LayerX this week came out of stealth for launch a modern browser extension that takes advantage of machine learning algorithms to ensure that connections to applications are secure.
LayerX CEO Or Eshed said a browser extension-based approach also makes it easier for IT and security operations teams to manage security without having to replace legacy browsers.
After raising $7.5 million in seed funding, Eshed added that IT organizations need to find a way to secure browsers seamlessly as end users directly access cloud applications. LayerX uses a Plexis engine it developed to collect session analytics and turn the browser into a zero-trust endpoint. The Plexis engine uses machine learning algorithms running on both the client and the LayerX back-end platform to identify security threats.
This approach doesn’t impact application performance because it doesn’t require organizations to redirect all network traffic through a firewall, Eshed said. This is critical, because with more employees now regularly working from home, the number of network hops between an end user and a cloud application accessed through a corporate network has increased significantly, he added. The network firewall is anything but useless, Eshed added.
Browsers have become a focal point for cyberattacks because it is relatively easy to trick an end user into downloading malware used to compromise credentials on the web. Once a cybercriminal gains access to it, they can start exfiltrating data without anyone realizing it until the data appears on the dark web.
There are, of course, other options for securing browsers, but they usually require IT organizations to replace commercial browsers with a browser that has a built-in sandbox. The problem is that introducing a different browser not only changes the user experience, Eshed noted, but the sandbox itself adds overhead that can negatively impact app performance.
It is now possible to eliminate the need for the sandbox approach, as most modern browsers are now based on the same core engine, allowing the Plexis engine to be installed as an extension on multiple browser types, Eshed said.
Cybersecurity teams today are clearly under a lot of pressure to secure endpoints. The challenge is that they are required to do this in a way that disrupts the end-user experience as little as possible. Using a browser extension is not only easier, it also prevents the end user from disabling functionality due to an application performance issue that they attribute to, for example, a network virtual private (VPN). From a security perspective, the browser quickly becomes a blind spot, Eshed notes.
The existence of an alternative approach to securing browsers does not eliminate the need for other layers of security, but it does provide the first line of defense where most malware is encountered. In an age when employees are accessing countless malware-laden websites, building and maintaining that first line of defense is more critical than ever.