The rise of cloud applications and infrastructure has led to an increasing need for security controls within web browsers to protect users from online threats. As a result, there has been a growing trend of networking and cybersecurity companies entering the secure-browser and browser-isolation market.
One notable example is Palo Alto Networks, which is reportedly in talks to acquire Talon Cyber Security, a provider of local browser isolation technology. Startups such as Surf Security are also offering secure enterprise browsers, while consumer cybersecurity firms like Gen and SquareX have begun providing secure browsers for home users.
According to Paddy Harrington, a senior analyst in Forrester’s security and risk group, there is a high demand for solutions that can protect browser-based businesses. With users spending a significant amount of time in browsers for various activities, attackers often target them through these channels. However, different companies and users may have different requirements, and thus, there is no one-size-fits-all solution. To address this, enterprise browser vendors have been incorporating browser security extensions into their portfolios to enhance coverage.
The secure browser and browser isolation market has become increasingly competitive. Networking and internet infrastructure firms like Cisco, Citrix, Cloudflare, Fortinet, Menlo Security, and Zscaler have integrated remote browser isolation into their product offerings. Additionally, Check Point has developed a local browser isolation plugin called Harmony Browse. Talon Cyber Security is not the only startup focusing on integrating isolation into the browser. Other firms, such as Authentic8, Island, LayerX, and Seraphic Security, have also adopted the enterprise browser or local browser isolation approach.
Mark Guntrip, senior director of cybersecurity strategy at Menlo Security, explains that the emphasis on browser security has emerged due to the consolidation of enterprise applications into web applications accessed through browsers. Employees are increasingly relying on browsers, particularly for software-as-a-service (SaaS) and web applications. Forrester Research reveals that the majority of workers now use browsers for all their work or perform most tasks through browsers.
However, this shift to browser-based business activities has also attracted attackers. Gen, for instance, claims to have blocked around 180 million web-based attacks in the second quarter alone. Ben Wadors, director of browser and search at Gen, highlights that a significant number of successful cyber-attacks originate from the web and target web browsers or transit through them.
Companies traditionally adopt one of three approaches to address browser security: remote browser isolation as a cloud-based service, on-premises appliances, or local browser isolation using custom browsers or browser plugins. Menlo Security’s remote browser isolation solution, for example, sits between customers’ browsers and the web resources they access. When a request is made, the solution connects to the site and renders it in a cloud-based browser, shielding the user’s browser from potential malicious activity.
The need for browser isolation is further emphasized by the accelerated adoption of cloud applications and services during the COVID-19 pandemic. Zero trust solutions, which require more authentication and continuous monitoring, necessitate the protection of users’ interactions with the web and cloud applications.
In conclusion, with the growing presence of cloud applications and infrastructure, the demand for secure browsers and browser isolation has increased. Networking and cybersecurity companies, as well as startups, are actively entering this market to provide solutions that can protect users from online threats. As more employees rely on browsers for work, it is crucial for organizations to deploy browser security solutions to ensure the safety of their data and systems.