Nav

The Debut of Invincea: New endpoint protection against malware

One of the things I’ve observed and personally believe regarding computer security: No enterprise will ever be able to fully train users to take the right action regarding computer security. The reason: the threat is too dynamic. Of course we have to try, and one of the marks of maturity for an organization is how successful the organization is at training. But the fact is, at this very moment, some user in your enterprise is probably clicking on something they should not be clicking on.

How could that be?! Lets take note of a couple aspects of the threat here: The threat consists of automated bots that never give up. And those bots are programmed by humans also never give up. Those malicious people are continuously thinking of new ways of trickery. Many threats, especially the most sophisticated ones, have elements of social engineering-hacking (Hacking by Asking, as my friend Bryan Halfpap calls it), which can be very difficult to detect, prevent and respond to.

And, statistically, the biggest pathway into the enterprise for malicious code is something you must arm every employee with: it is their browser. You give them browsers so they can access information and interact with cloud resources. But the browser is where they are tricked into opening links and downloading evil, right past your firewall and into your enterprise.

This seemingly intractable problem resulted in engineering of a solution originally funded by DARPA. The technology has now been commercialized by a company called Invincea (I’m on Invincea’s advisory board).

Here is the short version of the Invincea capability:

Invincea delivers: – Exceptional endpoint protection through full application virtualization; – Behavior-based malware detection; and – Cyber-forensic intelligence
And it does all that while providing a transparent user experience.
The software is unique in its ability to protect enterprise PCs against all types of web-borne threats by moving web browsers—the entry point for most malware—into a virtual environment in a manner that is transparent to users.
With Invincea Browser Protection, businesses and government agencies – Ensure maximum PC uptime, – Reduce costs associated with desktop reconfiguration and recovery; – Protect against zero-day attacks and – Allow users to visit social networking sites without fear of malware.
Some really good context and history of Invincea is on the TechRepublic site:
Invincea Browser Protection: Using the power of virtualization to combat malware
Additionally, I’ve pasted a copy of a recent Invincea press release below:

Invincea™ Marks Company Debut with Security Industry’s

First True Application Virtualization Threat Protection Solution

Invincea Browser Protection insulates enterprise endpoints from malware, web-borne and social media exploits

FAIRFAX, Va., September 13, 2010 – Invincea, Inc., the innovator in application virtualization threat protection, today marked its entrance into the security market with the Invincea™ Browser Protection solution. The software is unique in its ability to protect enterprise PCs against all types of web-borne threats by moving web browsers—the entry point for most malware—into a virtual environment in a manner that is transparent to users. With Invincea Browser Protection, businesses and government agencies ensure maximum PC uptime, reduce costs associated with desktop reconfiguration and recovery, protect against zero-day attacks and allow users to visit social networking sites without being compromised by malware.

“Web-borne threats were up more than two hundred percent in 2009 over the previous year and more than one in ten searches for trending news leads to malware,” said Anup Ghosh, Ph.D., Invincea’s founder and chief scientist. “Malware is increasingly tough to defend against because users are tricked into opening a file from a trusted source, such as a friend or social networking site, that’s been compromised. This presents a tangible threat to businesses because it causes them to lose money in IT support costs, business downtime, damaged reputations and expenses associated with fraud. We created Invincea Browser Protection to offer an entirely new approach to addressing these problems by protecting desktops.”

New endpoint protection against malware, web and social media exploits

Invincea Browser Protection is deployed as a Windows application to desktops to seamlessly virtualize Internet Explorer, while detecting zero-day, web-borne malware threats. Invincea Browser Protection does not alter the familiar browser experience of Internet Explorer, so users don’t need to learn anything new, forego the customized settings and bookmarks that they favor, or stop visiting the social networking sites that are increasingly associated with malware. When in use, Invincea’s software detects and terminates threats in real time, captures detailed forensic intelligence about the malicious activity, disposes of the tainted environment and restarts a pristine one.

Invincea Browser Protection uses a true virtualization approach to run the browser non-natively as a virtual appliance on the user’s desktop. It provides far superior protection over sandboxing solutions, which run the browser natively in the host operating system and do not protect against many types of attacks. Invincea Browser Protection also provides superior protection over firewalls, which allow connections to websites that may be compromised. Because it is behavior-based and does not rely on signatures, Invincea protects the user against threats that defeat anti-virus software, which is inherently reactive, can be disabled by malware and isn’t good at detecting new malicious code variants. Finally, the Invincea solution provides better protection than web gateways that must be instructed on what to block.

“Malware and exploit attacks are increasingly targeted at browsers,” said Diana Kelley, partner and analyst at SecurityCurve. “Perimeter and cloud-based web hygiene solutions are useful, but for complete layered protection, organizations also need non-intrusive ways to protect against browser-borne malware on the host systems themselves.”

DARPA and venture backing, veteran management team

Invincea was originally funded by the Defense Advanced Research Projects Agency (DARPA) to build a prototype of a virtualized web browsing solution. The company then developed its patent-pending technology with George Mason University’s Center for Secure Information Systems. Today Invincea is venture-backed and led by a management team with experience across the security and Internet services industries.

“The technology behind Invincea Browser Protection has been in development for four years and now we’re taking it to the enterprise market, including private and public sectors,” said Jim Geary, Invincea’s CEO. “Feedback from early customers has been outstanding—they’ve quickly become enthusiasts as they’ve explored Invincea Browser Protection for themselves and seen how our software immediately terminates threats that their AV software and web gateways didn’t catch. We’ve got the product, team and first customers in place to rapidly make an impact on the IT security market.”

Go to the Invincea website to view a short demo of how to protect against browser-based attacks, to download the white paper “Web Malware Explosion Requires New Protection Paradigm” or to read the company’s blog.

About Invincea

Invincea delivers exceptional endpoint protection through full application virtualization, behavior-based detection and cyber-forensic intelligence, while providing a transparent user experience. The company, which was founded by Anup Ghosh, Ph.D., to address the rapidly increasing security threat from web-based malware, has commercialized technology built under DARPA funding. The core concepts underlying Invincea’s patent-pending technology were proven effective via years of advanced research with an expert team in the Center for Secure Information Systems at George Mason University. The company is privately held and based in Fairfax, Va. For more information, visit http://www.invincea.com.