Speakers
Synopsis
The web browser, while being the most frequently used application in organisations, is also the least protected. Employees and consultants spend most of their time on the browser, and are often targeted by all manner of web attacks, from spear phishing to malicious email attachments.
A key requirement according to Gartner for a SASE/SSE solution is to provide secure web access to enterprise users by ensuring malware protection, threat prevention, URL filtering, content inspection of sensitive data, among others. The primary component in a SASE/SSE solution responsible for this are Secure Web Gateways (SWG). These are basically cloud based SSL-intercepting proxies which inspect traffic and promise to detect and mitigate web attacks and malicious file downloads, among many other threats. Interestingly, we found that there are classes of attacks which as of this writing bypasses every SWG in the Gartner Magic Quadrant for SASE and SSE. We will be sharing some insights on such attacks and how Small-Medium Enterprises (SMEs) and Non-profits (NFPs) could be vulnerable to them.
Many organisations rely on endpoint security solutions, such as anti-virus, anti-malware to detect and block malicious files from attacking the employee’s device. However, as endpoint security has no visibility into the browser, attack attribution is practically non-existent and security admins are unable to put in remediation measures for the attacks from recurring.
Consider the case where an adversary is targeting multiple users of your client’s organization with the same ransomware, packaged as a malicious Excel document, and sent over multiple channels including Telegram, WhatsApp, Email, and Twitter. The existing security solutions cannot provide granular details such as which browser tab the attack originated from, who the attacker was, and how the attack was propagated across the organization. Without this information, SMEs and NFPs cannot mount an appropriate response to such attacks, and will also be more susceptible to future threats.
This can only be addressed by a browser security agent, - one that sits directly in the browser, monitors browsing activity, detects attacks that originate from the browser and mitigates them before they leave the browser. Furthermore, a browser-native solution collects and reports detailed data on browsing activity, empowering SMEs and NFPs to conduct thorough threat investigations and increase overall cyber resilience.
Browser-native security solutions are better at grasping what happens in complex web applications as they reside in the browser. They can closely examine user interactions, the way website code and data are rendered, and how this complex interplay leads to higher order attacks.
In this session, different types of browser security solutions will also be presented with their pros and cons, such as ease of deployment, scalability, attack coverage, visibility and so on. This will provide SMEs and NFPs a good understanding of the browser security landscape and the right solution for their enterprise.
