As Saas and cloud work rework the enterprise, the web browser has become a new final point. However, unlike the final points, the browsers remain mostly without animated, despite the fact that it is responsible for more than 70% of modern attacks on malicious programs.
To hold a recent A state security report report The main major problems facing security executives with employees using the web browser for most of their work. The reality is that Traditional security instruments are blind to what is happening in the browserAnd the attackers know it.
Main conclusions:
- 70% of phishing companies stands for Microsoft, OneDrive or Office 365 to use users’ trust.
- 150+ trusted platforms Like Google Docs, and Dropbox are exposed to phishing and operating data.
- 10% tips AI Include a tangible business conte by creating risks on thousands of AI-based tools.
- 34% File download The company goes to personal accounts, often unnoticed.
New attack models bypass traditional defense
From phishing kits that are transformed in real time, to JavaScript accounting data, attackers bypass firewalls, SWGs and even EDRS. Here’s how:
Collect malicious programs in your browser
Threats are delivered as fragments that are activated only when gathering inside the browser – creating them invisible to network or final tools.
Multi -stage phishing
Phishing pages dynamically provide different content, depending on who views – users see scanning and scanners do not see anything. Microsoft remains the embodiment of the purpose.
Life on trusted platforms
The attackers hide behind the URL from the reputable Saas platforms. Security tools allow this by default – providing the opponents a clear path.
The security stack must develop to identify, analyze and respond to the threats where they actually occur: inside the browser. Based solely on the perimeter -based protection, such as SWG and network safety tools are not enough.
AI: Next great (non -measured) risk of safety
Since 75% of employees using generative IIMost businesses do not know what data is inserted into models such as Chatgpt Albo what’s in the background make the browser. Unlike traditional applications, AI’s tools do not have a specific security limit.
IT Safety Camings often leave reactively to the adoption of II rather than actively manage it. Traditional political approaches to combat the adoption of II because:
- AI applications are quickly created, making static permits/deny lists ineffective.
- Employees often switch between personal and corporate use of II, further blurring forced execution.
- Many AI models are built into other platforms, making the detection and control even more complicated.
This leads to inconsistent management when security groups face the problem of determining and implementing policies in conditions that have no precise use limits.
As the rules of AI, visibility and control over the adoption of the II will be reinforced, it will be obligatory and no longer optional. Organizations should monitor the use, detection of risks and sensitive data on the data fastening. Tomorrow Active Monitoring lies the basis for the II management tomorrow.
DLP can’t keep up with your browser
LEGACY data loss prevention systems have been designed for email and final points not for today’s workflows. The browser has become the main data channel, but traditional DLP solutions can only see where network traffic is sent, not actual data processing.
Modern Data Expressing Risks include:
- Insert API key into the browser -based tools
- Loading documents to Google Person
- Copies customer data from AI assistants
Even well-gap employees can unintentions to trace IP when switching between work and personal accounting records that outdated tools cannot detect.
With more data moving through the browser than if -earlier, DLP must develop to recognize the context of the application, the user’s actions and the business intent. The only DLP model based on the browser will give the security team to apply a consistent data protection policy in all directions by performing high -risk action control.
The problem of expanding no one looks
Despite the minimum technical evolution over the years, the browser expansion now has unprecedented access to sensitive organizational data and user identity. While security groups are strictly controlled by software updates, patches and final security policies, expanding remain the surface of the attack, often ignored within the traditional safety framework. During the User data research, the team found: the team found:
- 46% Extension serves as a case of performance.
- 20% Travel in the lifestyle category – like purchases or social plugins.
- 10% are classified as a high or critical risk of excessive permits.
Permits that allow access to the full page, session tracking, or network interception are still too common in extensions loaded from trusted markets.
Because expansion continues to serve both productivity and safety commitments, enterprises should implement stronger review processes, visibility control and active protection to provide the browser from the inside.
The shadow lives in the browser
Shadow is no longer just random use of unauthorized applications – this has become a major problem for the security of the enterprise. Employees regularly accept applications for SAAS, personal file sharing services and third -party tools unattended by IT, often integrating them into daily work with real business data.
Employees of different functions of work regularly interact with several organizational cases of the same application – often without recognizing the effects of safety.
- Marketing and creative teams: A marketing group member can mistakenly download assets from Google Drive partner instead of the company’s official instance, which will lead to unintentional data impact.
- Consultants and Customer Role: Consultant working with multiple customers can access SharePoint websites characteristic of the client, unknown by creating safety gaps because sensitive data is distributed in various organizations.
- Professional services and external cooperation: branches such as legal and accounting, which are heavily based on external cooperation, often employees work in 15+ different specimens of SharePoint, introducing significant problems in the data monitoring.
This explosion Shadow this It creates large spaces in safety, in particular as a completely process of growth platforms.
Instead of classifying applications as corporate or consumer, security teams must evaluate the intention of interaction of employees, the context of the account used tools, and the risk of real -time SAAS activities. This means to go beyond static policy to accept dynamic risk assessments, access control and constant monitoring. The browser became the most important point of visibility, revealing the entrances, switching accounts, the status of the Foreign Ministry, requests for access to consent and data movement across the organizational boundaries.
The way forward: the visibility and management of the browser
The awareness report provides a comprehensive understanding and data points that prove that safety should move inside the browser. As the phishing campaigns are developing, malware collection is becoming more sophisticated, the use of the II takes off, and the browser extensions are left without check, organizations that have not adapted will remain vulnerable.
Security teams must integrate the browser security into their enterprise security stack to get visibility in real time, to identify the threats engaged in the browser, and to protect the people where they work.
Request a personalized demonstration If you want to know more about the protection of your organization from the browser -based threats.
