A new cloud security option lets businesses plug in better digital safeguards without leaving existing web browsers behind.
Browser security firm Menlo Security on Tuesday announced a novel approach to browser security that protects users from internet-borne attacks. It is a supplemental set of extensions that enhances existing web browsers with cloud-delivered browser security.
Instead of trying to force users to embrace a new browser — and thus expand the enterprise attack surface — Menlo’s add-on tools protect data and users with end-to-end visibility and dynamic policy enforcement directly inside browser sessions to block zero-hour phishing, malware, and ransomware attacks.
Cloud-delivered security already exists, as do first-generation browser isolation schemes. But no approach adds the browser to a defense in depth architecture and seamlessly marshals sessions from the local browser. Menlo’s approach also manages the security of the local browser in concert with the secure cloud browser, according to Andrew Harding, vice president for security strategy at Menlo Security.
“Managing the local browser policy automatically is a big deal. This is a completely new generation of cloud-delivered secure browsing,” Harding told TechNewsWorld.
He added that the Menlo Secure Enterprise Browser extends zero-trust access to unmanaged machines and non-employee partners in a way that has not been possible until now.
Redefining Browser Security
Many employees spend 75% of their workday in a browser, according to Amir Ben-Efraim, CEO and co-founder of Menlo Security.
“Traditional security approaches have had their chance. These markets have been developing for 25 years,” he said. “They’ve had their chance.”
Despite its multiple components, users do not need to add all of the enterprise browser extensions to what they use, clarified Harding. All the elements work together, but they are not all required.
Menlo Security Browser Posture Manager provides easy browser configuration assessment and instant attack surface analysis. Most enterprises neglect browser policy management due to thousands of settings and updates required every two to four weeks.
These are key features considering that security searchers classified 175 Common Vulnerabilities and Exposures (CVE) last year as high or critical. Browser developers added 125 new features to Chromium, the open-source web browser project that underpins over ninety-five percent of browsers.
“While other enterprise browser technologies exist in the market today and are gaining significant traction, they require users to download and install these enterprise browsers as applications on their endpoint to use,” offered Omri Weinberg, co-founder and CRO at automated SaaS security firm DoControl.
The browser remains the primary interface that all users, enterprise and personal, use to access the Internet, confirmed John Bambenek, president at Bambenek Consulting. This ubiquity makes it a target for inbound threats such as phishing and outbound threats like data loss.
“The browser has been with us a couple decades now and remains a largely unsolved problem, especially since users often install multiple browsers that have their own independent security settings and aren’t updated via the operating system’s software update process,” he told TechNewsWorld.
Addresses Unrecognized Endpoint Threats
Companies do not treat web browsers as an endpoint in need of targeted security and protection, according to Menlo’s Ben-Efraim. Local browsers and replacement browsers are subject to attack. Even with advanced local browser posture management reducing the attack surface and defending against local browser exploits, the installed footprint of the browser represents a risk.
Menlo solves this reality with new capabilities. They are simple to adopt, and the unified zero-trust access model works with both enterprise-managed systems and unmanaged devices. The latest security tools enable governance over privileged access while moving past legacy approaches, such as virtual desktop infrastructure (VDI) and remote-access VPNs.
An innovative approach allows the extension of the Menlo Secure Cloud browser to unmanaged endpoints. Harding pointed out that this extension represents an additional mode of deployment rather than a total overhaul.
“Menlo does not seek to replace endpoint protection tools. Instead, Menlo closes the gaps left by those traditional detect-and-respond tools. By the time they detect a threat, it’s often too late,” he said.
We prevent threats that they might not be able to detect for days. The layering comes from managing the security policy of the local browser and then working seamlessly with the Menlo Secure Cloud Browser, he added.