December 8th, 2022
How and Why LimaCharlie Secures Google Chrome and ChromeOS
Chrome is the world’s most popular web browser—and ChromeOS is becoming more prevalent due to the use of Chromebooks in education and other sectors.
In this blog post, we’re going to talk about what this means for security teams, and how LimaCharlie can be used to secure Chrome and ChromeOS.
Why Google Chrome and ChromeOS matter for security
Chrome/ChromeOS security is definitely a niche topic, but there are enough special considerations here to warrant discussion.
Here’s why it’s necessary think about how to secure Chrome and ChromeOS—and why it’s essential for cybersecurity teams to have the tools to do so:
The ubiquity of Chrome: The Chrome browser is pretty much everywhere; it has around 65% of global browser market share. There is therefore a need for visibility into Chrome activity on nearly every system and network—especially in an age of BYOD and hybrid/remote teams.
The Chromebook userbase: ChromeOS is still only a small fraction of the organizational OS market when compared to Windows or even macOS. But Chromebooks are becoming more common, especially because of the demand for lightweight, inexpensive, easy-to-provision laptops. These features have made Chromebooks popular in education, and to a lesser extent in nonprofits and governments. But this means that ChromeOS is likely to be found in settings with limited cybersecurity and IT resources—and in the case of schools especially, with end users who may not be as well-versed in avoiding cyber threats as your average corporate computer user.
The problem with popularity: ChromeOS is generally very secure. This is a big part of its appeal. But obviously no computing platform is perfect, and there have certainly been vulnerabilities discovered in the past. As Chromebooks see more widespread adoption, we can expect to see bad actors spending more time and energy on finding ways to attack the platform. This is something that has been observed with macOS as Macs have become more prevalent in the enterprise, and similarly with CI/CD pipeline threats as more companies embrace DevOps approaches. In short, forward-looking security teams would be wise to start thinking about ChromeOS security sooner rather than later.
Coverage isn’t always optional: For compliance and regulatory reasons alone, many security teams need visibility into what’s happening on all endpoints—no matter how secure they are in theory. They may also be required to store telemetry data for every endpoint. LimaCharlie offers a simple, cost-effective way to do this for ChromeOS and, as with our other sensor types, includes one year of full telemetry storage for free.
Customer demand: MSSPs serving existing clients with, e.g., a Windows fleet, may suddenly find themselves asked if they can cover Chromebooks as well. It’s important to have a tool in place that can meet customer demand for ChromeOS coverage if needed—and ideally one that integrates easily and cost-effectively with your existing security stack. For MSSPs using LimaCharlie, the Chrome sensor provides this. (It also offers a ready-made opportunity to market managed security services to the education sector.)
LimaCharlie Chrome sensor capabilities
The LimaCharlie Chrome sensor can run in the Chrome browser or as an endpoint detection and response (EDR) sensor on Chromebooks.
The sensor offers security teams the following capabilities:
Visibility into network activity without the need for SSL interception
Details of DNS activity
Information about HTTP activity (including Request/Response headers)
The ability to view all installed extensions on the system
The ability to write detection and response (D&R) rules against sensor telemetry
A way to disconnect endpoints from the network if suspicious activity is found—either manually or via automation
For a full list of supported sensor events and commands, see the LimaCharlie Chrome sensor documentation.
LimaCharlie Chrome sensor setup and pricing
Setting up the LimaCharlie Chrome sensor follows the same basic pattern as the one used for other LimaCharlie EDR sensors, the main difference being that the sensor is obtained from the Chrome web store.
For full information on setup, see our documentation on deploying the LimaCharlie Chrome sensor. If you’d like a more visual explanation, one of our recent webinars also features a walkthrough of the setup process.
Our pricing is designed to be as transparent and predictable as possible. Chrome sensors are priced at $.25/sensor per month. For some users, a sleeper deployment of ChromeOS sensors may also be an attractive option.