Invincea Introduces PDF Document Protection Platform
Application virtualization for threat protection developer Invincea
announced the expansion of its security product line with the introduction of
Document Protection, an optional extension to the company's Browser Protection
platform. The Document Protection platform protects users and the enterprise
networks they are connected to against malware embedded within PDF documents.
Built on the same security paradigm of Browser Protection, Document Protection moves Adobe Reader into a virtualized environment isolated from the desktop. PDF documents are moved from the native operating system into a separate and secure virtual environment where the document is opened in Adobe Reader. Exploits of Adobe PDF documents were the No. 1 leading cause of infections in 2009, according to Symantec's April 2010 Internet Security Threat Report.
"I've long thought that there was a need in the market for a secure, virtualized browser solution," said Richard Stiennon, chief research analyst at IT-Harvest. "Browser Protection is an innovative solution that addresses the enormous Web-borne malware threat. With the addition of its Document Protection solution aimed at closing the gaps in PDF security, the company is taking the majority of today's Internet threat vectors off the table."
If any malicious behavior is initiated—for example, execution of a malicious script, a buffer overflow exploit, or exploits of native APIs and system commands—Document Protection automatically detects the threat, terminates it and captures forensic data that can be fed to the rest of the security infrastructure. Then the tainted virtual environment is removed from the PC, and Document Protection restores to a gold master, clean state.
"The use of PDF exploits is on a sharp incline amongst malware authors. Even Adobe has gone on record to acknowledge that they are a primary target," said Dr. Anup Ghosh, founder and chief scientist at Invincea. "By many estimates, nearly half of all security threats came from Adobe application exploits during the 2010 calendar year. Within the past four weeks alone, news of Adobe zero-day exploits has been widespread."
Ghosh said the vast majority of the remaining threats were targeted at Web browsing sessions. By coupling this offering with Browser Protection, the company offers a solution set that eliminates the majority of malware threats.
"Our research has shown that secure full virtualization of Adobe and Internet browsers is necessary to defend against the sophisticated threats hitting enterprise users today," he said. "Sandboxing and other watered-down virtualization approaches simply cannot address the range of sophisticated threats today that exploit flaws in software on one hand, or users' permission on another, to infect systems."