Menlo Security Gateway Now Protects Mobile Devices
Menlo Security this week announced it has extended the reach of its cloud service for isolating endpoints from web content to mobile computing devices.
The company’s secure web gateway (SWG) only renders content on a remote cloud service that can be viewed using a browser running on an endpoint. That approach eliminates the possibility malware might be downloaded on to an endpoint.
Nick Edwards, vice president of product management at Menlo Security, said the Menlo Security Secure Web Gateway with Isolation Core extends that same capability to include mobile computing devices that have also become targets of, for example, phishing attacks that attempt to steal credentials by downloading malware to a device. With end users working from home to combat the spread of the COVID-19 pandemic, the number of individuals accessing web applications using mobile devices has sharply increased, Edwards noted.
The Menlo Security Secure Web Gateway with Isolation Core service supports Apple iOS, Apple iPadOS and Google Android operating systems and will integrate directly with Safari, Chrome and Samsung browsers. It also provides cybersecurity teams with data loss prevention (DLP) capabilities along with read-only phishing protection and download controls. All links sent in mobile applications will automatically be opened in the default browser in a read-only mode. Any latency generated by routing requests to access content through a gateway service from Menlo Security is minimal, said Edwards.
The Menlo Security gateway also acts as a patch buffer for browsers that are not often upgraded to apply the latest security fixes, Edwards added.
Edwards said one of the primary hurdles the company encounters is the assumption that a gateway service is only required when accessing highly-sensitive applications. As it turns out, cybercriminals are launching attacks against any web or mobile application in the hope that the malware they deposit will, eventually, spread laterally through the rest of the organization.
Fresh from raising an additional $100 million that brought its valuation to $800 million, Menlo Security claims to be seeing 155% annual recurring revenue growth, and a more than 100% increase in average deal size, year-to-date. Most recently, Menlo Security was awarded a $198.9 million contract by the U.S. Defense Information Systems Agency (DISA) for the cloud-based internet isolation (CBII) program. The implementation of that service is expected to be accessed by as many as 3.5 million users worldwide.
Menlo Security also provides the underpinning of a VMware Cloud Web Security service that will also integrate a secure web gateway, cloud access service broker (CASB), data loss prevention, sandbox and remote browser isolation capabilities from Menlo Security with the VeloCloud software-defined wide area network (SD-WAN) service provided by VMware.
It’s not clear why more organizations aren’t using what is essentially a demilitarized zone (DMZ) to isolate end users from malware. However, as the number of cybersecurity incidents involving endpoints continues to climb, it is likely more organizations will reconsider their cybersecurity options. The days when cybersecurity teams could count on end users being behind a corporate firewall are over; even when the pandemic subsides, there will be no going back to cybersecurity business-as-usual.
