Scans processes during session using patented run time behavioral analytics to identify and block key logging and screen capturing applications.
Browser Process Isolation
Blocks hostile code injection attacks (Man-in-the-Browser) and hostile or vulnerable browser add-ons. Defeats even zero-day attacks.
Browser Session Data Privacy
Encrypts all disk-based session data – cache, cookies, history, temporary files, etc. – using 256-bit RC4. Prevents real-time theft of content. All data is deleted at session end.
Hostname Resolution Bypass
Provides policy-defined hostname resolution, enabling the bypass of local hosts files or untrusted DNS servers, mitigating name resolution-based attacks.
Network Destination Controls
Filters network connections with a policy-specified white or black list, blocking many session hijacking, XSS, and CSRF attacks.
Content Information Controls
Restricts endpoint information leakage – via copy/paste, file saving, printing, and screen capturing – to ensure delivered information is not replicated by user actions. Controls extend to child processes, including Adobe Reader and Microsoft Office apps.
Rooted / Jailbroken Device Detection
Detects and blocks secure browser execution if a mobile device has been modified to disable core platform security features, creating a high risk security state on the device.
SSL Certificate Defenses
Mitigates MITM / hostile proxying of SSL/TLS-secured connections by blocking invalid certificates or even whitelisting allowed server or CA certificates.
Session Timeout Controls
Automatically ends protected sessions after a policy-specified maximum session length or maximum idle time, limiting potential damage due to user carelessness.
Prevents access for users on virtual machines or remote desktop connections, which can create bypasses for malware or data leakage.
Enables branding of the protected browser and user notification messages with custom colors, logos, and messages, while providing visually distinct UI that can aid users in detecting phishing attempts.
The Quarri Agent uses platform native browser components on the endpoint to create the secure browser, meaning that the latest HTML5 browser features are available to apps running in the secure browser.