loading ...

Secure Your Browser, Protect Your Business.

AirGap™ web security stops all browser-borne malware from entering your network.

Malware detection systems do just that, they detect the malware on your system— leaving you, nevertheless, with malware on your system. Unfortunately, malware has already done its job by the time traditional malware detection security systems have a chance to start their work.

The new truth is that the web browser is, increasingly, the primary threat vector for cyber attacks on the enterprise. Confidential research available to Gartner members confirm this, as well as a 2013 review by Palo Alto Networks which found that over 90 percent of undetected malware comes through the browser. Traditional detection-based security technologies are reactive and ineffective in stopping the ever growing number of complex zero-day attacks, APTs, and polymorphic threats delivered through the browser.

The AirGap web security solution solves this problem with a patented, highly secure, virtualized browser isolated outside the firewall. All web content is accessed by end users through a lightweight, high performance viewer on the user desktop (and soon mobile devices). This “air gapped” separation between the user and the browser ensures that the enterprise network will never be infected by browser-borne malware. Just as important, end users are empowered to use the web without fear.

The AirGap™ Advantage:

Security, Performance, and Flexibility

Business Benefits

How AirGap delivers value to your organization


What is AirGap™?

AirGap is an innovative, enterprise-class security software solution that effectively eliminates the possibility of all browser-borne malware from entering the corporate network and infecting endpoint devices. This is important because traditional Web browsers were never designed to be security tools. Despite incremental improvements in browser security, the web browser is still the primary threat vector for 90 percent of all malware attacks on the enterprise – including zero-day attacks, APTs, drive-by downloads, malicious adware, and more. The AirGap solution makes web browsing 100 percent secure, and thus makes the entire business more secure.

The term “air gap” is traditionally used in real-world engineering, where air gaps provide separation and isolation of liquids and gases. In cybersecurity, the term is frequently used to describe the complete separation of two networks or systems for the purpose of security. The AirGap solution from Spikes Security consists of a secure, purpose-built browser deployed in the DMZ, and lightweight viewer clients deployed on endpoint devices. Together, AirGap effectively isolates the end user – as well as all endpoint resources and data – from potential browser-borne malware. This comprehensive level of isolation is achieved with true hardware separation, remote application services, operating system hardening, intrusion prevention technology, and secure application designs. Finally, convenience is preserved, and even improved, through cutting edge remote multimedia technology and intuitive interface designs. All of this works together to provide end users with a truly elegant, high-performance browsing experience.

Aren’t traditional browsers already secure enough?

The web browser you’re using right now is probably the most strategically important application in your business. It is a powerful tool that gives you access to all the information you need. It was never designed to be a security tool though. In recent years, browser vendors have made security enhancements to their browser platforms, but these browsers – and their various plug-ins - remain the primary threat vector for cyber attacks on the enterprise. For example, Microsoft’s Silverlight plug-in was recently targeted by cyber criminals. In addition, browser-specific exploit kits are being sold on the black market so that hackers can easily gain access to endpoint devices to launch internal attacks.

The only way to prevent these malware attacks is to completely isolate the browser from end-user devices and network resources, while still providing complete web freedom, optimal performance, and a great user experience. The AirGap solution meets all of these requirements.

Which platforms can run AirGap?

The AirGap client viewer is currently supported on Windows XP, 2000, 7 and 8, as well as Mac OSX 10.7 and later.

How is AirGap deployed?

The Spikes AirGap browser is a client/server application. The client is a very lightweight app that is easy to deploy, without requiring IT intervention, special configuration, or any prerequisite software. The server component is specialized, patent-pending software that can be quickly deployed in the DMZ on a customer’s dedicated server.

Optionally, customers can run the software pre-loaded on a hardened, high performance, virtualized AirGap appliance. This appliance comes in various sizes and configurations, scales linearly, and features automatic failover and load balancing to provide the maximum performance per dollar to meet the necessary deployment requirements of IT departments.

In either case, the underlying architecture of the AirGap solution is flexible enough that it can be deployed on the customer’s network (private cloud), on the Spikes Security network (public cloud), or a combination of the two (hybrid cloud). This flexibility ensures that all local and remote users are fully protected, regardless of where they are working.

Why is AirGap better than a traditional VDI solution (such as Citrix, Microsoft, VMWare)?

VDI offers IT organizations a centralized, efficient, and easily maintained way of scaling operations and responding quickly to the changing needs of their business. VDI was not, however, purpose-built to provide optimized web performance or protection against browser-borne malware. For example, VDI server platforms are characterized by a large attack surface protected with only limited, conventional security safeguards. If the server is compromised, the hacker can quickly gain access to sensitive data and resources.

In contrast, AirGap is deployed on a specialized server that contains only the AirGap browser application. In addition, the solution is built with Spikes Security’s patented Isolate™ technology, which provides seven different elements of protection, separation, and isolation. These elements work together to make it virtually impossible for any browser-borne malware to compromise the AirGap server, the network, or the endpoint device.

In addition, the performance of the AirGap client viewer is far superior to any desktop VDI browser application because AirGap has the ability to automatically detect and optimize performance based on the type of content requested by the end-user. As a result, browser sessions are launched instantly, and end-users experience superb audio/video performance with no discernible latency.

Why is AirGap more effective than AV software or other detection technologies?

Anti-virus software, which is typically installed on every enterprise endpoint device, does a great job of protecting end-users against most known viruses. That’s the easy part though. The bigger security challenge involves trying to protect against complex new threats that have never been seen before. For example, APTs, polymorphic threats, and zero-day attacks — for which there is no defense. These “unknown” threats are the new normal for malware attacks on the enterprise. They can’t be detected and, therefore, they can’t be stopped. Symantec estimates that zero-day attacks survive an average of 312 days before they are detected. In other words, it can take nearly a year before you realize that your organization has been attacked.

Think about that. Despite the use of sophisticated detection technologies deployed within a multilayer, defense-in-depth architecture, companies still get hacked. How can that be? The underlying problem is that every detection technology will ultimately fail, regardless of whether it involves signatures, heuristics, behavioral analysis, etc. You simply can’t detect the unknown with 100 percent accuracy.

Given the inherent limitations of all detection technologies, Spikes Security believes the focus must shift from reactive detection to proactive prevention. The isolation architecture of the AirGap solution enables it to prevent 100 percent of all known and unknown browser-borne malware, which means that no malware can enter the network, infect endpoint devices, or disrupt business operations.

Why is AirGap more secure than Sandboxing?

Sandboxes work by isolating potentially dangerous operations within a more secure, virtually separated space on the client machine. For example, if an end user launches a browser session, the sandbox solution might isolate that session in a separate virtualized environment. This idea has merit because it does not rely on any detection technology. Instead, it simply isolates the session, along with any malware that may be contained in that session.

The problem is that modern malware has the ability to escape from sandboxes. The sharing of operating system resources across the mechanisms of virtual isolation, as well as the idiosyncratic behavior of browser plug-ins, make it nearly impossible to fully secure all the available attack vectors for breaking free of a browser's sandbox. In particular, computers running Java and Flash are especially vulnerable to web based malware.

In the recent Pwn2Own hacking competition in 2013, for instance, Internet Explorer, Firefox and Chrome were all hacked on the first day. Chrome’s sandbox was fully breached, providing clear evidence of the limitations of software sandboxes. When the malware escapes from the sandbox, it then has full, unrestricted access to the client files and data, and the ability to access network resources.

AirGap is significantly more secure than a traditional browser in a sandbox, as it benefits from true hardware and network isolation. As a result malware is never able to enter the network and infect any end-user device.

How does AirGap handle XSS (Cross-Site Scripting) vulnerabilities?

It is a common misconception that XSS vulnerabilities are a browser vulnerability, so it is the website developers that are charged with the sole responsibility for preventing XSS exploits from circumventing their website security measures. That said, Spikes AirGap browsers do provide countermeasures such as those provided by traditional browsers. For example, by preventing cookies from being accessed by websites that did not issue them.

Can AirGap be used to access internal websites?

No problem, the AirGap browser can be configured to allow easy access to your trusted websites through a traditional browser by policy.

What access does Spikes have to our systems and what data does AirGap collect?

The AirGap solution is deployed outside your firewall and does not have any “backdoors” into your network or devices, nor does it collect any sensitive information. With AirGap you can be assured of maximum privacy.

How can I get more information, see a demo, or evaluate the product?

The engineering team at Spikes Security is continually adding new features to both the Windows and Mac versions on AirGap. The latest features may not always be reflected on this web site. If you work at a business that is concerned about web security and would like to prevent all browser-borne malware from infecting your network, we invite you to contact [email protected] . We can arrange for a short product demo or a full evaluation of the product in your network.

Some Words about Spikes Security:

“The Spikes Security concept is the only solution I have encountered that effectively addresses the source of the problem.”Daniel DeMattia, Director of Security, SpaceX
“Web security is saturated with solutions which get you almost there. Spikes Security has overcome the technical challenges which have prevented us from getting all the way there.”Harry Haramis, CEO, C2 Company
" Spikes Security has developed what appears to be a truly different, innovative approach to Web security." Dan Kusnetzky, ZDnet
"True network & hardware isolation is the core attribute of Isolate technology which makes AirGap the one of the most secure application delivery technology possible." CIO Review
Of all the products we tested, AirGap is the most unique and the most capable in terms of security. Network World, April 2014


Learn more about Spikes Security and the power of AirGap web security.

Spikes Whitepaper - Remote BrowsingWhitepaper - Secure Web Browsing

Learn how AirGap prevents all browser-borne malware.

Isolate - White PaperWhite paper – Isolate™ Technology for Malware Prevention

Discover the seven elements of Isolate that make it so effective.

Microsoft's Security Intelligence ReportMicrosoft's Security Intelligence Report (SIR) vol. 14

Browsers pose the greatest threat to enterprise.

Verizon Data Breach reportVerizon’s 2013 Data Breach Investigations Report

In 2012 “User” surpassed “Server” as the top compromised asset category. 99 percent “inevitability” of a click on email campaigns which send over 10 emails.

Google Transparency reportGoogle Transparency Report

Drive-by malware attacks are far more likely to come from hacked, legitimate web sites than from malicious websites. Two percent of websites in the United States contain malware.

Palo Alto Networks Malware ReviewPalo Alto Networks Modern Malware Review

94 percent of undetected malware comes from the web, and remains undetected an average of 20 days.

Credit Unions Are Now in the Crosshairs of Cyber Criminals. Click here to download the security briefing. Credit Union Cyber Security Brief

As cyber criminals continue to develop more advanced and targeted attack strategies, it is important to understand the risk that their activities pose to credit unions everywhere

Click here to download the AirGap datasheet and learn more about how to protect your company from malware attacks. AirGap Datasheet - Isolated Web Browsing

The web browser is the most strategically important application in today’s Internet-powered enterprise. But the browser is inherently insecure, and is now the #1 threat vector for cyber attacks on the enterprise.

Stay Connected

Join us on Facebook and Twitter

About Spikes Security

Spikes Security is a venture-backed Silicon Valley start-up founded in 2012. The company is focused on delivering secure, scalable, high performance software solutions that empower businesses with the freedom to safely leverage the web without fear of cyber attacks. It's initial offering is AirGap™, a powerful browser security solution that prevents all browser-borne malware from entering corporate networks and infecting endpoints.


It's a great one.

Click here to view the latest career opportunities at Spikes Security.

Subscribe to the Spikes Security Newsletter

Stay informed on news about security issues, products, and technologies.


See What Elon Musk's Right Hand Man Has to Say About Cyber Hackers

Andrea Tse, TheStreet.com - February 25, 2014

Want Safety While Using the Internet? Stash the Browser Somewhere Else

Ashlee Vance, Businessweek - February 25, 2014

New Approach to Security Stops All Browser-Borne Malware Attacks Before Entering the Corporate Network

Spikes Security shifts security focus from detection to isolation, guaranteeing prevention of all browser-borne malware attacks

Network World - February 11, 2014

Ready to Eliminate Browser-Borne Malware?

Join the growing number of businesses that have deployed AirGap to isolate and eliminate browser-borne malware, and empower employees with the freedom to safely leverage the power of the Web. Please contact us using the form below. You will receive a personal response in 24 hours or less.

  1. How can we help? Please check all that apply:

    Would like to arrange AirGap product demo
    My business wants to stop all browser-borne malware
    Possible interest in testing AirGap for my business
    Interested in becoming a Spikes Security reseller
    Keep me informed of new products/resources