Protecting web browser key for enterprise cybersecurity

Web browsers are the most widely used applications for both work and personal activities in today’s digitalised environment.

As a result, users access and share a lot of sensitive information through the browser. In Singapore, 99 per cent of all government transactions are completed online.

It is of little wonder, then, that web browsers have become the prime target for cyberattacks, with hackers evolving their tactics to focus on sophisticated attacks.

These attacks use subtle and malicious code that bypass traditional endpoint security defences and network security controls. 

A research report released by Menlo Security in March this year showed that there has been a 130 per cent increase in zero-hour phishing attacks.

The report also identified nearly 600 incidents of generative artificial intelligence (GenAI)-powered attacks, spurring 140 per cent increase in browser-based phishing attacks compared to the previous year.

Cyber criminals and attackers are using AI tools to create highly evasive and adaptive threat (HEAT) attacks.

These include drive-by downloads, where malicious scripts execute in the background without user interaction.

To subscribe to the GovInsider bulletin, click here.  

Other methods of attack come in the form of files that appear harmless but deploy malware upon opening. Even something as innocuous as an image file can be a carrier for hidden code, using steganography to bypass detection.

Secure web browsing solutions

A secure enterprise browsing solution has become crucial for organisations to tackle risks posed by phishing, malware, zero-day attacks and ransomware.

This is because traditional web security that adopts the “detect and respond approach” has become too reactive and hence not very effective in tackling modern day threat vectors driven by AI.

This is where the Menlo Secure Enterprise Browser helps mitigate threats before they reach endpoint devices by isolating web content in a secure cloud environment instead of relying solely on perimeter defences and endpoint security measures.

With corporate users typically spending more than 80 per cent of their work time accessing applications over the browser, Menlo Security provides a comprehensive workspace security solution that secures the browser in all situations.

The Menlo Secure Cloud Browser was a hardened digital twin of the user’s local browser in the cloud. This gives security teams the visibility and control they need to protect against threats like ransomware.

Features include cloud content inspection, a file handling engine, a safe cloud document and archive viewer, remote browser isolation, and zero-day protection.

These capabilities give administrators the ability to execute each web request inside the Menlo Secure Cloud Browser and prevent any malicious code or activity from reaching the endpoint.

Fighting AI threats with AI solutions

Robust AI defence can help fight malicious AI programmes.

Adding Menlo’s HEAT Shield AI to an existing Menlo deployment delivers dynamic policy enforcement to every page load, without changing anything else in the security stack.

The HEAT Shield AI can identify and block zero-hour phishing attempts by ensuring that the browser traffic passes through the Menlo neural network.

To do that, it employs multiple inspection engines simultaneously to deliver real-time analysis in a single pass.

When a phishing site has been identified, HEAT Shield AI dynamically creates and applies a configured policy enforcement action - either displaying the page in read-only mode or blocking it completely.

There is no need for security or incident response teams to investigate as the attack proceeds. All results are compiled on a single dashboard that can be integrated into a company’s Security Information and Event Management (SIEM) platform.

With rapidly evolving threats, relying on just a single security tool was no longer enough for enterprises as attackers are constantly adapting to and bypassing traditional defences to make high profile attacks.

Votiro acquisition expands solution suite

To enhance its security solutions suite even more, Menlo Security has recently integrated Votiro’s data and file security platform into its suite of products.

Votiro's strength lies in data and file security, and thus it complements Menlo’s browser security features.

Integration will allow the expanded company to support the overall needs of workspace security in a more comprehensive and impactful manner.

Votiro’s advanced content and disarm (CDR) solution takes care of file security as documents flow across the enterprise workspace, including the browser, email, collaboration tools and application programming interface (API) flows.

In addition to CDR, Votiro’s zero-trust Data Detection and Response (DDR) solution provides Active Data Masking, which works simultaneously with CDR to discover, identify, and obfuscate sensitive information. 

Paired with Menlo’s HEATShield AI, the solutions can detect and prevent a broader range of phishing and malware/ransomware attacks, as well as the loss of sensitive data.

The acquisition addresses important customer pain points around safely interacting with files and data across the workspace, be it email attachments, collaboration tools, web downloads/uploads, or file transfers from browsers to software-as-a-service (SaaS) applications. 

Customers also get a more robust and comprehensive Secure Access Service Edge (SASE) offering by uniting two complementary security capabilities: Menlo’s cloud-based isolation platform and Votiro’s advanced CDR technology.

Together, Menlo and Votiro offer a differentiated SASE solution that delivers deep threat prevention with minimal friction, positioning the combined company as a leader in secure, scalable, and user-friendly cloud security.

The expanded solution also delivers Zero Trust Access to allow users to securely access their applications while preventing data leakage and securing file movement.

This integration allows for the safe viewing and downloading of web content and documents, neutralising known and unknown malware while maintaining the original file's functionality.

To learn more about how Menlo Security provides a secure enterprise workspace, join the company’s annual roadshow event, Menlo Secure WorkDays, happening in Singapore on May 28 and 29. The registration page for the event can be found here.