There is a new cyber domain/niche that is trying to change how we do inline cyber security, called Enterprise Browser or Browser Isolation; there are many vendors in the space that are in the way compete with traditional SWG and ZTNA, and I am wondering what do you think on the space. What are some pros and cons, and is there a need for education on the topic?
Sort By:
Oldest
CIO in Services (non-Government)a year ago
I have always maintained that our Browsers are the number one way for end-users and their devices to get infected/infested with Malware, Spyware, Ransomware, etc, and that we need a completely different approach to browsing in general. BY completely sandboxing/sequestering the browser from our main device/OS, we can try to stop the onslaught of dangerous attacks from bad actors. It's a pity there's no silver bullet for users' bad browsing habits though.Chief Information Security Officer in Healthcare and Biotecha year ago
The basic idea behind browser isolation is to keep the user's browsing activity separate from their local device by running the web browser in a remote virtual environment. This virtual environment, also known as a sandbox, is isolated from the user's local device and is designed to prevent any malicious code from reaching the user's device. There are two main types of browser isolation: server-side isolation and client-side isolation. Server-side isolation involves running the web browser on a remote server, while client-side isolation involves running the browser on the user's device in a virtualized environment.
Both methods provide similar protection against web-based threats but have different trade-offs in performance, scalability, and user experience.
Browser isolation is becoming an increasingly popular cybersecurity technique, particularly in remote work and cloud computing, where users may access sensitive data and applications from untrusted networks and devices.
Director of Consulting in Energy and Utilitiesa year ago
The previous posters did a great job of describing browser isolation. I don't think BI is competing directly with SWG, it is complimentary to addressing web as a threat vector and you should still have the upstream filtering capabilities to manage your users' web access.Furthermore if you flip BI, using it as a reverse proxy you have the ability to provide isolation between your clients and applications. This could also be complimentary to your ZT aspirations. Some BI solutions provide high levels of assurance in this space and we are seeing those deployed as bridges into management networks or access of OT environments where air gaps would normally be maintained.
Global Chief Cybersecurity Strategist & CISO in Healthcare and Biotecha year ago
It's not new. Another marketing gimmick. Browser isolation, which involves running web browsers in isolated environments to enhance security, started gaining prominence around the mid-2010s companies like Symantec offered it as an example. However, the concept of isolating web browsers to protect against malware and web-based threats had been explored in research and development efforts prior to this period. Since then, browser isolation technology has continued to evolve as a valuable cybersecurity strategy to mitigate web-based threats.Vice Presidenta year ago
Declaring I am biased, but benefits should be:1) Dramatic reduction in attack surface by converting the #1 attack vector .. the browser ... into an enterprise security control. If your users have to use a browser anyway, why not give them one that collapses risk and improves their experience.
2) Dramatic reduction in costs .. Compared to VDI, RBI, SWG, SASE, etc. this approach promises to deliver nearly the same outcome for less than $20 per user
3) Zero Trust .. the main reason browsers are the #1 attack vector is due to the implicit trust we allow .. "enter your creds anywhere you want" " download whatever you want" "enter whatever sensitive data you want into that Shadow IT app" .. etc. This has to stop
4) Simplicity .. Users alrady know how to use a browser and administration is elegantly simple enough for even a junior engineer to administer
5) Continuity .. all the cloud based approaches have outage issues you will never get reimbursed for the full business loss. No need by using the browser instead.