Sophos Protected Browser
One browser to secure all your applications ZTNA, Secure Web Gateway, and granular data controls in a hardened Chromium browser

Secure Application Access Without VPN Complexity

Sophos Protected Browser integrates Zero Trust Network Access to provide seamless, policy-based application access for workers on and off the network. ZTNA makes applications invisible to the internet while providing authorised access eliminating the attack surface associated with traditional VPN infrastructure and the complexity of managing separate remote access tools.

• ZTNA makes applications invisible to the internet while providing authorised access.
• Native RDP and SSH client support eliminates the need for separate remote access tools.
• SaaS application controls determine who can access cloud services based on user, device, and location.
• Device posture assessment blocks compromised devices from accessing applications.
• Synchronized Security integrates with Sophos Endpoint and Firewall for automated response.

Control Generative AI Usage Without Blocking Productivity

Generative AI tools offer significant productivity benefits but create data exposure risks when employees use unsanctioned services or upload sensitive information. Sophos Protected Browser allows organisations to permit approved AI services while blocking shadow AI usage and preventing sensitive data from reaching unauthorised tools.

• Define which generative AI applications users are permitted to access.
• Block unsanctioned AI services to prevent shadow IT and uncontrolled data exposure.
• Monitor AI usage and gain visibility into adoption patterns across the organisation.
• Control copy/paste, upload, and download to prevent data exposure via AI prompts.
• Data redaction enforces masking of sensitive information in AI service interactions.

Block Threats at the Browser Level

Remote workers and devices are exposed to browser-based attacks including malicious websites, phishing, DNS hijacking, and exploits targeting browser vulnerabilities. Sophos Protected Browser integrates multiple defence layers to prevent breaches before they reach endpoints, regardless of where the user is located.

• Integrated Secure Web Gateway blocks malicious and risky websites in real time.
• DNS Protection over HTTPS prevents connections to known threat infrastructure using Sophos AI intelligence.
• Browser hardening protects against exploits targeting Chromium vulnerabilities.
• Device posture assessment isolates compromised devices until remediation is complete.
• Synchronized Security shares threat intelligence with Sophos Endpoint and Firewall.

Built in Partnership with Island.io

Sophos Protected Browser is developed in partnership with Island.io, leveraging their enterprise browser platform. Sophos integrates its threat intelligence, security technologies, and Sophos Central management to deliver an enterprise-ready workspace protection solution combining Island.io's browser platform expertise with Sophos' security depth.

• Built on Island.io's enterprise browser platform.
• Sophos threat intelligence and security capabilities integrated throughout.
• Managed through Sophos Central alongside all other Sophos products.
• Enterprise-grade deployment and policy management for distributed organisations.

Prevent Data Leakage with Granular Controls

Accidental data exposure through file uploads, screenshots, and copy/paste operations creates compliance and security risks for organisations handling sensitive information. Sophos Protected Browser provides granular data boundary controls that are straightforward to configure per application through Sophos Central without requiring separate DLP infrastructure.

• Restrict copy/paste operations from specific applications or application categories.
• Block screenshots and screen recordings of sensitive data in protected applications.
• Prevent printing from applications that contain confidential information.
• Control file uploads and downloads at the individual application level.
• Data redaction masks sensitive information before it leaves the browser.

Eliminate Shadow IT

Without visibility into which cloud applications employees are using, organisations cannot enforce consistent security policies or prevent data from flowing to unauthorised services. Sophos Protected Browser provides continuous visibility into SaaS usage and enables policy enforcement across the distributed workforce without requiring network traffic interception.

Secure Web Gateway and DNS Protection

Sophos Protected Browser enforces web filtering and DNS protection for all users regardless of their location on the corporate network, at home, or travelling. DNS Protection over HTTPS uses Sophos AI threat intelligence to block connections to known malicious infrastructure before the browser even loads a page, providing an early prevention layer that operates independently of the endpoint security stack.

• Web filtering enforced for all users regardless of network location.
• DNS Protection over HTTPS blocks threat infrastructure at the DNS layer.
• Acceptable use policy enforcement without requiring network-level inspection.
• No traffic backhauling filtering applied directly without routing through a data centre.

Cloud-Delivered Deployment

Sophos Protected Browser deploys as a cloud-delivered service without requiring infrastructure changes, appliance procurement, or complex configuration. Browser updates deploy automatically without user intervention, and all policy management is handled through Sophos Central alongside the rest of the Sophos product portfolio.

• Deploy through standard software distribution tools no infrastructure changes required.
• All policies configured through Sophos Central alongside other Sophos products.
• Automatic browser updates with no user intervention required.
• No traffic backhauling traffic flows directly to cloud services.
• Synchronized Security integration with Sophos Endpoint and Firewall for unified response.

Sophos Protected Browser Specifications:

Documentation:

Download the Sophos Workspace Protection Solution Brochure (PDF).