See complete coverage of Demo Traction 2015

Watch Now

Web browser security features

Google Chrome, Mozilla Firefox, Microsoft Internet Explorer, Opera, and Apple Safari compared

Features Chrome Firefox IE Opera Safari
Version tested 3.12 beta 2 8 beta 2 9.63 3.2.1 (525.27.1)
    Fast and clean; best browser security model; strong Web site isolation
Battle tested by attackers; best cipher support;

excellent add-on support;

security zones
Best enterprise deployment and control; top security granularity; security zones; excellent add-on manager Impressive security granularity; good anti-DoS protection; many unique features; strict EV enforcement Good pop-up blocking; good anti-phishing filter; good local password protection
Cons Lack of security granularity; cannot disable JavaScript; poor password protection; previous exploits simple to accomplish Lack of per site JavaScript blocking without add-on;

doesn't highlight true domain name

Most attacked browser; high number of known vulnerabilities; vulnerable to exploitation of third-party ActiveX controls DEP and ASLR not enabled; ECC ciphers not supported; not thoroughly tested by attackers Lack of security granularity; poor cipher support; no security zones; absence of enterprise feaures
TLS available and offered first Y Y Y Y Y
SSL 3.0 Y Y Y Y Y
SSL 2.0 Y Y Y Y Y
SSL 1.0 enabled by default N N N N N
InfoCard supported by default N N Y N N
Extended Validation certificates Y Y Y Y Y
Enforce FIPS cipher use N Y Y N N
Server TLS/SSL certificate revocation information checked by default Y Y Y Y N
OCSP support enabled N Y Y Y Y
Multiple security zones/domains N Y Y N N
Security controls by Web site exceptions N Y Y Y Y
Control security and functionality on a per site basis N N Y Y N
Automatically store and recall passwords Y Y Y Y Y
Stong local password protection N Y Y Y Y
Java support Y Y Y Y Y
MIME content type sniffing Y Y, limited Y Y Y
DEP enabled by default Y Y Y N N
Vista ASLR enabled by default Y Y Y N Y
Vista Integrity level Low/Med. Medium Low/Med. Medium Medium
Built-in ActiveX support N N Y N N
Built-in script support Y Y Y Y Y
Ability to globally disable JavaScript N Y Y Y Y
Ability to disable JavaScript on a per site or security zone basis N N Y N N
Plug-in support Y Y Y Y Y
Plug-in management N Y Y N N
Control access data across domains Y Y Y Y Y
Control displaying content across mixed zones by default Y Y Y Y Y
Control browser access to clipboard Y Y Y Y Y
Automated updates Y Y Y Y Y
Moniker handling to prevent automatic application launching Y Y Y Y N
Cross-site script filtering Y Y Y Y Y
Supports Windows authentication Y, digest Y, digest Y, all Y Y
Block reported malicious sites N Y Y Y N
Highlights true domain name Y N Y N N
Anti-phishing filter Y Y Y Y Y
Privacy features Y Y Y Y Y
Pop-up blocking Y Y Y Y Y
Private session browsing Y Y Y N Y
One click history erase Y Y Y Y Y
One click default settings reset Y N Y N N
Ad blocking (outside of pop-ups) N N N Y N
Parental controls N N Y N N
From CIO: 8 Free Online Courses to Grow Your Tech Skills
View Comments
You Might Like
Join the discussion
Be the first to comment on this article. Our Commenting Policies