-user systems* • Still have some challenges. Plan carefully. • Start with high-risk user groups (financial, etc.) 39 * March 2018 Gartner Report on Remote Browser Isolation
40
41

More Related Content

PPTX
DVWA(Damn Vulnerabilities Web Application)
Soham Kansodaria
 
PDF
AWS Pentesting
MichaelRodriguesdosS1
 
PPTX
SQL INJECTION
Mentorcs
 
PDF
Sql Injection - Vulnerability and Security
Sandip Chaudhari
 
PDF
Web security uploadv1
Setia Juli Irzal Ismail
 
PPT
Sql injection attack
RajKumar Rampelli
 
PPT
Pentesting Using Burp Suite
jasonhaddix
 
PPTX
Owasp zap
penetration Tester
 
DVWA(Damn Vulnerabilities Web Application)
Soham Kansodaria
 
AWS Pentesting
MichaelRodriguesdosS1
 
SQL INJECTION
Mentorcs
 
Sql Injection - Vulnerability and Security
Sandip Chaudhari
 
Web security uploadv1
Setia Juli Irzal Ismail
 
Sql injection attack
RajKumar Rampelli
 
Pentesting Using Burp Suite
jasonhaddix
 
Owasp zap
penetration Tester
 

What's hot (20)

PPTX
Cross Site Scripting ( XSS)
Amit Tyagi
 
PPTX
OWASP TOP 10 VULNERABILITIS
Null Bhubaneswar
 
PPTX
The OWASP Zed Attack Proxy
Aditya Gupta
 
PPTX
Sql injection in cybersecurity
Sanad Bhowmik
 
PPT
Security Testing
Kiran Kumar
 
PPTX
Cross Site Scripting: Prevention and Detection(XSS)
Aman Singh
 
PPTX
Ppt on sql injection
ashish20012
 
PPTX
Command injection
penetration Tester
 
PPTX
Sql injections - with example
Prateek Chauhan
 
PPTX
Cross site scripting
kinish kumar
 
PPT
A Brief Introduction in SQL Injection
Sina Manavi
 
PPTX
Learn to pen-test with OWASP ZAP
Paul Ionescu
 
PPTX
Network scanning
oceanofwebs
 
PDF
OWASP Top 10 Web Application Vulnerabilities
Software Guru
 
PPTX
Google Dorks
Adhoura Academy
 
PDF
Cross site scripting
n|u - The Open Security Community
 
PPT
SQL Injection
Adhoura Academy
 
PPTX
SQL Injection
Asish Kumar Rath
 
PPT
Source Code Analysis with SAST
Blueinfy Solutions
 
PPTX
Scanning and Enumeration in Cyber Security.pptx
MahdiHasanSowrav
 
Cross Site Scripting ( XSS)
Amit Tyagi
 
OWASP TOP 10 VULNERABILITIS
Null Bhubaneswar
 
The OWASP Zed Attack Proxy
Aditya Gupta
 
Sql injection in cybersecurity
Sanad Bhowmik
 
Security Testing
Kiran Kumar
 
Cross Site Scripting: Prevention and Detection(XSS)
Aman Singh
 
Ppt on sql injection
ashish20012
 
Command injection
penetration Tester
 
Sql injections - with example
Prateek Chauhan
 
Cross site scripting
kinish kumar
 
A Brief Introduction in SQL Injection
Sina Manavi
 
Learn to pen-test with OWASP ZAP
Paul Ionescu
 
Network scanning
oceanofwebs
 
OWASP Top 10 Web Application Vulnerabilities
Software Guru
 
Google Dorks
Adhoura Academy
 
Cross site scripting
n|u - The Open Security Community
 
SQL Injection
Adhoura Academy
 
SQL Injection
Asish Kumar Rath
 
Source Code Analysis with SAST
Blueinfy Solutions
 
Scanning and Enumeration in Cyber Security.pptx
MahdiHasanSowrav
 
Ad

Similar to Browser isolation (isc)2 may presentation v2 (20)

PPTX
Real Business Threats!
Rochester Security Summit
 
PDF
Spikes Security Isla Isolation
Cybryx
 
PPTX
220715_Cybersecurity: What's at stake?
Spire Research and Consulting
 
PPTX
A Closer Look at Isolation: Hype or Next Gen Security?
MenloSecurity
 
PDF
Web Security Field Guide 1st Edition Steve Kalman
djahelboabas
 
PDF
Web Security Field Guide 1st Edition Steve Kalman
onateullumfs
 
PDF
The state of web applications (in)security @ ITDays 2016
Tudor Damian
 
PDF
Stopping zero day threats
Zscaler
 
PDF
Websense security prediction 2014
Bee_Ware
 
PDF
Advanced security - Seccom Global
Kim Tu
 
PPT
Trends in network security feinstein - informatica64
Chema Alonso
 
PPTX
Cyber Attacks and Defences - JNTUH,Cyber Attacks and Defences
NiharikaGuptas
 
PDF
Symantec Internet Security Threat Report Volume 2015
Waqas Amir
 
PDF
Symantec Website Threat Report Part-1 2015
RapidSSLOnline.com
 
PDF
Watch Guard Reputation Enabled Defense (White Paper)Dna
SylCotter
 
PDF
Blockade.io : One Click Browser Defense
RiskIQ, Inc.
 
PPTX
SOPHOS presentation used during the SWITCHPOINT NV/SA Quarterly Experience Da...
SWITCHPOINT NV/SA
 
PDF
Insecure magazine - 52
Felipe Prado
 
PDF
IBM X-Force Threat Intelligence Index 2017
Jie Liau
 
PPTX
7 mike-steenberg-carlos-lopera-us-bank
shreemala1
 
Real Business Threats!
Rochester Security Summit
 
Spikes Security Isla Isolation
Cybryx
 
220715_Cybersecurity: What's at stake?
Spire Research and Consulting
 
A Closer Look at Isolation: Hype or Next Gen Security?
MenloSecurity
 
Web Security Field Guide 1st Edition Steve Kalman
djahelboabas
 
Web Security Field Guide 1st Edition Steve Kalman
onateullumfs
 
The state of web applications (in)security @ ITDays 2016
Tudor Damian
 
Stopping zero day threats
Zscaler
 
Websense security prediction 2014
Bee_Ware
 
Advanced security - Seccom Global
Kim Tu
 
Trends in network security feinstein - informatica64
Chema Alonso
 
Cyber Attacks and Defences - JNTUH,Cyber Attacks and Defences
NiharikaGuptas
 
Symantec Internet Security Threat Report Volume 2015
Waqas Amir
 
Symantec Website Threat Report Part-1 2015
RapidSSLOnline.com
 
Watch Guard Reputation Enabled Defense (White Paper)Dna
SylCotter
 
Blockade.io : One Click Browser Defense
RiskIQ, Inc.
 
SOPHOS presentation used during the SWITCHPOINT NV/SA Quarterly Experience Da...
SWITCHPOINT NV/SA
 
Insecure magazine - 52
Felipe Prado
 
IBM X-Force Threat Intelligence Index 2017
Jie Liau
 
7 mike-steenberg-carlos-lopera-us-bank
shreemala1
 
Ad

Recently uploaded (20)

PDF
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 
PDF
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
PDF
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...
SOFTTECHHUB
 
PPTX
Big Data Technologies - Introduction.pptx
kuthubussaman1
 
PDF
Encapsulation theory and applications.pdf
gurumoop
 
PPTX
20250228 LYD VKU AI Blended-Learning.pptx
DatVoNgoc
 
PDF
Approach and Philosophy of On baking technology
30anthuong17
 
PDF
Reach Out and Touch Someone: Haptics and Empathic Computing
Mark Billinghurst
 
PDF
Building Integrated photovoltaic BIPV_UPV.pdf
SandeepSingh286037
 
PDF
Advanced methodologies resolving dimensionality complications for autism neur...
IAESIJAI
 
PPTX
Effective Security Operations Center (SOC) A Modern, Strategic, and Threat-In...
ReZa AdineH
 
PPT
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
PPTX
sap open course for s4hana steps from ECC to s4
sreeni2106invites
 
PDF
MIND Revenue Release Quarter 2 2025 Press Release
MIND CTI
 
PPTX
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 
PDF
Profit Center Accounting in SAP S/4HANA, S4F28 Col11
Libreria ERP
 
PPTX
ACSFv1EN-58255 AWS Academy Cloud Security Foundations.pptx
23bcla24
 
PPTX
MYSQL Presentation for SQL database connectivity
Swati270511
 
PDF
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
PPTX
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...
SOFTTECHHUB
 
Big Data Technologies - Introduction.pptx
kuthubussaman1
 
Encapsulation theory and applications.pdf
gurumoop
 
20250228 LYD VKU AI Blended-Learning.pptx
DatVoNgoc
 
Approach and Philosophy of On baking technology
30anthuong17
 
Reach Out and Touch Someone: Haptics and Empathic Computing
Mark Billinghurst
 
Building Integrated photovoltaic BIPV_UPV.pdf
SandeepSingh286037
 
Advanced methodologies resolving dimensionality complications for autism neur...
IAESIJAI
 
Effective Security Operations Center (SOC) A Modern, Strategic, and Threat-In...
ReZa AdineH
 
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
sap open course for s4hana steps from ECC to s4
sreeni2106invites
 
MIND Revenue Release Quarter 2 2025 Press Release
MIND CTI
 
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 
Profit Center Accounting in SAP S/4HANA, S4F28 Col11
Libreria ERP
 
ACSFv1EN-58255 AWS Academy Cloud Security Foundations.pptx
23bcla24
 
MYSQL Presentation for SQL database connectivity
Swati270511
 
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 

Browser isolation (isc)2 may presentation v2

  • 1. Zero-Trust Breach Protection Browser Isolation 1 Wen-Pai Lu May 14, 2019 (ISC)2 Silicon Valley Chapter
  • 2. Contents • The Problems? – Phishing, Malicious Web Sites, Threat injections • Current available solutions • What is Browser Isolation? • Two types of Browser Isolation – Client side – Server Side • Current players • Issues & Challenges 2
  • 3. It starts with the Wild Wild Internet 3
  • 5. Phishing Example – Services Restart your membership Suspended Account
  • 6. Phishing Examples – Bank Account 6
  • 7. Phishing Examples – Unexpected Refunds and Payment 7
  • 8. Spear-Phishing Examples Sent “From” Recipient’s Bank Sent “From” Recipient’s CFO 8
  • 10. How to Id Phishing 10
  • 11. Malicious Websites and Drive-by Download • Suspicious Domain on the Internet from isc.sans.org* – Malware Domain List.com – Domain Blocklist From Malwaredomains – Abuse.ch Ransomware Domain Blocklist – Threatexpert.com Malicious URLs – Virustotal Domains – Zeus Command And Control Server from Abuse.ch • Malware Domain List – https://www.malwaredomainlist.com/ • Drive-by Download – concerning the unintended download of computer software from the Internet [wiki] – Downloads which a person has authorized but without understanding the consequences (e.g. downloads which install an unknown or counterfeit executable program, ActiveX component, or Java applet) automatically. – Any download that happens without a person's knowledge, often a computer virus * https://isc.sans.edu/suspicious_domains.html 11
  • 12. The Data say … 12
  • 13. Breaches • 2014 Yahoo had at least 500 million user accounts were affected • 2015, Office of Personnel Management (OPM) had experienced two separate incidents that affected 22 million personnel files • 2017, Equifax and 2018, Marriott • Cyber crime will cost the world $6 trillion annually by 2021, from $3 trillion in 2015* • In 2018, average cost of a data breach is $3.86 million, up 3.86% from 2017§ – Mean time to identify a breach in 2018 was 197 days – Meantime to contain a breach in 2018 was 69 days • Average cost for each lost record rose from $141 to $148 in 2018 Cost of Data Breach Study • From 2009 to 2018, the total number of malware incidents grew from 12.4 million to 812.67 million • Number of crypto malware incident remained < 1 million in 2017, but skyrocketed to 5.5 million in 2018 • Worldwide spending on information security products and services was at 86.4 billion in 2017, up 7% over 2016 (Gartner Report) * 2017 Annual Cybercrime Report from Cybersecurity Ventures § 2018 Data Breach Study by Ponemon Institute, 13 https://www.bloomberg.com/graphics/corporate-hacks-cyber-attacks/
  • 15. 15 from the user's physical desktop and enterprise network, any attacks on the remote browser session are constrained in their ability to cause damage. Every browser session is isolated and treated as if it might have been compromised and, ideally, every session is reset back to a known good state from immutable templates when completed. The very act of users browsing the internet and clicking on URL links opens the enterprise to significant risk. Symantec's  2017 Internet Threat Report (https://www.symantec.com/security-center/threat-report) found that an average of 2.4 new browser vulnerabilities are discovered per day, and its labs detected an average of 229,000 web-based attacks per day. In the Kaspersky Security Bulletin: Overall Statistics for 2017 report, 1 browser-based exploits still represented the bulk of exploits used in cyberattacks (see Figure 2). Figure 2. Distribution of Exploits Used in Cyberattacks, by Type of Application Attacked, November 2016 to October 2017 Source: Adapted from Kaspersky Lab Attacking through the browser is too easy, and the targets are too rich. Depending on the nature of the underlying vulnerability What Symantec 2017 Internet Threat Report: • An average of 2.4 new browser vulnerabilities are discovered per day • An average of 229,000 web-based attacks per day • 76% of all websites contain a critical vulnerability Kaspersky Lab
  • 16. It’s all Because of … 16
  • 17. 17
  • 18. 18
  • 19. What Can We Do? 19
  • 20. Provide Protection • Perimeter-based – Firewall – Secure Web Gateway – Web Application Firewall – Signature-based Malware Scanning – AI/ML • Endpoints – Anti-Virus – Malware Detection – Agent-based – Device Control – Endpoint intelligent – Asset Management – Compliance 20
  • 21. Do they works? May be… • Agent-based software • Scale – # of endpoints – Platform manageability and scalability • Resources – Resource-intensive platform productivity • Accuracy and Efficacy – Detection rate – False positive • Administration and Deployment – Large enterprises – Small business • Can’t effectively protect 21
  • 22. So… What is the Alternative? 22
  • 23. 23
  • 24. Security Through Physical Isolation 24 Internet Enterprise Air Gapping
  • 25. We Know that … • Web-based attacks prevention is the goals but difficult to achieve • Perfect prevention of breaches is not possible. Strategy must be the isolation and containment of an attacker’s ability to do damage • Browser-based attacks are primary threat vector • Vulnerable browser and plug-ins are easy targets • It is never good enough no matter how good we do patching and attacks blocking • Need to acknowledge and accept some attacks will succeed no matter what we do • Should focus on contain attackers’ ability to cause damage and reduce attack surface 25
  • 27. The Browser Isolation Provides … • Using browser isolation can separate end user internet browsing session from enterprises endpoints and networks • Browser isolation can dramatically reduce web-based attacks • An air-gap between the device and the browser • Detach web browser from the endpoint. • Software to secure endpoints by providing end-users with virtual, abstracted web browser • Protection from intrusion or malware injection, only browsers, not devices, are infected • Zero Trust Framework 27
  • 29. 29
  • 30. Client-Based Browser Isolation • Actual isolation on the user local machine • Create new virtual instance in the client • Local hypervisor • Advantages – No need additional server – Leverage local machine computing resources • Problem – Physical isolation? – Potentially break out the virtual instance 30
  • 32. Server-based Browser Isolation • Isolation on remote machines • New virtual instance created for each session • VM or container based • Advantages – Better Isolation – No Agent software installed – Can implement without any changes • Problem – Need appliance/server – Bandwidth 32
  • 34. Current List of Players • Apozy • Appsulate • Authentic8 Silo • Bromium • Cigloo • Crusoe Isolation Platform • Cyberinc Isla • Cyberwall • Ericom Shield • Garrison • Light Point Web • Menlo Security • Ntrepid Passages • ProofPoint • Randed Isolation Technology (RITech) • Symantec Web Isolation (acquired FireGlass) • WebGap 34
  • 36. Benefits • Completely isolated browser activities and the devices • Agentless implementation – in server-based • Breaches in the browser do not affect devices • Protect from unpatched browsers and plug-ins • Effectively web-based cyber attacks and malware protection • Browser session reset to a known good state after use • Centralize policy management • Additional security functions with SWG, WAF, etc. 36
  • 37. Challenges • Latency • Performance • Bandwidth • Scalability & high availability • Cloud-based vs. on-prem • Seamless experiences • Some browser capabilities may be limited (cut/paste) • Mobile devices 37
  • 39. Summary • Provide alternative for isolating and containing attackers’ ability to damage • Reduce of web-based attack impact and breach prevention • Eliminate the persistent of undetected and stealthy attacks • Isolated user activities from Internet attacks • Current adoption rate is 1% in 2017 to 25% in 2022* • Organization can experiences 70% reduction in attacks that compromised end-user systems* • Still have some challenges. Plan carefully. • Start with high-risk user groups (financial, etc.) 39 * March 2018 Gartner Report on Remote Browser Isolation
  • 40. 40
  • 41. 41