The freedom to click on the Web
Menlo Security’s Isolation Platform (MSIP) was founded on the idea of a remote browser, that would stop whatever malware it may pick up, dead in its tracks because “there would be nowhere else for it to go”, according to Menlo’s Sales and Channel Director in APAC, Dalton Tan.
He also shared that to date, their closest competitors in the prevention by isolation solutions space, are in actual fact based upon VDI or virtual desktop infrastructure technologies, which are inefficient, clunky and slow.
In contrast, Menlo’s proprietary ACR, or Adaptive Clientless Rendering, would fetch content, execute it on a remote virtual browser, and render it seamlessly on any device screen, without any latency.
Tan said, “It looks like VDI, but it’s not. ACR takes the whole Internet web page, looks at it, execute it, and renders it on a virtual remote browser without the users even knowing they are going through (an) isolation (process).”
A virtual browser gets disposed off with every click of the button, basically removing the path for malware and letting it just die off, Tan had described. This way, whatever malicious code there is, cannot reach the user’s endpoint.
Being 100-percent native, also means there is no need to install anything on the viewing endpoint, for the isolation solution to work.
Why the isolation?
The Internet is a dangerous place.
When Menlo took the top one million websites on the Web, and tested them, they discovered that one in every three websites is running vulnerable software, and even legitimate websites are dangerous because of third-party background sites which they link to, to make their own websites richer in content.
“A lot of websites do not put content in their own server, and content comes from third parties. Forty-six percent of the top million websites, are found to be risky,” Tan said.
When the same test was replicated for Malaysia last September, and the top 50 sites here were tested, it was found that all of them were pulling content from a total of 182 background sites which are not safe.
Eighteen-percent of these sites were also serving active code from risky background sites.
So, even websites that are supposed to be legitimate are not safe anymore, greatly complicating the fight against malware.
Tan pointed out that Menlo’s isolation technology won’t replace existing security solutions, but could probably help organisations with their overall cybersecurity strategy. Also, for privacy reasons, Menlo’s isolation would not work for websites that require logging in and authentication ie. online banking websites. Menlo usually works with their clients to create a white list of these websites.
“In 2016, Gartner had said, one of the strategies organisations can take in terms of prevention, is by exploring something called isolation,” Tan said, adding that Gartner has classified Menlo Security solutions as belonging in the prevention space.
According to him also, isolation is a new strategy that customers should be actively looking at, before going out to pay more money for (solutions), and that with isolation solutions the risk surfaces becomes much smaller.