By Bob Gourley
Invincea delivers an enterprise grade breach prevention platform. Capabilities they field include an ability to run software in a totally virtualized environment so key applications function as normal from the perspective of users but enable the enterprise to isolate any malicious activity. They deliver a virtualization solution for your web browser that keeps the browser in its own virtual environment separate from the desktop operating system to protect users against all types of malware threats. This solution also works for PDF readers, the Microsoft Office suite, .zip and .exe as well. In all cases the user gets seamless functionality, and the enterprise gets protection from breach.
We have written about Invincea before, and recently hosted Invincea CEO Anup Ghosh for a podcast (listen online here).
There has been quite a bit of news on Invincea lately. Much of this is because of their deep bench of technical talent and the ability of their solutions to stop zero-day attacks. They mitigate the threat of spear-phishing, enhance endpoint security significantly, and stop malicious code from websites from infecting your enterprise. Since all of those are required by enterprises to mitigate threats this all contributes to the buzz around this great capability.
My recommendation for any security professional is to take the demo at the Invincea website.
I’d also like to spell out a few items from a recent case and some capabilities of Invincea to underscore how significant a solution Invincea provides.
- On Wednesday 1 May Invincea reported that a Department of Labor website was compromised to re-direct visitors to a website that executed a driveby download of an exploit for IE8. This was a sophisticated, never before seen attack (a zero-day attack). Upon other analysis, it was determined that the attack was designed to target department of energy employees and their department of labor representatives dealing with nuclear related illnesses linked to department fo energy activities. Many indicators in the attack point to the Chinese DeepPanda previously analyzed and written about by Crowdstrike.
- Invincea worked with a broad collective of security practitioners to help mitigate these problems, including helping Microsoft understand the nature of this vulnerability (they will fix it, eventually).
Invincea users are protected from this sort of threat as well as other zero-day exploits. For non-Invincea users, there are no known mitigations for this exploit. For users of IE8, there is no patch currently available and with this exploit being out in the wild, the potential risk for damage is high. If you are not using Invincea, the prudent thing is to switch to an alternate browser such as Mozilla Firefox or Google Chrome, if possible, until an official patch has been released by Microsoft. Or better yet, get Invincea so you are protected against this and future zero-day exploits.