Invincea Platform v3.3/4.0
August 04, 2014
$42 per seat annual subscription, plus central management (starting at $99/month for cloud management).
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Creative secure browsing solution. Easy to recover from browser-based exploits. Deploys quickly and without impact to end-users.
- Weaknesses: Nothing technically; annual subscription model is a bit pricy for an endpoint offering.
- Verdict: Nice added layer to security posture, complements signature-based solutions by capturing threats they miss.
Invincea provides an additional layer of security at the endpoint by adding in protection for web browsing and document use. Invincea Enterprise provides a secure container for users to run the most common web browsers and document applications within. By running these applications in a secure container, users are protected from malicious attacks that may come via a website or infected document.
Invincea helps by securing web browsing, using the Invincea WebRedirector, to ensure that only trusted sites can be opened outside of the secure container. This experience is automated and mostly transparent to the user to ensure a consistent browsing experience. The secure container keeps unexpected malware from executing or installing on the host machine and is detected by Invincea's behavior-based threat detection. Invincea's behavioral sensors understand the legitimate behavior of how applications run inside the secure container, thus detecting malicious activity regardless of how many variants of exploits try to take advantage of a vulnerability.
Invincea currently supports Google Chrome, Microsoft Internet Explorer and Mozilla Firefox browsers. Applications supported include Adobe Acrobat/Reader, Adobe Flash, QuickTime, MS Excel, PowerPoint and Word, Microsoft Outlook helper apps, Silverlight, Java and custom applications and browsers-plugs via SDK. Upon detection, the secure container is destroyed and a new, clean container is recreated to ensure the endpoint machine is not compromised.
Invincea integrates with the Invincea Management Server, which manages client configuration and software versions via the Configuration Management Module and collects any threats that were detected on an end-user machine via the Threat Data Module. The Management server deploys either as a cloud-based offering or an on-premise appliance. We tested with the cloud based solution. The endpoint deployment is done through a simple executable and loads quickly. The FreeSpace user protection client completely isolates vulnerable applications from the host operating system, registry, disk, running processes, threads and memory into a secure virtual container. As supported applications are launched and run inside the secure container, if they start to behave in a malicious manner, their activity does not impact the host since all application executions are fully isolated from the host. Automated termination of malicious activity stops malware from infiltrating the targeted machine and prevents data exfiltration. The policy-based prevention rules enable an organization to stop a breach before it occurs. You can set up trusted sites or block unwanted sites through policy. All the tools to accomplish this are contained inside the container and include the behavioral activity scanning, policy engine and forensic tools.
This technology complements existing endpoint protections by delivering a means to protect against zero-day, unknown threats or advanced persistent threats that those protections typically miss. The product deploys easily, is simple to use and the container restores occur without any real impact to the end-user.
Basic no-cost support is include with the purchase. There are no enhanced support options available.
Sign up to our newsletters
SC Magazine Articles
- Long list of devices believed to be affected by NetUSB vulnerability
- Scammers target oil companies with sneaky attack
- CareFirst BlueCross BlueShield breached, more than one million individuals notified
- Study: Employees acknowledge risky security behavior, continue to engage in it
- Hack of airplane systems described in FBI docs raises security questions
- Hackers exploit Starbucks auto-reload feature to steal from customers
- Study: Nearly all SAP systems remain unpatched and vulnerable to attacks
- Former Nuclear Regulatory Commission employee arrested for alleged spear phishing campaign
- Millions of WordPress websites vulnerable to XSS bug
- FireEye first cybersecurity firm awarded DHS SAFETY Act certification
- Thousands of Bellevue Hospital Center patients notified of data breach
- Study: 86 percent of websites contain at least one 'serious' vulnerability
- Investigation ongoing in reported multimillion member Adult FriendFinder breach
- Report: $19M breach settlement between MasterCard, Target terminated
- FTC gives thumbs up to companies that cooperate during breach probes