Modern cyber security architecture has a critical blind spot that is leaving our people vulnerable to attack and causing real harm. That blind spot is in a piece of technology that we all interact with nearly every single day: the web browser. The encrypted privacy protections that browsers support have inadvertently created a safe haven for attackers to target users, without meaningful scrutiny.
The Scope of the Problem
Before we dive into the technical details and solutions to the Browser Blind Spot, it is important to outline its impact. It’s well known that phishing is an attacker’s method of choice for gaining initial access to an organization. According to The United States Cyber Security and Infrastructure Agency, 90% of cyber attacks begin with phishing attacks. Furthermore, Cofense found in their 2021 “Annual State of Phishing Report” that 38% of the malicious emails that they analyzed contained a malicious link. This data brings us to a startling conclusion. Approximately 34% of cyber attacks begin with a threat actor luring a user to a malicious site.
The Blind Spot
Typical cyber security stacks include threat detection technologies that wrap around the web browser but don’t effectively analyze what occurs within. This includes monitoring for endpoints (operating system processes and files), network traffic (limited to basic information for encrypted connections), and email. Occasionally, teams will use tools like web filters or proxy servers that act as a “man in the middle” and analyze connections between web sites and client devices. Although these tools can be helpful for defense in depth, proxy servers involve the configuration of network routing and do not provide any visibility to endpoints that are not on the corporate network or those that are using an encrypted VPN service. Additionally, they often use simplistic detection techniques due to resource and latency constraints. To effectively keep people safe, we must address browser security directly.
The Solution
Keep Aware has developed a solution that targets The Browser Blind Spot. By deploying lightweight detection technology directly to the web browser, we are able to provide protection that is content aware and doesn’t stop working just because someone isn’t connected to the corporate network. Keep Aware analyzes websites using numerous methods including behavioral models, anomaly detection, and threat lists. Our technology maintains the privacy and sensitivity of the browser session by analyzing and extracting only website metadata, without the need for risky “man in the middle” decryption. By protecting the browser, our team is committed to protecting people where they are most vulnerable.
–Forrest Sullivan, Technical Sales Director @ Keep Aware