Menlo Security today announced it has raised another $100 million in funding to fuel an effort to better secure cloud environments using the Menlo Security Isolation Platform and Adaptive Clientless Rendering (ACR) technology, which fetches and executes the functions of a web browser on its platform rather than on a corporate network.
Company CTO Kowsik Guruswamy said that approach enables Menlo Security to only surface sanitized, nonexecutable content on any device, providing organizations with a zero-trust approach to IT security managed on their behalf. That’s especially critical at a time when the bulk of end users are working from home to help combat the spread of the COVID-19 pandemic, he said.
Currently valued at $800 million, Menlo Security has built a global cloud service that’s available anywhere. The goal is to provide IT organizations with a cloud-based service that offloads the management of security, Guruswamy noted.
Most recently, Menlo Security was awarded a $198.9 million contract by the U.S. Defense Information Systems Agency (DISA) for the Cloud-Based Internet Isolation (CBII) program. That implementation of the service is expected to be accessed by as many as 3.5 million users worldwide.
A recently announced VMware Cloud Web Security service will also integrate a secure web gateway, cloud access service broker (CASB), data loss prevention, sandbox and remote browser isolation capabilities from Menlo Security within its software-defines wide area network (SD-WAN) service.
Overall, Menlo Security claims to be seeing 155% annual recurring revenue growth and a more than 100% increase in average deal size year to date.
In general, organizations of all sizes are relying more on various types of as-a-service platforms to manage security. That approach makes it easier to maintain security operations at a time hiring and retaining experienced security personnel remains challenging. Cybersecurity teams still need to define policies for their organizations, but much of the responsibility for deploying and maintaining security infrastructure is being shifted toward a service.
No one knows for sure if or when most employees will be returning to an office even if a COVID-19 vaccine is formally approved and widely distributed sometime next year. Many organizations are realizing they don’t need as much office space as employees remain productive working from home. The challenge security teams face today is the network perimeter many of them have so zealously guarded for years no longer effectively exists. IT organizations need a way for users to securely access applications regardless of where they are in a way that is simple to use and easily scales up and down.
It’s not clear to what degree organizations will effectively outsource security operations to achieve that goal, but as the number of threats along with the severity of the attacks continues to increase, it’s increasingly difficult for many organizations to manage security on their own. In fact, organizations that continue to rely solely on internal IT teams to secure everything won’t be able to keep pace with a threat landscape that continues to change and evolve rapidly.