dcsimg
Results 1 to 6 of 6

Thread: DOM or RBI?

  1. #1
    Junior Member
    Join Date
    Jan 2019
    Posts
    2

    DOM or RBI?

    What is more efficient to ensure secure browsing – DOM or RBI?

  2. #2
    Junior Member
    Join Date
    Jan 2019
    Posts
    4

    Secure Browsing Solutions

    Quote Originally Posted by petersw View Post
    What is more efficient to ensure secure browsing – DOM or RBI?
    DOM (Document Object Management) is filtering and sanitizing files before transferring them to your device. This means that it only protects the devices against known threats, marginally protects them against known unknown threats and not at all against unknown unknown threats. RBI (Remote Browser Isolation) implies the physical barrier between your device and any potential threat, known or unknown.
    The physical separation between active browser and endpoint implies that, though the browsing experience for the user is almost identical to unprotected browsing experience, all executable codes are stripped from the webpage and only run in the remote browser, where threats are unable to cause any damage to your company’s network and workers devices.
    For those unfamiliar with RBI, it is a recent improvement in proactive cybersecurity.

  3. #3
    Junior Member
    Join Date
    Jan 2019
    Posts
    2

    Interesting :-) I get the isolation part, but what happens when a user wants to down?

    Quote Originally Posted by Melusine View Post
    DOM (Document Object Management) is filtering and sanitizing files before transferring them to your device. This means that it only protects the devices against known threats, marginally protects them against known unknown threats and not at all against unknown unknown threats. RBI (Remote Browser Isolation) implies the physical barrier between your device and any potential threat, known or unknown.
    The physical separation between active browser and endpoint implies that, though the browsing experience for the user is almost identical to unprotected browsing experience, all executable codes are stripped from the webpage and only run in the remote browser, where threats are unable to cause any damage to your company’s network and workers devices.
    For those unfamiliar with RBI, it is a recent improvement in proactive cybersecurity.
    Interesting :-) I get the isolation part, but what happens when a user wants to download a file? Where is the isolation there?

  4. #4
    Junior Member
    Join Date
    Jan 2019
    Posts
    4

    CDR file sanitation

    Quote Originally Posted by petersw View Post
    Interesting :-) I get the isolation part, but what happens when a user wants to download a file? Where is the isolation there?
    Good question!

    The best solution is probably to combine RBI with some kind of CDR (Content Disarm and Reconstruction) solution for downloaded files.

    CDR removes any unrecognized or unexpected code embedded in the file and then reconstructs it and delivers a fully cleansed copy to the user.

    It's actually a bit like RBI in that respect, because it can neutralize zero-day threats while keeping all essential functionality intact, so that users can safely interact with the content they need.

  5. #5
    Junior Member
    Join Date
    Feb 2019
    Posts
    1
    Is CDR actually as effective as outlined above? I still have doubts.

  6. #6
    Junior Member
    Join Date
    Jan 2019
    Posts
    4
    Quote Originally Posted by Jonter View Post
    Is CDR actually as effective as outlined above? I still have doubts.
    This is how it works

    CDR sanitizes files by removing malicious file-embedded code in three phases:

    Phase 1 – Identify the file type;
    Phase 2 – Based on each file type’s structural specifications, retain all file elements that irrefutably adhere to that file type’s specifications, and exclude all other file elements
    Phase 3 – Build a duplicate file with specification-true elements of the original file type; then, deliver the reconstructed, sanitized file to the user

    As specification-true file rebuilds, each file type’s original functionality is unaltered and retained in the rebuilt files that are delivered to users. This is effective in preventing exploits based on unknown, zero-day, and known software vulnerabilities as all malicious code is excluded from each file rebuild

    I believe it does work that well

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •