Security Experts:

New Comodo SecureBox Protects Endpoint Applications

Security services provider and certificate authority Comodo announced on Wednesday the launch of Comodo SecureBox, a solution designed to help organizations protect the important applications running on their endpoints.

According to the company, the new desktop application provides a layer of protection to ensure that users can safely interact with mission-critical programs installed on computers, point-of-sale (PoS) systems, ATMs and other devices. SecureBox addresses threats such as keylogging, data exfiltration, man-in-the-middle (MitM) and man-in-the-browser (MitB) attacks.

The application is not designed to protect the entire device, like other endpoint security solutions. Instead, it assumes that the device is compromised and secures only trusted applications by creating a threat-resistant tunnel between clients and webservers, Comodo said. Unlike classic containment solutions, which sandbox untrusted applications, SecureBox runs only trusted pieces of software. Furthermore, before a trusted application is opened, a quick cloud-based scan is performed to detect and neutralize any pieces of malware that might be on the device.

In order to protect users against keyloggers, SecureBox bypasses the Windows input system and uses keyboard virtualization technology to intercept keystrokes and encrypt the information before sending it to the application. Attackers that attempt to remotely access the desktop are prevented from doing so by the company's application-agnostic screen capture detection technology which displays an isolated desktop screen with warning messages when an attack is detected, Comodo explained.

Memory scraping is prevented by prohibiting external programs from accessing the memory of trusted applications, Comodo said. Malicious SSL connections and SSL sniffing attempts are detected by comparing certificates against the company's trusted root certificate list.

"SecureBox is particularly well-suited for businesses who need to ensure the security of third-party endpoints that are beyond the control of their IT organization," said Kevin Gilchrist, vice president of product management at Comodo. "Financial services companies, healthcare or health insurance companies, or any company that has a large supply chain where the supplier represents a possible vector for malware would benefit from SecureBox."

view counter
Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.