All Roads Lead to the Browser: A SANS Buyer’s Guide to Browser Isolation
According to Verizon’s DBIR, nearly 90% of successful endpoint compromises involve the browser, including ransomware, spearphishing, credential theft and social engineering. The web browser is an essential tool for businesses, especially in the age of cloud services and third-party applications. Thus, it’s no surprise that the browser has become a crucial vector for the early stages of an intrusion and an integral part of attacks, such as spearphishing and weaponized documents.
In this webcast, SANS Instructor Matt Bromiley examines the concept of browser isolation. Browser isolation focuses on limiting the impact a browser can have on a victim system, preventing web code from reaching the endpoint. With better utilization of technology, browser isolation has become a more seamless and effective tool for your security teams.
This webcast also helps you determine whether browser isolation is a good fit for your organization and security posture, and where browser isolation may fit within your current security model. For many organizations, inserting a layer of control and/or mitigation between the user and the browser seems like a no-brainer. However, each organization’s use cases are different. Learn how to identify what features may or may not work for you.
View this webcast to learn:
- What browser isolation is and how it works to mitigate browser-borne attacks such as phishing, ransomware, credential theft and malicious downloads
- Key factors to consider when evaluating, implementing and testing browser isolation solutions, including the capability to provide a seamless user experience
- Options for integrating browser isolation into the current security posture to stop attacks earlier in the kill chain
- Ways to manage browser isolation and ensure compliance with organizational requirements, such as data retention and regulations
Matt Bromiley is a SANS digital forensics and incident response (IR) instructor, teaching FOR508 Advanced Incident Response, Threat Hunting, and Digital Forensics and SANS FOR572 Advanced Network Forensics: Threat Hunting, Analysis, and Incident Response. He is also an IR consultant at a global IR and forensic analysis company, combining experience in digital forensics, log analytics, and incident response and management. His skills include disk, database, memory and network forensics; incident management; threat intelligence and network security monitoring. Matt has worked with organizations of all shapes and sizes, from multinational conglomerates to small, regional shops. He is passionate about learning, teaching and working on open source tools.
Rajiv serves as the Senior Vice President of Products and Marketing at Cyberinc and heads the product management, marketing and strategic alliances functions. Rajiv has more than two decades of experience in technology and marketing leadership positions at companies such as SentinelOne, FireEye and Cisco. His past experience includes areas of network security, email security, endpoint security, network management and WAN optimization. He holds a master’s degree in software systems from Birla Institute of Technology, Pilani, and an MBA from UC Berkeley’s Haas School of Business.