Remote Browser Isolation | High Veracity Malicious, Phishing, and Blockable Content Detections
Meticulously curated datasets for Malicious URLs, Phishing URLs, and Web Content Categorizations, support new tiered service offering and drive revenue growth for a global Remote Browser Isolation provider.
“From a product standpoint, having a single source provider for the Malicious, Phishing, and Web Content Categorization Feeds was a huge benefit. The curated feeds allowed us to gain far more coverage than we would have otherwise, and it streamlined the integration process.”
– Chief Product Engineer, Client
Client Profile
Global Solutions Provider for Remote Browser Isolation (RBI).
The Challenge
Web browser attacks are one of the primary methods used by attackers to distribute malware and compromise endpoints. As these attacks continue to grow in sophistication and volume, web isolation, or Remote Browser Isolation (RBI) tools are increasingly popular. Remote browser isolation moves all browser activity away from local networks and instead, the activity runs in a virtual environment. Because no active content is downloaded within the virtual environment, any potential web-borne threats are neutralized. While browser isolation is increasingly common, the danger is that it can provide a false sense of security while leaving other attack vectors completely exposed — End-user Operating System (OS), applications, external hardware, and phishing sites.
The Client’s challenge was to build a solution which would close these security gaps with enhanced safety and security features to accommodate the needs of a primarily cloud-based architecture.
Business Requirements
The Client’s idea was to offer a tiered service to its users. The basic tier would include phishing and malicious URL detections which would deliver broad protection and neutralize known threats before those could make their way into the environment. The next tier of service would include access to comprehensive URL categorizations for content filtering. This would allow systems administrators to have greater flexibility and control to enable end users access to the systems and applications necessary, while limiting open access to the web.
Below are some of the top business requirements that the Client was seeking when they initially reached out to zvelo.
- Real-Time Threat Analysis. Live threat intelligence and URL analysis was key to enhancing the Client’s zero-day threat protection and reducing the attack surface by blocking any suspicious phishing and malicious URLs.
- Coverage & Accuracy. As a global service provider in a highly competitive space, the Client needed to find a URL database that offered maximum global coverage, as well as accuracy, to support the needs of its users.
- Language Support. Broad language support for a global audience was another essential factor as it would be crucial to delivering content filtering capabilities for a premium tier service.
- Ease of Integration. The Client’s launch date was quickly approaching, so finding a solution that would be easy to integrate without requiring weeks, or months, of custom configurations was absolutely critical.
- Performance. One of the known issues with remote browser isolation solutions is the degraded performance which can lead to a frustrating user experience. The Client was intent on delivering a solution which solved this problem.
The Solution
After completing the early research into potential solutions available, the Client reached out to zvelo. The Client began its evaluations by testing zvelo’s content categorizations via the zveloLIVE public-facing tool. The Client’s early results yielded highly accurate results based on its own sample set of data, which led the Client to engage in a more comprehensive evaluation with zvelo.
At the close of the evaluation period, the Client quickly moved forward with zvelo as the solutions provider. The Client opted to deploy each of the following:
- Malicious. Curated Malicious URL Threat Data Feed.
- Phishing. Curated Phishing URL Threat Data Feed.
- Content. Contextual Classification of Web-Page Content.
Compared to the initial set of business needs, zvelo delivered on each of the following core requirements.
- Real-Time Threat Detection. Real-time detection of malicious and phishing threats with continuous updates.
- Coverage & Accuracy. Over 99.9% coverage of the active web traffic, incorporating URLs visited by zvelo’s global network of more than 1 billion users and endpoints.
- Language Support. Leading language support by country, covering over 200 languages, using human-supervised machine learning systems.
- Ease of Integration. zvelo covers the broadest spectrum of flexible and easy-to-integrate deployment options including REST API, a local SDK, or as a raw data stream.
- Performance. zvelo provides exceptional throughput and lookup performance, with scaling to support billions of queries daily.
The Results
zvelo’s flexible deployment options allowed for a smooth integration process, which progressed very quickly and the Client’s ingested the data into their platform with ease. Shortly after deployment, the Client experienced greater than anticipated interest in the premium service tier — largely driven by zvelo’s exclusive, and extensive, category mapping which made it very easy for systems administrators to apply content filtering policies. In addition to the boosted interest in its premium service, the Client has seen a steadily increasing adoption rate for the basic tier of coverage and quickly earning positive feedback and reviews amongst its users — giving the Client a unique competitive edge. In the end, the Client has successfully brought to market a more robust remote browser isolation tool which extends threat protection beyond the capabilities of its toughest competitors.
“zvelo’s category mapping technology was a huge value that we did not expect — especially when it came to the deep granularity of topics. The category mapping allowed us to make it easy for our systems administrator type of users to mirror category sets familiar to them which makes setting the end users policies and reporting easier. For us, this has proven to be a key value in upselling our users to the premium service tier.”
– CEO, Client Company
