The Emerging IT Conference, presented by the National Capital Area Chapter of ISACA on March 15, 2011, showcased a variety of topics presented by speakers with extensive experience applying technology initiatives in the public and private sectors. Topics included “Managing Data in an Information-Centric Environment,” “Smart Cities” using technology to improve the quality of life, “Mobiles, Tablets, Cloud and Education,” and “Emerging Issues and Approaches in Cybercrime and Digital Evidence.”
One of the most interesting talks at the Emerging IT Conference was on “sandboxing,” entitled “Breaking the Security Insanity Cycle,” by Dr. Anup Ghosh, Founder & Chief Scientist, Invincea Corp. Invincea offers virtualized browser and PDF reader solutions that run in their own virtual environments, separate from the desktop operating system, to protect users against Web-borne and PDF-embedded threats.
After describing the list of well-known issues with patching, intrusion detection and recovery, their related costs, and incomplete effectiveness, Dr. Ghosh described his approach: a “resilient” architecture. Invincea separates trusted systems from the non-trusted network, with everything on the Internet as non-trusted. Their architecture puts the browser in a sandbox where Invincea’s software can detect threats. This approach, based on identifying threat behaviors, contrasts with detection which relies on known signatures.
For example, a sandbox for browsers allows poor code (the browser) to be contained when it becomes exploited. The sandbox is a controlled virtual environment that can detect when “bad” changes occur in the virtual environment; upon detection it closes and restarts the browser protecting the PC from infection. Invincea also feeds information back into your detectors allowing them to block the site from future access.
TalaTek finds the sandbox approach intriguing, with great potential to fight threats as they emerge. We are always looking for ways to reduce risk and improve security, and are investigating sandbox technology as an added offering for our customers. Especially from a company like Invincea which was initially funded by DARPA.
