Significant Innovations by the Comodo Companies
Default-Deny Protection™ – Comodo changed the Internet security suite protection paradigm from "default allow," where all programs are allowed to run unless they are on a "blacklist' of known malware, to "default deny" where all programs are denied permission to run unless they are on a "whitelist" of known safe programs. Implemented through Comodo Internet Security's "Defense+" feature, default- deny protection introduces prevention as the first line of malware defense, greatly reducing the probability of malware infection.
Content Verification – Comodo attacked the problems of phishing and website impersonation through the introduction of Content Verification Certificates (CVCs). CVCs use X.509 certificates to digitally bind sensitive content on a website such as a company logo, login box, credit card or affiliation logos with domain location information. Like the holographic logo on officially licensed merchandise, users accessing the legitimate site experience a conspicuous "Authenticated by Comodo" indicator when accessing protected content. While cyber-criminals can copy text and graphics onto an impersonated website, the CVC is not transferrable, nor is the "Authenticated by Comodo" indicator present on that counterfeit site. The lack of verification alerts users to its potential illegitimacy.
Session Certificate – As a leading provider of secure email certificates, Comodo understands both the benefits and the challenges of PKI-secured/authenticated e-mail. Comodo's deep experience in this area led to our development of the patent-pending One-Time Session Certificate as a means of overcoming one of this technology's major challenges – the need to pre-exchange certificates prior to communicating. When a recipient's digital certificate is not present, Comodo Secure E-mail automatically generates a one-time session certificate that encrypts the message but also provides a means for the intended recipient to decrypt and view the message contents.
Local Area Network Remote Vulnerability Scanning - Comodo expanded the flexibility and cost-effectiveness of cloud-based vulnerability scanning to include both external and internal network vulnerability scanning. This hardware-free innovation permits scanning of any network asset from a single, cloud-based solution.
Extended Validation SSL – Comodo was among the first in the Internet community to recognize the erosion of trust in the SSL gold padlock. It identified the need for standardized, rigorous validation of entities requesting SSL credentials, and for a new, highly-conspicuous indicator of SSL security. Comodo initiated the founding the CA/Browser Forum to establish identity validation standards and create the Extended Validation SSL Certificate which displays a green browser address bar in addition to a padlock on SSL-secured web pages.