At this year’s Edge Summit event, Microsoft proudly stated its Edge browser is its most secure browser, having had no zero-day exploits and no known exploits thus far — a pretty impressive feat given the fact that security in general is one of the hottest topics around. The statement is even more impressive since Edge’s predecessor, Internet Explorer, was always a rather easy target for security exploits.
Detractors claimed that hackers had not targeted Edge because it’s not used on many devices. However, it’s less than a solid argument considering that Microsoft recently announced Edge was used on more than 150 million active devices, a number that can’t really be ignored. The most plausible explanation for Edge’s high-level of security can be found in the security features Microsoft incorporated into its latest browser.
The tech giant explained in a 28 minute presentation why its browser could be the most secure browser on the market, with some of the most interesting information delivered at minute eight. The secret recipe seems to be a team of dedicated hackers who proactively break all the products in the Windows group and then work with engineering teams to fix them according to Dave Weston, team manager at Microsoft Security Response Center.
The team uses a four step strategy:
- eliminates vulnerabilities before the attackers can find them
- break exploitation techniques used by attackers
- contain the damage of successful exploitation
- prevent navigation to known exploit sites.
Thanks to improvements like AppContainer isolation (minute 10 of the presention), MemGC (minute 12) and module code integrity (minute 15), threats are kept at bay.
What is your opinion so far: has Edge proven to be a reliable browser for you? Let us know your thoughts in the comment section below!