Skip to main content

Mozilla Firefox, Google Chrome or Microsoft Internet Explorer - Which Web Browser is Most Secured?

December 05, 2011

Accuvant LABS has just released some new research that compares the security of three of the most widely used web browsers – Mozilla Firefox, Google Chrome, and Microsoft Internet Explorer. Google commissioned Accuvant to perform this comprehensive and independently designed security analysis to help advance the discussion of best practices in the security community.  Our research findings are extremely thorough and complete, so we decided to create this blog to summarize the results.

 

Malware, spyware and viruses are all too familiar to those who regularly surf the web. These malicious programs can lead to system pop-ups, slowdowns, account takeovers, credit card theft, identity theft, and the theft of personally identifiable information. While antivirus and anti-malware can help prevent an infection, the first line of defense is using a secure web browser. For a person that surfs the internet, comparing and contrasting the security of different web browsers is difficult. Marketing materials are available to the average user, but they often contain direct contradictions and the reader ends up wondering which web browser is the most secure. Our research aims to fix that problem.

We compared browsers from a layered perspective, taking into account security architecture and anti-exploitation techniques.   Like antivirus or anti-malware software, each provides an additional layer of defense. The nice thing is, when anti-exploitation technology prevents an attack, anti-malware and antivirus aren't needed. The idea is that it’s a lot easier to keep a fortress with a moat safe than it is to protect a beach shack.

The reason that browsers haven’t been compared by these criteria before is that security architecture and anti-exploitation technologies are deeply technical. They relate to how the inner workings of a computer go about their business and understanding and comparing them is quite a task. The effort needed to analyze them is evidenced by the sheer size of our research paper.

Research that makes security comparisons can be controversial, as the data and tools are never subject to outside scrutiny. Our research strives to avoid that issue by making all the data collected, and the tools used to collect the data, available to the public. The intent in releasing this information is that all of the results and conclusions can be independently analyzed and reproduced.

The best way to judge browser security is to first look at anti-exploitation measures that each browser has in place. Accuvant looked at the internals of Mozilla Firefox, Google Chrome, Microsoft Internet Explorer, and analyzed the anti-exploitation measures implemented by each.

The following chart shows the anti-exploitation measures used by these browsers. Each row represents a different anti-exploitation technology and each rocket represents a browser. The rocket with the highest position represents the browser with the most thorough anti-exploitation measures.

As the above chart shows, Firefox is behind when it comes to implementing anti-exploitation technologies. Internet Explorer and Chrome are close, but Chrome’s plug-in security and sandboxing architectures are more thorough and comprehensive.  Therefore, Accuvant LABS has deemed Google Chrome to be the most secured against attack.

If you’d like to see more granular information regarding this conclusion, we invite you to read our white paper Browser Security Comparison -- A Quantitative Approach.  The paper goes into the wonderful details of comparative web browser security.

Related Blogs

June 13, 2012

Managing Risk for Internet Gaming

We all know that online gaming is coming to the United States, and is partially here via WAN-connected tribal casinos, online poker that is available ...

See Details

February 04, 2014

Internet Security Questions for the Cloud Provider | Optiv

When considering a move to the cloud, there are a number of security questions that should be considered as you select a potential cloud provider. Alm...

See Details

March 03, 2014

Why the “Internet of Things” Matters For PCI

The media and blogosphere have been all abuzz as of late regarding the Internet of Things (IoT). Most discussions revolve around how close we are to t...

See Details

How Can We Help?

Let us know what you need, and we will have an Optiv professional contact you shortly.


Privacy Policy

Related Insights

April 09, 2014

The Evolution of Malware and Security Compromise

Malware is evolving and changing at an unprecedented rate. The fact is that 95% of all organizations have been compromised, without their knowledge, i...

See Details

November 10, 2015

Antivirus – Stick a Fork In It?

I am sure by now you have heard the rhetoric statement that Antivirus is DEAD. There has been quote after quote by many technology and security leader...

See Details

September 20, 2017

Cloud Security Architecture

Learn how our experts formulate an actionable strategy with key stakeholders and help implement your cloud security program across the enterprise.

See Details

Stay in the Know

For all the latest cybersecurity and Optiv news, subscribe to our blog and connect with us on Social.

Subscribe

Join our Email List

We take your privacy seriously and promise never to share your email with anyone.

Stay Connected

Find cyber security Events in your area.