Island Self-Protection provides secure browsing in challenging environments
Island announced Self-Protection for the Enterprise Browser, delivering a fundamentally new approach and level of security to enterprise work.
Island has introduced the ideal solution for organizations with extremely sensitive data and applications, to ensure safe operation even on devices beyond the organization’s control and traditional protections.
“Our customers are many of the largest and most sophisticated financial, healthcare, industrial, hospitality and technology pioneers in the world,” said Dan Amiga, Island CTO.
“In these environments, we work closely with many of the most sophisticated red teams on Earth leveraging the most advanced techniques at their disposal. This allows us to see first-hand the challenges they face in securing their employees and extended workforce. We have carefully studied the attack landscape, and today we are releasing the industry’s most comprehensive built-in solution protecting the browser against the most sophisticated attacks,” added Amiga.
The Island Enterprise Browser defends itself against the majority of known and unknown web-based and physically-local threats by building in-depth capabilities to protect attack vectors often used to exploit the browser footprint. By introducing the Island Self-Protection, Island can help ensure the safe operation of the browser even within less-than-ideal environments. Island’s Self-Protection includes capabilities to protect in such areas as:
Protection from memory, process and file exploitation: Advanced browser security to prevent exploitation of the installable footprint of the browser. This includes advanced techniques to protect the browser’s memory, process and file footprint from tampering attempts including anti-debugging tactics. Attempts to inject malicious code or tamper with these browser resources triggers an immediate audit and, by policy, enforces browser shutdown mode, thereby defeating the attack and preventing data exfiltration.
Encryption of browser resources: Provisions policy-driven encryption of the browser’s cache, cookies, password vault, and browser storage. This prevents the extraction and reuse of any content from these critical browser data stores.
Protection against network-based attacks: Leverages techniques to detect and prevent man-in-the-middle attacks whether from local unsecured or malicious Wi-Fi, and a broad range of network-based exploits. Upon detection of man-in-the-middle the browser will audit the event and can prevent operation until the interception is removed.
Keystroke logging prevention: Provides advanced capabilities to protect from locally installed software keystroke loggers surreptitiously attempting to capture a user’s keystrokes. By emulating false physical key presses, Island can fill a keystroke logger with garbage data making keystroke captures unusable.
Screen capture prevention: Delivers sophisticated screen capture prevention techniques to protect critical application engagements. When a malicious effort is made to record or capture screens of critical applications, the screens will simply be inaccessible by the screen capture tooling of the malicious actor.
Device integrity controls: Ensures device meets appropriate organizational criteria for accessing critical application footprint. This includes ensuring any existing EPP software or other controls are up-to-date.
Attack surface reduction: Protects critical browser javascript APIs from opportunistic exploitation by removing their availability when engaging untrusted destinations.
Local browser isolation: Governs local mechanics of the browser’s realtime compilation mechanics to isolate them from attempts to inject malicious code into the browser’s operation.
Deep extension protection: Ensures proper extension usage via Island Extension Guard which governs which extensions can be used, which cannot, and how they can be leveraged. This can ensure that a malicious extension cannot be leveraged to exploit critical application resources.
Hardened browser policy: Manages browser capabilities by policy to govern proper use of such core browser elements as developer tools, page source viewing, user settings, and command line interactions.
User safe browsing: In addition to protection of the browser itself, Island protects the end users from the dangers of the Internet by delivering anti-phishing, URL categorization, threat intelligence & malware inspection.
“The innovation within Island Self-Protection represents a fundamentally new approach to how organizations with highly valuable data can think of using the browser as a critical asset within their architecture, and finally begin to stop attacks at the point of impact,” said Mike Fey, Island CEO. “The goal should be to take the victory away from cyber criminals, and we have done just that with Island’s new capabilities to ensure a safe operating experience where other browsers fail to do so.”