SlideShare a Scribd company logo

Secure browsers

Download as PPTX, PDF
David Strom
David Strom

This is a talk at St. Louis Secure World conference, Sept 2014 http://www.secureworldexpo.com/st-louis/home

Technology
1 of 20
Secure Browsers SecureWorld St. Louis 9/14 David Strom, @dstrom
NSS Labs Secure Browser Report
Certainly you can turn up these security settings • Block pop-ups • Increase your privacy controls • Refuse tracking cookies • And so forth
Secure browsers type A: sandbox
Secure browsers type B: lockdown
My testbed • Qualys browsercheck • Ip-secrets.com for browser agent info • Html5test.com for specifics on that • Download sample PDF and Eicar test .EXE file • Malwaredomainlist.com for fun • Added a few phished emails to see what happens
http://www.networkworld.com/art icle/2175897/securityecure-browsers- offer-alternatives-to-chrom/ security/secure-browsers-offer- alternatives-to-chrome--ie-and- firefox.html

Recommended

Browser Security
Browser SecurityBrowser Security
Browser SecurityRoberto Suggi Liverani
 
Keeping the customer in mind: a lesson for Telco's
Keeping the customer in mind: a lesson for Telco'sKeeping the customer in mind: a lesson for Telco's
Keeping the customer in mind: a lesson for Telco'sDavid Strom
 
Social Media Research at Comms Service Providers
Social Media Research at Comms Service ProvidersSocial Media Research at Comms Service Providers
Social Media Research at Comms Service ProvidersDavid Strom
 
Notable Twitter fails
Notable Twitter failsNotable Twitter fails
Notable Twitter failsDavid Strom
 
Big data analytics
Big data analyticsBig data analytics
Big data analyticsDavid Strom
 
How to make the move towards hybrid cloud computing
How to make the move towards hybrid cloud computingHow to make the move towards hybrid cloud computing
How to make the move towards hybrid cloud computingDavid Strom
 
Dell social media
Dell social mediaDell social media
Dell social mediaDavid Strom
 
Using OpenStack to Control VM Chaos
Using OpenStack to Control VM ChaosUsing OpenStack to Control VM Chaos
Using OpenStack to Control VM ChaosDavid Strom
 

Recommended

Browser Security
Browser SecurityBrowser Security
Browser SecurityRoberto Suggi Liverani
 
Keeping the customer in mind: a lesson for Telco's
Keeping the customer in mind: a lesson for Telco'sKeeping the customer in mind: a lesson for Telco's
Keeping the customer in mind: a lesson for Telco'sDavid Strom
 
Social Media Research at Comms Service Providers
Social Media Research at Comms Service ProvidersSocial Media Research at Comms Service Providers
Social Media Research at Comms Service ProvidersDavid Strom
 
Notable Twitter fails
Notable Twitter failsNotable Twitter fails
Notable Twitter failsDavid Strom
 
Big data analytics
Big data analyticsBig data analytics
Big data analyticsDavid Strom
 
How to make the move towards hybrid cloud computing
How to make the move towards hybrid cloud computingHow to make the move towards hybrid cloud computing
How to make the move towards hybrid cloud computingDavid Strom
 
Dell social media
Dell social mediaDell social media
Dell social mediaDavid Strom
 
Using OpenStack to Control VM Chaos
Using OpenStack to Control VM ChaosUsing OpenStack to Control VM Chaos
Using OpenStack to Control VM ChaosDavid Strom
 
Advanced Firewalls Progress Report
Advanced Firewalls Progress ReportAdvanced Firewalls Progress Report
Advanced Firewalls Progress ReportDavid Strom Inc.
 
WIndows 7 Migration tools for Nashville AITP
WIndows 7 Migration tools for Nashville AITPWIndows 7 Migration tools for Nashville AITP
WIndows 7 Migration tools for Nashville AITPDavid Strom
 
Picking the right Single Sign On Tool to protect your network
Picking the right Single Sign On Tool to protect your networkPicking the right Single Sign On Tool to protect your network
Picking the right Single Sign On Tool to protect your networkDavid Strom
 
Listen to Your Customers: How IT Can Provide Better Support
Listen to Your Customers: How IT Can Provide Better SupportListen to Your Customers: How IT Can Provide Better Support
Listen to Your Customers: How IT Can Provide Better SupportDavid Strom
 
Trusteer Rapport – Browser Security - How It Works
Trusteer Rapport – Browser Security - How It WorksTrusteer Rapport – Browser Security - How It Works
Trusteer Rapport – Browser Security - How It Workstrusteer
 
Web browser privacy and security
Web browser privacy and security Web browser privacy and security
Web browser privacy and security amiable_indian
 
Web Browser Security - 2016 Comparative Test Results
Web Browser Security - 2016 Comparative Test ResultsWeb Browser Security - 2016 Comparative Test Results
Web Browser Security - 2016 Comparative Test ResultsNSS Labs
 
Security-Web Vulnerabilities-Browser Attacks
Security-Web Vulnerabilities-Browser AttacksSecurity-Web Vulnerabilities-Browser Attacks
Security-Web Vulnerabilities-Browser AttacksRaghu Addanki
 
Research on Web Browsers ppt
Research on Web Browsers pptResearch on Web Browsers ppt
Research on Web Browsers pptSagar Agarwal
 
Web browser(pp ts)
Web browser(pp ts)Web browser(pp ts)
Web browser(pp ts)darpan1118
 
Web browser
Web browserWeb browser
Web browserHardik Kakadiya
 
Web Browsers
Web BrowsersWeb Browsers
Web BrowsersNeha Sharma
 
Web Browsers
Web BrowsersWeb Browsers
Web BrowsersAahmed Hussain
 
Spark Twitter fails Mar2023
Spark Twitter fails Mar2023Spark Twitter fails Mar2023
Spark Twitter fails Mar2023David Strom
 
Getting Your First Cybersecurity Job
Getting Your First Cybersecurity JobGetting Your First Cybersecurity Job
Getting Your First Cybersecurity JobDavid Strom
 
Understanding passwordless technologies
Understanding passwordless technologiesUnderstanding passwordless technologies
Understanding passwordless technologiesDavid Strom
 
What endpoint protection solutions are available on the market today?
What endpoint protection solutions are available on the market today?What endpoint protection solutions are available on the market today?
What endpoint protection solutions are available on the market today?David Strom
 
Fears and fulfillment with IT security
Fears and fulfillment with IT securityFears and fulfillment with IT security
Fears and fulfillment with IT securityDavid Strom
 
Protecting your digital and online privacy
Protecting your digital and online privacyProtecting your digital and online privacy
Protecting your digital and online privacyDavid Strom
 
AI and cyber security: new directions, old fears
AI and cyber security: new directions, old fearsAI and cyber security: new directions, old fears
AI and cyber security: new directions, old fearsDavid Strom
 
The legalities of hacking back
The legalities of hacking backThe legalities of hacking back
The legalities of hacking backDavid Strom
 
How to market your book in today's social media world
How to market your book in today's social media worldHow to market your book in today's social media world
How to market your book in today's social media worldDavid Strom
 

More Related Content

Viewers also liked

Advanced Firewalls Progress Report
Advanced Firewalls Progress ReportAdvanced Firewalls Progress Report
Advanced Firewalls Progress ReportDavid Strom Inc.
 
WIndows 7 Migration tools for Nashville AITP
WIndows 7 Migration tools for Nashville AITPWIndows 7 Migration tools for Nashville AITP
WIndows 7 Migration tools for Nashville AITPDavid Strom
 
Picking the right Single Sign On Tool to protect your network
Picking the right Single Sign On Tool to protect your networkPicking the right Single Sign On Tool to protect your network
Picking the right Single Sign On Tool to protect your networkDavid Strom
 
Listen to Your Customers: How IT Can Provide Better Support
Listen to Your Customers: How IT Can Provide Better SupportListen to Your Customers: How IT Can Provide Better Support
Listen to Your Customers: How IT Can Provide Better SupportDavid Strom
 
Trusteer Rapport – Browser Security - How It Works
Trusteer Rapport – Browser Security - How It WorksTrusteer Rapport – Browser Security - How It Works
Trusteer Rapport – Browser Security - How It Workstrusteer
 
Web browser privacy and security
Web browser privacy and security Web browser privacy and security
Web browser privacy and security amiable_indian
 
Web Browser Security - 2016 Comparative Test Results
Web Browser Security - 2016 Comparative Test ResultsWeb Browser Security - 2016 Comparative Test Results
Web Browser Security - 2016 Comparative Test ResultsNSS Labs
 
Security-Web Vulnerabilities-Browser Attacks
Security-Web Vulnerabilities-Browser AttacksSecurity-Web Vulnerabilities-Browser Attacks
Security-Web Vulnerabilities-Browser AttacksRaghu Addanki
 
Research on Web Browsers ppt
Research on Web Browsers pptResearch on Web Browsers ppt
Research on Web Browsers pptSagar Agarwal
 
Web browser(pp ts)
Web browser(pp ts)Web browser(pp ts)
Web browser(pp ts)darpan1118
 

Viewers also liked (13)

Advanced Firewalls Progress Report
Advanced Firewalls Progress ReportAdvanced Firewalls Progress Report
Advanced Firewalls Progress Report
 
WIndows 7 Migration tools for Nashville AITP
WIndows 7 Migration tools for Nashville AITPWIndows 7 Migration tools for Nashville AITP
WIndows 7 Migration tools for Nashville AITP
 
Picking the right Single Sign On Tool to protect your network
Picking the right Single Sign On Tool to protect your networkPicking the right Single Sign On Tool to protect your network
Picking the right Single Sign On Tool to protect your network
 
Listen to Your Customers: How IT Can Provide Better Support
Listen to Your Customers: How IT Can Provide Better SupportListen to Your Customers: How IT Can Provide Better Support
Listen to Your Customers: How IT Can Provide Better Support
 
Trusteer Rapport – Browser Security - How It Works
Trusteer Rapport – Browser Security - How It WorksTrusteer Rapport – Browser Security - How It Works
Trusteer Rapport – Browser Security - How It Works
 
Web browser privacy and security
Web browser privacy and security Web browser privacy and security
Web browser privacy and security
 
Web Browser Security - 2016 Comparative Test Results
Web Browser Security - 2016 Comparative Test ResultsWeb Browser Security - 2016 Comparative Test Results
Web Browser Security - 2016 Comparative Test Results
 
Security-Web Vulnerabilities-Browser Attacks
Security-Web Vulnerabilities-Browser AttacksSecurity-Web Vulnerabilities-Browser Attacks
Security-Web Vulnerabilities-Browser Attacks
 
Research on Web Browsers ppt
Research on Web Browsers pptResearch on Web Browsers ppt
Research on Web Browsers ppt
 
Web browser(pp ts)
Web browser(pp ts)Web browser(pp ts)
Web browser(pp ts)
 
Web browser
Web browserWeb browser
Web browser
 
Web Browsers
Web BrowsersWeb Browsers
Web Browsers
 
Web Browsers
Web BrowsersWeb Browsers
Web Browsers
 

More from David Strom

Spark Twitter fails Mar2023
Spark Twitter fails Mar2023Spark Twitter fails Mar2023
Spark Twitter fails Mar2023David Strom
 
Getting Your First Cybersecurity Job
Getting Your First Cybersecurity JobGetting Your First Cybersecurity Job
Getting Your First Cybersecurity JobDavid Strom
 
Understanding passwordless technologies
Understanding passwordless technologiesUnderstanding passwordless technologies
Understanding passwordless technologiesDavid Strom
 
What endpoint protection solutions are available on the market today?
What endpoint protection solutions are available on the market today?What endpoint protection solutions are available on the market today?
What endpoint protection solutions are available on the market today?David Strom
 
Fears and fulfillment with IT security
Fears and fulfillment with IT securityFears and fulfillment with IT security
Fears and fulfillment with IT securityDavid Strom
 
Protecting your digital and online privacy
Protecting your digital and online privacyProtecting your digital and online privacy
Protecting your digital and online privacyDavid Strom
 
AI and cyber security: new directions, old fears
AI and cyber security: new directions, old fearsAI and cyber security: new directions, old fears
AI and cyber security: new directions, old fearsDavid Strom
 
The legalities of hacking back
The legalities of hacking backThe legalities of hacking back
The legalities of hacking backDavid Strom
 
How to market your book in today's social media world
How to market your book in today's social media worldHow to market your book in today's social media world
How to market your book in today's social media worldDavid Strom
 
​Understanding the Internet of Things
​Understanding the Internet of Things​Understanding the Internet of Things
​Understanding the Internet of ThingsDavid Strom
 
How to make your mobile phone safe from hackers
How to make your mobile phone safe from hackersHow to make your mobile phone safe from hackers
How to make your mobile phone safe from hackersDavid Strom
 
Implications and response to large security breaches
Implications and response to large security breaches Implications and response to large security breaches
Implications and response to large security breaches David Strom
 
Using social networks to find your next job (2017)
Using social networks to find your next job (2017)Using social networks to find your next job (2017)
Using social networks to find your next job (2017)David Strom
 
Security v. Privacy: the great debate
Security v. Privacy: the great debateSecurity v. Privacy: the great debate
Security v. Privacy: the great debateDavid Strom
 
Network security practice: then and now
Network security practice: then and nowNetwork security practice: then and now
Network security practice: then and nowDavid Strom
 
Biggest startup mistakes
Biggest startup mistakesBiggest startup mistakes
Biggest startup mistakesDavid Strom
 
Emerging computing trends 2015
Emerging computing trends 2015Emerging computing trends 2015
Emerging computing trends 2015David Strom
 
Marcus Ranum on Bad Idea Zombies
Marcus Ranum on Bad Idea Zombies Marcus Ranum on Bad Idea Zombies
Marcus Ranum on Bad Idea Zombies David Strom
 
Navigating the PCI Self-Assessment questionaire
Navigating the PCI Self-Assessment questionaireNavigating the PCI Self-Assessment questionaire
Navigating the PCI Self-Assessment questionaireDavid Strom
 
Virtual machine security products
Virtual machine security productsVirtual machine security products
Virtual machine security productsDavid Strom
 

More from David Strom (20)

Spark Twitter fails Mar2023
Spark Twitter fails Mar2023Spark Twitter fails Mar2023
Spark Twitter fails Mar2023
 
Getting Your First Cybersecurity Job
Getting Your First Cybersecurity JobGetting Your First Cybersecurity Job
Getting Your First Cybersecurity Job
 
Understanding passwordless technologies
Understanding passwordless technologiesUnderstanding passwordless technologies
Understanding passwordless technologies
 
What endpoint protection solutions are available on the market today?
What endpoint protection solutions are available on the market today?What endpoint protection solutions are available on the market today?
What endpoint protection solutions are available on the market today?
 
Fears and fulfillment with IT security
Fears and fulfillment with IT securityFears and fulfillment with IT security
Fears and fulfillment with IT security
 
Protecting your digital and online privacy
Protecting your digital and online privacyProtecting your digital and online privacy
Protecting your digital and online privacy
 
AI and cyber security: new directions, old fears
AI and cyber security: new directions, old fearsAI and cyber security: new directions, old fears
AI and cyber security: new directions, old fears
 
The legalities of hacking back
The legalities of hacking backThe legalities of hacking back
The legalities of hacking back
 
How to market your book in today's social media world
How to market your book in today's social media worldHow to market your book in today's social media world
How to market your book in today's social media world
 
​Understanding the Internet of Things
​Understanding the Internet of Things​Understanding the Internet of Things
​Understanding the Internet of Things
 
How to make your mobile phone safe from hackers
How to make your mobile phone safe from hackersHow to make your mobile phone safe from hackers
How to make your mobile phone safe from hackers
 
Implications and response to large security breaches
Implications and response to large security breaches Implications and response to large security breaches
Implications and response to large security breaches
 
Using social networks to find your next job (2017)
Using social networks to find your next job (2017)Using social networks to find your next job (2017)
Using social networks to find your next job (2017)
 
Security v. Privacy: the great debate
Security v. Privacy: the great debateSecurity v. Privacy: the great debate
Security v. Privacy: the great debate
 
Network security practice: then and now
Network security practice: then and nowNetwork security practice: then and now
Network security practice: then and now
 
Biggest startup mistakes
Biggest startup mistakesBiggest startup mistakes
Biggest startup mistakes
 
Emerging computing trends 2015
Emerging computing trends 2015Emerging computing trends 2015
Emerging computing trends 2015
 
Marcus Ranum on Bad Idea Zombies
Marcus Ranum on Bad Idea Zombies Marcus Ranum on Bad Idea Zombies
Marcus Ranum on Bad Idea Zombies
 
Navigating the PCI Self-Assessment questionaire
Navigating the PCI Self-Assessment questionaireNavigating the PCI Self-Assessment questionaire
Navigating the PCI Self-Assessment questionaire
 
Virtual machine security products
Virtual machine security productsVirtual machine security products
Virtual machine security products
 

Recently uploaded

2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdflior mazor
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfhans926745
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 

Recently uploaded (20)

2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 

Secure browsers

Editor's Notes

  1. From NSS Labs 2013 report on browser security They found marked differences in each browser’s built-in security features, with Firefox the best and IE the worst. However, things change in the browsing world: Chrome is on v33 and Firefox is on v27 and IE is on v11
  2. Is this legit or a phishing attack? it is worth a few minutes of your time to see how hard you, as an experienced IT person, will have distinguishing real from fake emails. Maybe you will have some sympathies for your end users as they are quickly scanning through their email inboxes. Or maybe this will motivate you to take a closer look at the secure browsing category
  3. Here is what Gmail does now, they don’t even let you click on that nasty link with phished email. So there is some protection.
  4. Most of these features are turned off by default, and finding them is often a treasure hunt as these settings are re-arranged almost at random with browser updates. But even with this effort, you probably require more security than a standard browser offers, and you will want a replacement or supplemental product to do the job
  5. There are products that can be used to anonymize your browsing history and protect your identity when you surf online, such as TOR or ZipZap.
  6. the better browser shouldn’t detract from the overall surfing experience: websites should look and perform the same as they do in the modern versions of Firefox or Chrome. There are alternative browsers that offer a subset of features and try to be more lightweight than the standard Firefox or Chrome browsers, such as Dillo, Lynx, Epiphany, Konqueror and others. Computerworld looked at these last year.
  7. One way is they sandbox, virtualize or otherwise contain the browsing session via several different methods so that any Web pages or online content can’t reach the actual desktop that is being used to surf the Web. For this first approach, we looked at Spikes AirGap, Spoon’s BrowerStudio and Invincea’s FreeSpace.
  8. A second approach is to replace the usual Firefox or Chrome browser software with a specialized browser that is locked down and has limited functionality. We looked at browsers from Comodo’s Dragon, Bitdefender’s Safepay, SRWare Iron and the open source Dooble that fit into this category. Authentic8 Silo actually uses elements of both the sandbox and specialized browser approaches
  9. The good news is that you can use our same tests as part of your own battery to understand these browser’s behaviors, or add your own to the mix.
  10. So I looked at 8 different browsers for my review. None of these browsers is going to stop everything, and some don’t stop much more than a well-configured standard browser. But AirGap stands out above the others. It was the only product that was always able to block downloads of executable files and still provide a solid level of HTML5 support. Its innovative use of virtualization technology was interesting. The downside is that there is some latency introduced into the browsing session as your bits travel to and fro across the Internet.   A second browser worth a closer look is Invincea’s FreeSpace. Because it sandboxes your existing browsers, you may want to go this route if your users run a variety of browsers and don’t want to switch to a new browser with fewer features. Administrators can block downloads (or allow users to choose) by setting an optional switch.
  11. Comodo’s Dragon sidebar app, PrivDog, allows you to set various blocking parameters for specific kinds of content.
  12. Comod Dragon uses its own version of secure DNS for additional protection.
  13. Dooble’s security settings sheet has some interesting privacy options.
  14. Invincea’s security preferences can be set to automatically block downloaded content from a centrally managed console.
  15. Silo has download content controls along with upload controls.
  16. Silo also has the ability to add a second factor to authenticate yourself for the entire browsing session.
  17. The first time you execute the Spoon browser, it does take some time to download the code to your desktop.
  18. You can read my story in Network World earlier this spring for more details about my tests