Cybersecurity startup LayerX has announced the launch of its secure web browsing solution. The venture emerges from stealth to redefine enterprise browsing by putting users first as opposed to conventional solutions that trade user experience and productivity for strict monitoring and control.
The transition of workloads to the cloud has put web browsers at the center of daily activities. Enterprise software is now accessed mainly through web applications. Important data passes through and is typically stored in browsers. Because of this, malicious actors have zeroed in on browsers to set up their attacks. Hackers devise ingenious ways to gain access to user data on browsers through phishing, malicious scripts, and browser extensions and have been quite successful over the past years.
Enterprise browsing solutions operate on the premise that commercial web browsers like Google Chrome, Mozilla Firefox, and Safari are not secure enough to prevent attacks. Working on this assumption, providers like Island and Talon offer alternatives in the form of standalone hardened browsers. These browsers secure data by isolating traffic and enforcing browsing policies that prevent interactions with potentially malicious traffic sources.
Unfortunately, these often slow down the browsing experience and extend the loading times of websites and apps, disrupting an enterprise’s workflow. Users are forced to learn and adjust to new browsers and interfaces. In some cases, security policies enforced through these browsers “break” workflows inadvertently. LayerX seeks to change this through its platform.
“‘Enterprise browser’ companies claim that existing browsers like Chrome and Safari are not secure enough, and try to replace them with their own browsers. I think it’s madness – commercial browsers are perfectly built for productivity and security. The browser itself is not the issue at all. It’s the user using it,” says LayerX CEO and co-founder Or Eshed.
LayerX secures browsing through high-resolution monitoring and control of browsing behaviors. Rather than relying on blanket rules that restrict user activities, it monitors browsing behaviors, considers each user’s context, and performs deep session analysis to detect threats and risky behaviors.
The LayerX Plexus engine uses a dual artificial intelligence (AI) engine that works on both the client side and the backend to analyze session data. The platform detects emerging risks using machine learning and enforces granular activity policies to prevent these from maturing into full-blown threats. Should the organization need additional security policies, the platform enables security teams to deploy custom browsing rules.
The platform integrates with existing browsers through an extension, making the solution easy to implement even in an enterprise setting. Users can enjoy the flexibility of using their preferred browsers while maintaining their usual productivity.
LayerX also keeps user data private, creating a balance between giving security teams control and respecting employee boundaries. In addition, adopting the solution does not create additional work disruptions since user training and familiarization usually accompany the rollouts of new enterprise tools.
This user-first perspective is an intriguing alternative to current security approaches, which are often preoccupied with shielding the enterprise from external threats. Enterprise security comprises various tools and solutions that security teams must configure and manage carefully to form a cohesive defense system.
What these approaches also overlook is the human element in the security equation. According to the World Economic Forum’s Global Risks Report, 95 percent of cybersecurity threats are caused in some way by human error.
This is further compounded by the problem of data sprawl, where enterprise data can reside almost anywhere – in browsers, remote machines, and third-party applications. Today, security officers are actually more concerned with how users within the enterprise handle data over safeguarding networks against external threats.
Tools like forward proxies, cloud access security brokers (CASB), secure web gateways, and data loss prevention (DLP) solutions can work to secure data within their respective domains. However, they still cannot monitor specific user actions like form-filling and mouse actions to evaluate what is happening in the real-time browsing session.
Hardened web browsers look to provide security at this level. However, they compromise on user experience, making them a less attractive option to implement. LayerX offers proactive protection against threats which isn’t obtrusive to how users work.
“LayerX chose the approach that seems to make the most sense for browser security. An extension-based approach significantly reduces the technical risk of compatibility across all platforms and the complexity and cost of rollout and maintenance. It also reduces operational risks associated with third parties, diverse equipment, and countless other issues when compared to proprietary browser solutions,” shares Ira Winkler, security expert and former Chief Security Architect at Walmart.
The Tel Aviv-based startup is led by cybersecurity experts and veterans of the IDF cyber units. The venture also recently secured a $7.5 million seed round from Glilot Capital and Kmehin Ventures alongside various investors to fund its startup activities.
The launch of LayerX provides enterprises with the option to adopt an innovative and practical security solution to minimize browsing risks as the world continues to become more and more connected.