Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Protection

New Comodo SecureBox Protects Endpoint Applications

Security services provider and certificate authority Comodo announced on Wednesday the launch of Comodo SecureBox, a solution designed to help organizations protect the important applications running on their endpoints.

Security services provider and certificate authority Comodo announced on Wednesday the launch of Comodo SecureBox, a solution designed to help organizations protect the important applications running on their endpoints.

According to the company, the new desktop application provides a layer of protection to ensure that users can safely interact with mission-critical programs installed on computers, point-of-sale (PoS) systems, ATMs and other devices. SecureBox addresses threats such as keylogging, data exfiltration, man-in-the-middle (MitM) and man-in-the-browser (MitB) attacks.

The application is not designed to protect the entire device, like other endpoint security solutions. Instead, it assumes that the device is compromised and secures only trusted applications by creating a threat-resistant tunnel between clients and webservers, Comodo said. Unlike classic containment solutions, which sandbox untrusted applications, SecureBox runs only trusted pieces of software. Furthermore, before a trusted application is opened, a quick cloud-based scan is performed to detect and neutralize any pieces of malware that might be on the device.

In order to protect users against keyloggers, SecureBox bypasses the Windows input system and uses keyboard virtualization technology to intercept keystrokes and encrypt the information before sending it to the application. Attackers that attempt to remotely access the desktop are prevented from doing so by the company’s application-agnostic screen capture detection technology which displays an isolated desktop screen with warning messages when an attack is detected, Comodo explained.

Memory scraping is prevented by prohibiting external programs from accessing the memory of trusted applications, Comodo said. Malicious SSL connections and SSL sniffing attempts are detected by comparing certificates against the company’s trusted root certificate list.

“SecureBox is particularly well-suited for businesses who need to ensure the security of third-party endpoints that are beyond the control of their IT organization,” said Kevin Gilchrist, vice president of product management at Comodo. “Financial services companies, healthcare or health insurance companies, or any company that has a large supply chain where the supplier represents a possible vector for malware would benefit from SecureBox.”

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

IoT Security

Lexmark warns of a remote code execution (RCE) vulnerability impacting over 120 printer models, for which PoC code has been published.

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Email Security

Microsoft is urging customers to install the latest Exchange Server updates and harden their environments to prevent malicious attacks.

Mobile & Wireless

Technical details published for an Arm Mali GPU flaw leading to arbitrary kernel code execution and root on Pixel 6.

Application Security

Drupal released updates that resolve four vulnerabilities in Drupal core and three plugins.

Vulnerabilities

Security researchers have observed an uptick in attacks targeting CVE-2021-35394, an RCE vulnerability in Realtek Jungle SDK.