LayerX this week emerged from stealth to launch a modern browser extension that leverages machine learning algorithms to ensure connections made to applications are secure.
LayerX CEO Or Eshed said an approach based on browser extensions also makes it simpler for IT and security operations teams to manage security without having to replace existing browsers.
Fresh from raising $7.5 million in seed funding, Eshed added that IT organizations need to find a way to seamlessly secure browsers because end users are directly accessing cloud applications. LayerX is using a Plexis engine it developed to gather session analytics and turn the browser into a zero-trust endpoint. The Plexis engine makes use of machine learning algorithms running on both the client and the backend LayerX platform to identify security threats.
That approach doesn’t impact application performance because it doesn’t require organizations to backhaul all network traffic through a firewall, said Eshed. That’s critical, because with more employees now routinely working from home the number of network hops between an end user and a cloud application accessed via a corporate network has significantly expanded, he added. The network firewall is all but useless, added Eshed.
Browsers have become a focal point for cyberattacks because it’s relatively easy to trick an end user into downloading malware used to compromise credentials from the web. Once a cybercriminal gains access, they can start exfiltrating data without anyone realizing it is occurring until the data shows up on the dark web.
There are, of course, other options when it comes to securing browsers, but they generally require IT organizations to replace commercial browsers with one that has an embedded sandbox. The issue is the introduction of a different browser not only changes the user experience, Eshed noted, but the sandbox itself adds overhead that can adversely impact application performance.
It’s now become possible to eliminate the need for the sandbox approach because most modern browsers are now based on the same core engine, which makes it possible to install the Plexis engine as an extension across multiple types of browsers, said Eshed.
Cybersecurity teams these days are clearly under a lot of pressure to secure endpoints. The challenge is they are being required to do so in a way that causes the least amount of disruption to the end-user experience possible. Making use of a browser extension is not only simpler, it also prevents the end user from turning off the capability due to an application performance issue that they attribute to, for example, a virtual private network (VPN). From a security perspective, the browser quickly becomes a blind spot, noted Eshed.
The existence of an alternate approach to securing browsers doesn’t obviate the need for other layers of security, but it does provide the first line of defense at the point where most malware is encountered. At a time when employees are accessing any number of web sites loaded with malware, building and maintaining that first line of defense is more critical than ever.