Menlo Secure Cloud Browser Enables a Safer Enterprise Workspace

A new cloud security option lets businesses plug in better digital safeguards without leaving existing web browsers behind.

Browser security firm Menlo Security  announced a novel approach to browser security that protects users from internet-borne attacks. It is a supplemental set of extensions that enhances existing web browsers with cloud-delivered browser security.

Instead of trying to force users to embrace a new browser and thus expand the enterprise attack surface, Menlo’s add-on tools protect data and users with end-to-end visibility and dynamic policy enforcement directly inside browser sessions to block zero-hour phishing, malware, and ransomware attacks.

Cloud-delivered security already exists, as do first-generation browser isolation schemes. But no approach adds the browser to a defence in depth architecture and seamlessly marshals sessions from the local browser. Menlo’s approach also manages the security of the local browser in concert with the secure cloud browser, according to Andrew Harding, vice president for security strategy at Menlo Security.

Many employees spend 75% of their workday in a browser, according to Amir Ben-Efraim, CEO and co-founder of Menlo Security.

Despite its multiple components, users do not need to add all of the enterprise browser extensions to what they use, clarified Harding. All the elements work together, but they are not all required.

Menlo Security Browser Posture Manager provides easy browser configuration assessment and instant attack surface analysis. Most enterprises neglect browser policy management due to thousands of settings and updates required every two to four weeks.

These are key features considering that security searchers classified 175 Common Vulnerabilities and Exposures (CVE) last year as high or critical. Browser developers added 125 new features to Chromium, the open-source web browser project that underpins over ninety-five percent of browsers.

The browser remains the primary interface that all users, enterprise and personal, use to access the Internet, confirmed John Bambenek, president at Bambenek Consulting. This ubiquity makes it a target for inbound threats such as phishing and outbound threats like data loss.

Companies do not treat web browsers as an endpoint in need of targeted security and protection, according to Menlo’s Ben-Efraim. Local browsers and replacement browsers are subject to attack. Even with advanced local browser posture management reducing the attack surface and defending against local browser exploits, the installed footprint of the browser represents a risk.

Menlo solves this reality with new capabilities. They are simple to adopt, and the unified zero-trust access model works with both enterprise-managed systems and unmanaged devices. The latest security tools enable governance over privileged access while moving past legacy approaches, such as virtual desktop infrastructure (VDI) and remote-access VPNs.

An innovative approach allows the extension of the Menlo Secure Cloud browser to unmanaged endpoints. Harding pointed out that this extension represents an additional mode of deployment rather than a total overhaul.