FAQ Frequently Asked Questions

Seraphic Security works by injecting a light-weight agent into any browser. The agent creates an abstraction layer between external code (such as web pages, scripts, and extensions) and the browser engine. Its unique position gives it the ability to provide unprecedented protection, visibility, and control for everything that happens inside the browser. 

Seraphic Security supports all major OSes, including Microsoft Windows, Apple macOS, Google ChromeOS, most popular Linux distributions, as well as Apple iOS/iPadOS and Google Android. 

Seraphic Security can transform any browser into a secure enterprise browser, including Google Chrome, Apple Safari, Microsoft Edge, Mozilla Firefox, the Brave Browser, and the Opera Browser. 

Yes. Seraphic Security has connectors for all major directories including Microsoft Active Directory and Azure Active Directory, Okta, and Ping Identity which can be used for both admin console access and end-user onboarding. 

Yes. Due to its unique position, Seraphic Security generates valuable telemetry that can be used for auditing or investigation and incident response. The platform includes connectors for Elastic Security, IBM QRadar, Microsoft Azure Sentinel, Splunk, Fluency, and more. 

It doesn’t. Unlike many other security tools, the agent is virtually transparent to end users and does not impact page load times or page functionality. Organizations get additional protection and visibility; employees get to keep using their browsers as they always have. 

No. Although an extension is one option for delivering the agent, there are also other options available to ensure that organizations have the flexibility to choose the best delivery method for their environments and use-cases. 

No. Seraphic Security converts any browser into an enterprise browser, so IT and security teams can get the protection and visibility they need without forcing users to migrate away from the browsers they are already using. 

Seraphic Security provides configurable profiles and scanning rules for sensitive data, fine-grained controls for every action the user can take in the browser, as well as the ability to control how data flows between the endpoint and corporate web apps and public sites. 

Seraphic Security’s unique Detection Engine measures and evaluates over 200 attributes as pages are rendered, enabling it to identify and block malicious activity and evasion attempts in real time without relying on site classification, signatures, or other data feeds. 

Seraphic Security’s unique Prevention Engine implements a form of Moving Target Defense (MTD) within the browser that is similar to the way Address Space Layout Randomization (ASLR) works at the operating system level which effectively immunizes the browser against the entire class of memory corruption bugs on which modern browser exploits are based. As a result, browser exploits are prevented without the need for any detection techniques.  

Seraphic Security prevents browser exploitation, detects and blocks web-based attacks such as Cross-Site Scripting (XSS) and HTML smuggling which are used to deliver malicious code, protects user credentials by detecting and blocking UI redressing attacks such as Browser-in-the-Browser (BitB) and clickjacking and encrypting session tokens and cookies, and provides a comprehensive set of controls to prevent browser-based data leakage or loss. 

No. The Seraphic agent is executed by the browser engine at startup and it continues running, regardless of changes users may make to their browser settings or the rules imposed by website administrators.

No. Phishing sites do not require scripting to be effective and many phishing sites are built with static code specifically so that they don’t include scripts which could be identified as malicious. Seraphic evaluates over 200 parameters related to a page’s Document Object Model (DOM) as the page is being rendered in order to determine if it is malicious.

Seraphic Security is an important complement to EDR. Just as OSes execute applications, browsers also execute code (by rendering web pages, interpreting scripts, and running extensions). While EDRs monitor OS-level system calls, Seraphic monitors the browser runtime environment, providing an additional layer of protection and deeper visibility.  

Seraphic Security can improve both security and user experience when compared to RBI. Traditional browser isolation solutions suffer from problems related to network latency and application compatibility, negatively impacting user experience. Moreover, they offer very limited protection against many kinds of web-based attacks. Seraphic Security provides both better protection and better user experience than conventional solutions and has won multiple awards for its unique approach to browser isolation.  

Seraphic Security can augment (and in some cases, replace) SWGs. Since they were originally intended for on-premises use, SWGs require all network traffic to be routed through them to perform content filtering or other security functions, meaning that remote workers must have a “traffic steering” client installed for protection or policy enforcement. SWGs also rely on data feeds and must be able to decrypt network traffic to detect threats. Seraphic Security enables all these functions to be performed directly in the browser, without the need for a proxy.  

Yes. And no. Despite widespread use of web browsers in the enterprise, they remain “consumer” apps. The consumer-centric Safe Browsing capabilities built into browsers are either tailored to end-user privacy, or they provide very basic protections against well-known malware and phishing sites. Enterprise Safe Browsing requires—and Seraphic Security provides—broader and deeper protections.