SECRET OF CSS

ConcealBrowse isolates malicious software before it can work its mischief


More threat actors are exploiting the browser as an attack vector, largely because it’s becoming a popular way to access corporate applications and resources. As a means to counter browser-borne malicious software—such as Trojans, worms or ransomware—Conceal, an endpoint security company, introduced this week ConcealBrowse.

ConcealBrowse, which supports all popular operating systems, can be planted on an endpoint by a network administrator where it will monitor all code as it runs to determine if it presents a threat to an organization. Suspicious content is run in isolation where, if the software is malicious, any damage it might cause can be contained.

“Any application running on the endpoint is going through our intelligence engine,” Conceal CEO Gordon Lawson tells CSO. “If it’s suspicious or unknown, it’s being pushed to an isolation environment in the cloud. I think that’s transformative because no one has done that sort of isolation technology across the operating systems like we’re doing it.”

Virtual instance adds a layer of protection

Where ConcealBrowse shines is in dealing with code that is suspicious or whose malevolence is unknown. By isolating that code in a virtual instance in the cloud, its ability to have lateral movement and do real damage when it runs is eliminated. If code exhibits malicious behavior, the virtual instance will automatically shut down.

“If malicious code makes it into the organization and a user tries to interact with it, in the worst case, it’s going to be in an offsite, cloud-based, container environment, and it won’t be able to do the damage it would usually have done,” Lawson says. “It’s a way for a company to allow its employees to do what they want on personal email but be assured that when bad things make it through, there’s a layer of protection in the enterprise to prevent negative consequences.”

ConcealBrowse does not change the user experience

According to Conceal, formally known as NetAbstraction, ConcealBrowse does not change an endpoint user’s experience when it’s moving browser sessions in and out of isolation as necessary. “The latency is much better than even Safe Links in Microsoft,” Lawson says. “It’s working very quickly and if something isn’t suspicious, it’ll let it through.”

Copyright © 2022 IDG Communications, Inc.



News Credit

%d bloggers like this: