Menlo Security Adds SaaS Platform to Manage Secure Browsers

Menlo Security today unfurled a software-as-a-service platform that makes it simpler to centrally apply and manage cybersecurity policies to secure instances of Google Chrome or Microsoft Edge browsers.
Rew Harding, vice president of security strategy for Menlo Security, said the Secure Enterprise Browser platform provides organizations with the ability to centrally manage Menlo Secure Cloud Browser, a framework that isolates and filters browser traffic in the cloud.
That zero-trust approach prevents any cyberattack aimed at a browser from actually reaching the endpoint being used to access Menlo Secure Cloud Browser, noted Harding.
Rather than requiring end users to replace their favorite browser, Menlo Security has been making a case for improving endpoint security by offloading web access requests to a cloud service.
That service removes malware and phishing attacks before passing that traffic on to an endpoint running either Google Chrome or Microsoft Edge browsers an organization has standardized on.
That approach provides the added benefit of eliminating the need for IT teams to manage SSL/TLS certificates for every browser, noted Harding.
Menlo Security is also adding posture management capabilities to assess browser configurations as settings change every time an update is made to a browser.
There is also a data loss prevention capability that extends copy-paste controls, user-input limits, watermarking and data masking to each endpoint.
Finally, Menlo Security is adding the ability to apply a Menlo Browser Extension to unmanaged devices via a self-service deployment option.
The Menlo Security Client already enables cloud-based access to legacy web browsers that require support for secure socket shell or the remote desktop protocol.
Menlo Security claims its browser security platform is already being employed by approximately eight million users across nearly 1,000 global enterprises and government organizations, including the U.S. Department of Defense.
Each organization will naturally need to decide to what degree they want to centralize web access, but as IT environments become more distributed, it becomes more challenging to secure the attack surface.
Most of the attacks targeting those surfaces involve some attempt to exploit a browser to access corporate resources, noted Harding.
The challenge organizations frequently encounter is that while cybersecurity teams may define the policies governing access, it's usually up to IT operations teams to ensure they are enforced.
Secure Enterprise Browser provides a platform through which those teams will be able to more easily collaborate, added Harding.
Of course, there are still a lot more organizations attempting to secure individual endpoints, but given the chronic shortage of cybersecurity expertise, another approach is likely required.
Many employees are already using multiple machines running different browsers to access corporate resources.
It's not possible for a small cybersecurity team to ensure that each of the browsers running on those devices is secure without centralizing how those browsers access the web.
The challenge is finding a way to achieve that goal without alienating end users who often have strong browser preferences.
The trouble with end users, as always, is that while they acknowledge cybersecurity is an issue, it doesn't always follow that they are willing to be inconvenienced to achieve it.


This Cyber News was published on securityboulevard.com. Publication date: Tue, 20 Feb 2024 22:13:06 +0000


Cyber News related to Menlo Security Adds SaaS Platform to Manage Secure Browsers

Menlo Security Adds SaaS Platform to Manage Secure Browsers - Menlo Security today unfurled a software-as-a-service platform that makes it simpler to centrally apply and manage cybersecurity policies to secure instances of Google Chrome or Microsoft Edge browsers. Rew Harding, vice president of security ...
9 months ago Securityboulevard.com
The ONE Thing All Modern SaaS Risk Management Programs Do - Reducing SaaS risk is, without a doubt, a difficult challenge. Gaining visibility into all the SaaS apps used across an enterprise is hard enough, but it becomes an even greater challenge when only a portion of the apps go through the company's ...
7 months ago Securityboulevard.com
SaaS Asset and User Numbers are Exploding: Is SaaS Data Security Keeping Up? - DoControl's recently released The State of SaaS Data Security 2024 report revealed a striking picture of ballooning SaaS asset and user numbers alongside security gaps that open the door to exploitation. The report, based on data from DoControl's ...
7 months ago Cybersecurity-insiders.com
How the New NIST 2.0 Guidelines Help Detect SaaS Threats - The SaaS ecosystem has exploded in the six years since the National Institute of Standards and Technology's cybersecurity framework 1.1 was released. Back in 2016-2017, when version 1.1 was initially drafted, SaaS held a small but significant place ...
8 months ago Bleepingcomputer.com
IaaS vs PaaS vs SaaS Security: Which Is Most Secure? - Security concerns include data protection, network security, identity and access management, and physical security. While IaaS gives complete control and accountability, PaaS strikes a compromise between control and simplicity, and SaaS provides a ...
11 months ago Esecurityplanet.com
The Qlik Cyber Attack: Why SSPM Is a Must Have for CISOs - On November 28 2023, Arctic Wolf Labs reported on a new Cactus ransomware campaign which exploits publicly-exposed installations of Qlik Sense, a cloud analytics and business intelligence platform. With a breach like Qlik, the first question that ...
11 months ago Securityboulevard.com
How to Eliminate Shadow IT and Achieve a Secure SaaS Environment in 2023 - The prevalence of Shadow IT has grown exponentially over the years, with most organizations being unaware of the security risks of unauthorized cloud applications. Shadow IT is any application or cloud service being used by employees for business ...
1 year ago Thehackernews.com
CISA adds Check Point Quantum Security Gateways and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog - CISA adds Apache Flink flaw to its Known Exploited Vulnerabilities catalog. CISA adds D-Link DIR router flaws to its Known Exploited Vulnerabilities catalog. CISA adds Google Chrome zero-days to its Known Exploited Vulnerabilities catalog. CISA adds ...
5 months ago Securityaffairs.com
Report Surfaces Extent of SaaS Application Insecurity - An analysis of how 493 organizations are employing software-as-a-service applications published today by Wing Security finds nearly all experienced a security incident involving at least one application. A full 81% reported security incidents ...
9 months ago Securityboulevard.com
What Is a SaaS Security Checklist? Tips & Free Template - SaaS security checklists are frameworks for protecting data and applications in cloud-based environments. These checklists include security standards and best practices for SaaS and cloud applications, and B2B SaaS providers use them to guarantee ...
7 months ago Esecurityplanet.com
Who is Responsible for Ensuring the Security of Data in SaaS Applications - As SaaS applications became more popular, it was unclear who was responsible for protecting the data. Nowadays, most security and IT teams understand the shared responsibility model, where the SaaS vendor is responsible for the application's ...
1 year ago Thehackernews.com
AppOmni Previews Generative AI Tool to Better Secure SaaS Apps - AppOmni this week unveiled a technology preview of a digital assistant to its platform for protecting software-as-a-service applications that uses generative artificial intelligence to identify cybersecurity issues. The AskOmni assistant provides ...
11 months ago Securityboulevard.com
Reco Employs Graph and AI Technologies to Secure SaaS Apps - Reco today launched a platform that makes use of machine learning algorithms and graph technology to secure software-as-a-service applications. The Reco Identities Interaction graph technology connects to SaaS applications via its application ...
11 months ago Securityboulevard.com
Savvy Launches Identity-First Security Offering to Combat Toxic Combinations Driving SaaS Risk - PRESS RELEASE. TEL AVIV, Israel, Jan. 16, 2024 - Savvy, a software-as-a-service security platform provider, today announced its Identity-First Security offering that uncovers risks created by a toxic combination of identity access management ...
10 months ago Darkreading.com
6 Best Cloud Security Companies & Vendors in 2024 - Cloud security companies specialize in protecting cloud-based assets, data, and applications against cyberattacks. To help you choose, we've analyzed a range of cybersecurity companies offering cloud security products and threat protection services. ...
9 months ago Esecurityplanet.com
Eight emerging areas of opportunity for AI in security - That's core to the thesis of how Menlo Ventures chose to evaluate eight areas where gen AI is having an outsized impact. They have collaborated on a series of blog posts that illustrate why closing the security for AI gaps is crucial for generative ...
9 months ago Venturebeat.com
SSPM: A Better Way to Secure SaaS Applications  - Security Boulevard - “GenAI can be incredibly powerful, but it must be used with caution,” Nakash warns, and adds that “if not properly managed, it can expose sensitive data or generate misleading insights.” As one report by Forrester notes, 71% of organizations ...
1 month ago Securityboulevard.com
10 Best Security Service Edge Solutions - Security Service Edge is an idea in cybersecurity that shows how network security has changed over time. With a focus on customized solutions, Security Service Edge Solutions leverages its expertise in multiple programming languages, frameworks, and ...
9 months ago Cybersecuritynews.com
Cybersecurity jobs available right now: October 2, 2024 - Help Net Security - As an Applied Cybersecurity Engineer (Center for Securing the Homeland), you will apply interdisciplinary competencies in secure systems architecture and design, security operations, threat actor behavior, risk assessment, and network security to ...
1 month ago Helpnetsecurity.com
Latest Information Security and Hacking Incidents - According to 25% of participants in an IBM study conducted in September 2022 among 3,000 companies and tech executives worldwide, security worries stand in the way of their ability to achieve their cloud-related goals. Nowadays, a lot of ...
10 months ago Cysecurity.news
Google Patches Another Chrome Zero-Day as Browser Attacks Mount - For the fourth time since August, Google has disclosed a bug in its Chrome browser technology that attackers were actively exploiting in the wild before the company had a fix for it. Integer Overflow Bug The latest zero-day, which Google is tracking ...
11 months ago Darkreading.com
CISOs Grapple With IBM's Unexpected Cybersecurity Software Exit - IBM's surprise departure from cybersecurity software this week didn't just rearrange the competitive landscape - it also reshuffled the procurement plans and vendor relationships for many CISOs rebuilding their SOCs. IBM has agreed to sell the QRadar ...
6 months ago Darkreading.com
Days After Google, Apple Reveals Exploited Zero-Day in Browser Engine - Apple has patched an actively exploited zero-day bug in its WebKit browser engine for Safari. Actively Exploited Apple yesterday described the vulnerability as something an attacker could exploit to execute arbitrary code on affected systems. ...
9 months ago Darkreading.com
The Importance of Incident Response for SaaS - The importance of a thorough incident response strategy cannot be understated as organizations prepare to identify, investigate, and resolve threats as effectively as possible. Most security veterans are already well aware of this fact, and their ...
11 months ago Securityboulevard.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)