For the first time, we’ve put our long-form thoughts into a report—a deep dive into the security challenges we see every day. This isn’t just an exploration of browser security; it’s a reflection of what we hear from security leaders, the risks we observe in the industry, and why traditional security models are struggling to keep up.

Early in my career as a SOC Analyst and later as a SOC Engineer, I was immersed in network and email security—analyzing threats, fine-tuning detections, and responding to incidents. Security tools like Secure Web Gateways (SWGs), firewalls, and Endpoint Detection and Response (EDR) were designed to monitor what entered and exited corporate environments. But the reality I couldn’t ignore was that security tools are evolving outside of the browser while work (and its risks) have moved inside it.

SaaS platforms, cloud storage, collaboration tools, and AI-powered applications have become the foundation of modern productivity. Employees move fluidly between personal and business accounts, sensitive data flows through unsanctioned tools, and attackers exploit the very platforms organizations trust the most. Security tools have traditionally been built around the browser with the assumption that these platforms were inherently “known good.” Today, that trust is being weaponized.

Security leaders I speak with share the same concern: we have robust controls for networks, endpoints, and email, but nothing that truly protects how our people work in the browser.

I started Keep Aware because I saw firsthand the gap organizations face in protecting employees where they actually work—not just the systems around them.

This report is a reflection of that journey and the challenges organizations face today. My hope is that it not only sheds light on where we are but helps security leaders rethink how they protect their employees in the browser, the most critical tool in modern business.

‍

Download our State of Browser Security Report here

‍

Ryan Boerner

CEO @ Keep Aware