SAN FRANCISCO -- For years IT security administrators have endeavored to determine which Web browser presents the most risk. But according to Qualys Inc. Chief Technology Officer Wolfgang Kandek, Web browser security has improved so much across the board, the effort may now be moot.
"The risk has migrated into plug-ins that enhance Web browsers," Kandek said. "It's not really the browsers that [are] directly attacked; it's more the plug-ins and their interactions with the browsers."
In this video interview, recorded at the 2013 RSA Conference, SearchSecurity.com Editorial Events Director Lindsay Jeanloz and Kandek discussed which Web browser plug-ins present the most risk. They also discuss controls to mitigate desktop Java security threats, the benefits of software sandboxing, and the security successes and failures of enterprise software security vendors.