As the security world descends upon the Moscone Center next week for the RSA Security Conference, two companies that put out some news ahead of the show were Google Cloud and Menlo Security Inc. which announced a partnership to improve the security of enterprise browsers.
Under the terms of the agreement, Menlo Security, which pioneered the browser security industry, will expand its usage of Google Cloud infrastructure and, more importantly, collaborate with Google’s Mandiant division on threat research to strengthen browser security.
As security pros have continued to lock down corporate networks and cyber vendors have advanced security operations center operations with innovations such as extended detection and response or XDR and security orchestration, automation and response or SOAR, it has become increasingly difficult for threat actors to breach the environment.
This has created a new trend of hackers focusing on the browser attack surface. The rise in work-from-home coupled with app modernization have pushed more of a worker’s day-to-day activities towards the browser, with some workers spending all their day using browser-based apps.
There’s an expression with security pros that states you’re only as secure as your weakest link, and for many businesses, that’s the browser. The Menlo Secure Enterprise Browser works with all local browsers to prevent and detect known and unknown browser threats. In partnership with Google Cloud, the Menlo Security browser security solution now includes major new capabilities to:
- Manage local policies for browsers.
- Protect enterprise users from evasive ransomware and phishing attacks.
- Secure access to applications and corporate data.
In turn, Menlo threat research will add to Mandiant’s capabilities through training and sharing of data. Mandiant will also strengthen its browser security expertise through training provided by Menlo threat research. The strengthened security partnership allows customers to benefit from integrated products, such as Google Chronicle Security Operations, and VirusTotal Threat Intelligence.
Although secure browsers have been available for some time, I believe we are at an industry inflection point that drives greater demand. This shift to permanent remote work is a significant catalyst for secure browsers. As remote work becomes more prevalent, companies need secure ways to allow employees to access corporate resources from any location safely. In my conversations with customers, the top use case for secure browsers is virtual desktop interface replacement.
One of the challenges for Menlo and other secure browsers is the value proposition isn’t well-understood. Off-the-shelf browsers provide basic security, but the Menlo Secure Browser provides the following benefits:
- Isolation technology: Secure browsers use technology that isolates browsing activity from endpoints and corporate networks, effectively keeping any malicious content away from the company’s internal environment. This isolation ensures that harmful malware or phishing attacks do not compromise the network.
- Controlled web access: Secure browsers can offer greater control over which websites employees can access, reducing the risk of exposure to risky web content. This can include content filtering and the enforcement of secure browsing policies.
- Reduced risk of data leakage: Secure browsers can help prevent sensitive data from being unintentionally shared or leaked by controlling and monitoring access to information.
- Analytics and reporting: Secure browsers include tools for monitoring and reporting browsing behavior, which can be invaluable for auditing and compliance purposes.
One of the deterrents for secure browsers has been that users would push back as they have their favorite one already and users do not like change. Menlo’s approach is to work with the existing browsers, giving users the choice they want. Users and enterprises have preferences on which applications they choose to use, and the browser is no different. Whether it’s Chrome, Edge, Brave, Safari or others, Menlo’s approach enables user choice versus forcing them to use a replacement browser.
Historically, browser companies and secure browser vendors have been at odds, as the latter highlight some of the security issues with using browsers for corporate applications. The partnership with Google and Menlo validates the need for secure enterprise browsers. Google is, by far, the market leader in browsers, and this partnership punctuates the changing industry and the need for security to be applied in browsers, which is where many users live most of their day.