Use Cases

Bring Your Own Device (BYOD)

Modern workforce is working from multiple locations, using multiple devices (utilizing the fact that many of the business services are accessible remotely). In some cases, they may use their own personal devices – desktops, laptops or mobiles. 

Seraphic allows you to seamlessly enforce your company granular policy on any unmanaged device in your network without impact on productivity. 

Non-corporate-owned devices (personal user computers, personal mobile phones, contractor-owned mobiles, and laptops) can be protected, even without installing Seraphic. As they connect to protected corporate assets, they will be going through a proxy which will inject Seraphic protection capabilities to these sessions. This will ensure that regardless of the device the user is using, the session is protected as if it had a client installed. 

Organizational Applications Access

Today, much of your employees’ work is being performed in the browser, whether the application sits in the cloud or in the private data center. These applications allow business continuity, and they allow users to perform their work. These applications also store sensitive corporate data. To ensure the data is not exposed, and there is no risk to business continuity – Seraphic provides protection for these applications on access and throughout the session.  

Technical Details 

• On access – Seraphic ensures that the user is authenticated successfully, ensures device posture and that the browser is protected with Seraphic. 
• Seraphic is added as an additional step in the authorization process inside the identity provider or in the (supporting) SaaS application itself. 
• During the session – Seraphic performs ongoing control, allowing users to only perform the actions they should have access to. In addition, Seraphic has a full audit trail of user actions for ongoing monitoring. 
• Seraphic also enforces policy controls such as DLP to ensure no sensitive data leaks to unauthorized entities. 
• Seraphic can also enforce additional approval (2FA) before performing high-risk actions 
• Deployment Vector 
  • Extension 
  • Full Proxy injecting Seraphic into sessions 

Zero Trust

Continuous policy enforcement on all sessions of managed and unmanaged users controlling all aspects of security and governance. 

Technical Details 

• User Specific grained policy 
  • Seraphic provides continuous protection against many attack types:  

1. 1. 1. Exploits  
      2. Phishing  
      3. MitM  
      4. XSS  
      5. CSRF  
      6. Clickjacking  
      7. Etc. 

• • Client Side DLP Capabilities 
  • Providing 0/N-day exploitation prevention 
• Enforce the use of Seraphic when connecting to corporate assets 

End of Life (EOL) / End of Support (EOS)

There are still applications that are not compatible with modern browsers. These applications require the use of older, legacy browsers that are no longer maintained by their creators, hence every vulnerability found on these browsers will expose all users indefinitely (as there will be no patches or security updates). Seraphic solves this problem. 

Technical Details 

• Seraphic stops all exploits, turning new and existing vulnerabilities ineffective, allowing the organization to extend its use in an existing browser without the need to invest substantial resources in making changes to its applications 
• Usually, older browsers do not have governance capabilities and lack important security features. Seraphic protects against social engineering attacks or web vulnerabilities, as well as allows for the enforcement of policy and governance over older, no-longer-supported browsers. 

Remote Access

Seraphic allows your users or 3rd party service providers to securely utilize all their company resources (applications) while being off-premise without the need for infrastructure change, and without security compromises, while maintaining user experience just as if they were at the office. 

Technical Details 

• Seraphic will “expose” internal web applications to outside users in a dedicated page. 
• Once authenticated the user will get access and experience as if it was on-premise. 
• No need for any additional type of network validation like VPN though it may be used in parallel for other purposes.
• Deployment vector 
  • Unmanaged – reverse proxy (for application exposure and agent injection) 
  • Managed – reverse proxy (for application exposure only) + extension (for agent injection) 

Data Leakage Prevention

Protect your data from getting into wrong hands by enforcing controls on a user level.

Technical Details:

Control what users can and can’t do on web applications containing sensitive corporate data.

• Prevent actions on a page
  • Copy
  • Paste
  • Select
  • Print
  • Right click
  • View Source
• Scan outgoing files (including OCR capabilities) for sensitive information
  • Predefined PIIs
  • Customizable PIIs
• Add Watermark to pages

Extensions Management

Gain visibility and control over what extensions are being installed and used across all users in your organization.

Technical Details

• Dynamic extension scoring
• Remote removal of already installed extensions
• Prevention of extension installation globally

Bridging the patching gap

Users can safely use previous versions of their browser, they won’t need to rush into upgrading the browser every time a new vulnerability is published. This allows them to stay productive and make changes when they are ready, after making the necessary tests, while staying safe. Seraphic protection doesn’t rely on prior knowledge or existing browser capabilities to prevent attacks against the user or against the browser.