Help Net Security

The security community has finally settled back into their typical routine after last month’s RSA Conference, now armed with piles of conference swag and inspiration from discussions with this year’s crop of innovative thinkers. Between circulating the show floor, briefing analysts, and conversing with industry experts, Ntrepid’s Chief Scientist, Lance Cottrell, had a chance to record a podcast with Help Net Security about the company’s secure virtual browser, Passages.

In the podcast, Lance outlines how Passages provides complete protection from web-based attacks, and enables users to access any website without risk to their infrastructure or data. He also addresses industry trends, and the issue of detection and prevention vs. protection. See below for an excerpt of the podcast where Lance discusses the importance of extending the enterprise to increase protection.

To listen to the full conversation or learn more about Passages, check out the complete podcast and its transcript, Passages: Secure virtual browser for malware isolation.

“Q: It’s interesting to hear about protection, because we talk so much and we’ve seen in the industry so much about detection and prevention, but I think that protection is very important these days. So, can you talk a little bit more about what you mean by extending the enterprise?

A: Right now, like I was saying, people are not always in the office. They’re using different devices, they’re in different places. And so, the old ideas of protecting at the perimeter or you’ve got firewalls at the edge of some defended network really doesn’t apply anymore. And in fact, very often, the people aren’t accessing the corporate data on a network that is even under the control of the business. And so, that perimeter is failing.

You need to rethink how you then extend some kind of a perimeter out to protect the user, out to the endpoint. And we’re conceptualizing that and saying that the perimeter, instead of being something that’s sort of at the edge of your network, we’re going to actually wrap it around the point of vulnerability. And if the browser is the main point of vulnerability, we’re actually going to build that perimeter wall right around that browser. That gives us a strong point to defend, it’s a very small and defined perimeter unlike the wide perimeters that are going now. So, changing our idea of a perimeter and extending that out to the endpoint to the application is a much more effective way of controlling that attack.”