Security Experts:

McAfee Buys Browser Isolation Firm Light Point Security

Santa Clara, Calif-based McAfee has entered into a definitive agreement to acquire Baltimore, MD-based Light Point Security. Financial details have not been disclosed, but on completion of the acquisition, the Light Point staff will join McAfee, while the Light Point technology will be integrated into the McAfee Secure Web Gateway.

Light Point Security, founded in 2010 by Beau Adkins (CTO) and Zuly Gonzalez (CEO) -- both former employees with the NSA -- offers full remote browser isolation technology. Browsed web content is executed remotely outside of the customer's network and well away from the browser concerned. Only what amounts to a live stream of the web page display is then beamed to the user. All executable code, including any known or unknown malware, is left behind in the remote location, and wiped when the user session completes.

In this way, the user's browser is completely isolated from any malicious code delivered by the browsed web page. Users can browse freely to any web site of interest without reference to any company security policy limitations, and can view any content without concern. Since the browser is a major source of malware infections, a primary attack surface is automatically neutralized.

Even file downloads, not normally seen in the browser, are sanitized dynamically or scanned with more than 40 different anti-malware engines before reaching the user's computer. An automatic side benefit is anonymous browsing. Visited websites can only see information about the remote Light Point servers, and cannot see or track the user.

"Light Point Security's technology enables users to browse any website safely, securely and without limitations, without having to keep up with website changes. This stops attacks launched against a web browser before they can even enter the network without hampering user experience," said Light Point's Gonzalez. "Together, we'll advance McAfee's mission to protect the world from cyber threats while supporting customers as they accelerate their own businesses by removing limitations."

"Web browsing is one of the most common threat vectors for endpoints to get infected," said Ash Kulkarni, EVP and Chief Product Officer, Enterprise Business Group, McAfee. "Adding Light Point Security's capabilities into our products will create solutions that enable our customers to mitigate web-based threats without impacting user experience." 

Kulkarni explained the acquisition reasoning more fully in an associated blog post. "Today, our secure web gateway technology has a unique, industry-leading approach to malware prevention -- real-time emulation. This is a highly effective, high-performance approach. Emulation removes the vast majority of malware in milliseconds as traffic is processed. The next evolution is removing the ability for malicious code to reach an end-user altogether," he wrote.

"Light Point Security's browser isolation technology takes the end user's web browsing session and isolates the page remotely in a secure location, then replicates an interactive image of the session in the user's browser with a technique called pixel mapping.  This provides the end user with protection against web-based threats because malicious code can't leave the isolated browser, which is remote from their endpoint."

Related: Malware Isolation Firm Menlo Security Raises $75 Million 

Related: HP Acquires Endpoint Security Company Bromium 

Related: Sophos to Acquire Invincea for up to $120 Million 

Related: Symantec to Acquire Threat Isolation Startup Fireglass 

view counter
Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.