Menlo Security Inc. - Experts & Thought Leaders

Menlo Security, Inc., a pioneer in browser security announced HEAT Shield™ and HEAT Visibility™, the industry’s first suite of threat prevention capabilities designed to detect and block highly evasive threats targeting users via the web browser. HEAT Shield™ Menlo Security HEAT Shield™ detects and blocks phishing attacks before they can infiltrate the enterprise network. It uses novel, AI-based techniques including computer vision combined with URL risk scoring and analysis of the web page elements to accurately determine in real-time if the link being accessed is a phishing site designed to steal the user's credentials. HEAT Visibility HEAT Visibility performs continual analysis of web traffic and applies AI/ML-powered classifiers In parallel, HEAT Visibility performs continual analysis of web traffic and applies AI/ML-powered classifiers that identify the presence of highly evasive attacks. This delivers timely, actionable alerts that enable security teams to significantly reduce mean time to detect (MTTD) and mean time to respond (MTTR) to any highly evasive threats that could be targeting enterprise users.  Combat cyber threat vectors “Highly evasive threats are growing as threat actors evolve how they deploy phishing and malware attacks," said Michael Urciouli, Chief Information Officer of JPMorgan Chase Asset and Wealth Management. "Tools like Menlo Security’s browser security solution, including their HEAT Shield, can help to combat cyber threat vectors for the world's top financial institutions, governments, and pioneering enterprises."  Cloud-based Isolation Core™ Isolation Core™ which monitors and analyses over 400 billion web sessions annually Menlo Security HEAT Shield and HEAT Visibility are built on Menlo Security’s cloud-based Isolation Core™ which monitors and analyses over 400 billion web sessions annually. Commonly deployed security infrastructure such as Secure Web Gateways, firewalls, endpoint security, and EDR solutions are blind to actions occurring inside the browser and fall short in combating web-based attacks including highly evasive threats. Dynamic security policies HEAT Shield leverages the Isolation Core to power dynamic security policies which can be applied to users based on web session events and behaviour to prevent attackers from gaining access to the endpoint. Individuals are protected from potential threats without any impact on the end-user experience.  Blocking threat actors “We know we need to protect our network from emerging attacks and threats targeting the web browser,” said Greg Pastor, Director of Information Security for Remedi SeniorCare. “We are seeing highly evasive threats as a concerning and growing tactic amongst threat actors, and solutions like HEAT Shield can dynamically block these attacks, even if they are zero hours, keeping our endpoints safe.”  HEAT Attack™ Dashboard HEAT alerts sent to SOC teams provide real-time threat visibility to enrich their existing threat intelligence A HEAT Attack™ Dashboard allows customers to receive detailed threat intelligence, which can be integrated into their existing SIEM or SOC platforms. While HEAT alerts sent to SOC teams provide real-time threat visibility to enrich their existing threat intelligence sources and enhance and accelerate incident response capabilities.  Secure, seamless browsing experience Nick Edwards, Vice President, Product Management at Menlo Security, said, “Adversaries have placed a massive bullseye on the web browser. It has become the new desktop, where we spend the bulk of our working day." "Legacy security vendors are fighting yesterday’s war by trying to shoehorn network security and endpoint tools to keep users safe and it isn’t working. The capabilities we are introducing today mark a significant leap forward towards our mission of creating a secure, seamless browsing experience, ensuring the internet can be used safely by our customers."  Threat prevention capabilities Threat actors are refining their techniques daily, developing novel and innovative ways Menlo Security isolates more than four billion files annually for many of the largest and most security-conscious organisations around the world. Threat actors are refining their techniques daily, developing novel and innovative ways to target their victims through the web browser, often testing their attacks against commonly deployed security tools before launching them in the wild. “Armed with this knowledge and a decade of developing industry-pioneering browser security products, we are proud to be able to deliver the industry’s first suite of threat prevention capabilities designed to detect and block HEAT attacks,” continued Edwards.  Reliable, preventative security Both HEAT Shield and HEAT Visibility are generally available across Menlo Security’s global network. “Menlo Security’s HEAT Shield product allows us to offer reliable, preventative security to our clients who are exposed to highly evasive threats every day,” said Jamie Gray, VP, Sales-East at Tevora. “Web browser threats are growing in both frequency and sophistication, so companies must have the technology to help them, not distract them. Menlo Security’s HEAT Shield is going to make a difference to our customers.” 

Menlo Security, a pioneer in cloud security, announces that the Menlo Security Cloud Security Platform powered by a patented Isolation Core has received Authorisation to Operate (ATO) at a moderate level under the Federal Risk and Authorization Management Program (FedRAMP). Instead of a detect and response approach, Menlo’s FedRAMP Authorised Cloud based Internet Isolation (CBII) Security Platform powered by an Isolation Core stops threats before they ever happen. This means safe browsing of all content from anywhere all the time. Internet access points According to DISA’s Requirement and Analysis office, CBII is expected to save the Department of Defense (DoD) the more than $300 million it would have cost to upgrade cybersecurity tools to defend internet access points. The Federal government is deploying more cloud services as it moves toward digital transformation The Federal government is deploying more cloud services as it moves toward digital transformation. As part of keeping the country, its networks and workers safe, the White House issued an executive order mandating Zero Trust security for all federal government agencies by the end of 2024. Using the Menlo Cloud Security Platform enables agencies to isolate their networks and employees and data from malware, ransomware, spyware and zero days exploits. Isolation-powered platform With a Zero Trust focus, Menlo’s Cloud Security platform is designed to eliminate malware threats, including ransomware. Menlo Security’s isolation-powered platform securely connects users to websites and applications from anywhere while scaling elastically to meet user demand without sacrificing the user experience. Menlo cloud security solutions are deployed by more than 100 government agencies, including the United States Department of Defense (DoD), mission partners, international governments, and State, Local, and Education Departments (SLED) across the United States. Although FedRAMP is a federally mandated program, SLED agencies throughout the United States can apply the FedRAMP framework in their own cloud contracts and assessments to achieve many of the same benefits that apply to federal agencies. World-class protection By Light, has been delivering its CBII solution to protect Department of Defense (DoD) networks worldwide Menlo Security is also a member of the StateRAMP program, which represents the shared interests of state and local governments. Like FedRAMP, StateRAMP is based on NIST 800-53 guidelines to ensure standardisation and best practices for cybersecurity. Since March 2019, Menlo Security, together with Integration partner, By Light, has been delivering its CBII solution to protect Department of Defense (DoD) networks worldwide. By Light and Menlo Security have worked closely with the DISA CBII Program Management Office (PMO) to design and implement the CBII capability that eliminates browser and web-based threats including phishing, drive-by-downloads, and zero-day browser vulnerabilities. FedRAMP authorisation allows Menlo to extend its world-class protection to the civilian sector. Traditional security defences In addition to these threats, Menlo Security has identified a surge in cyberthreats termed Highly Evasive Adaptive Threats (HEAT) that bypass traditional security defences. HEAT attacks are a very common class of cyber threats targeting the web browser as a highly vulnerable web attack vector used for 75% of the working day. HEAT attacks employ techniques to evade detection by multiple layers in the current security stack including firewalls, Secure Web Gateways, sandboxing, URL Reputation and phishing detection. Menlo Security has identified a surge in cyberthreats termed Highly Evasive Adaptive Threats (HEAT) “Together with Menlo Security, we’re providing DISA with a cloud security solution that directly enhances the Department’s ability to defend the DoD Information Network (DODIN),” said Mike Hatcher, Chief Revenue Officer, By Light. “We look forward to continuing our partnership with Menlo to provide government agencies with the solutions that help keep our cybersecurity infrastructure, and its users, safe, secure and productive.” Network reducing costs “As security moves to the cloud, organisations are streamlining the number of security applications in their network reducing costs,” said Raquel Hernandez, Information Systems Project Manager, Sandia National Laboratories. “Menlo’s FedRAMP certified CBII platform is easy to deploy and manage.” “Achieving FedRAMP authorisation for the Menlo Cloud Security Platform is a true testament to the value of our Isolation Core architecture. Our ability to protect the users from sophisticated attacks while maintaining a consistent user experience will enable the government agencies to focus on their mission,” said Poornima DeBolle, Menlo Security co-founder and Chief Product Officer. Secure security posture “Highly Evasive Adaptive Threats (HEAT) are challenging legacy security stacks with new techniques to deliver malware to the user. Our Zero Trust approach, powered by our innovative Isolation Core, has been proven by CBII in the DoD with millions of users for more than two years. We look forward to bringing the same protection to all government agencies with our FedRAMP Authorisation.” Key features of the Menlo Cloud Security Platform, also known as CBII, include: Isolation Core – The patented Menlo Isolation Core protects against known/unknown threats and isolates them before they reach users. Zero-trust isolation provides 100% protection without special software or plug-ins, so users don’t experience negative impacts or interruption. Centralised Platform – Menlo’s cloud-native platform which prevents malware from reaching users, eliminates the need for multiple technologies, and gives IT managers one interface to navigate. Elastic Edge – A platform built to scale globally on demand. It dynamically scales to meet any scale with over enterprise-level growth-over five million in production. The platform is also easily extendable with a rich set of APIs and integrations. HEAT Attack Prevention – Menlo’s Zero Trust approach combined with its Isolation Core ensures that all web traffic is subject to enterprise security controls resulting in a truly preventative approach to security that addresses the legacy flaws of today’s network security stack and ultimately delivers a more secure security posture.

Menlo Security, a globally renowned company in cloud security, has announced that it has released the HEAT Security Assessment Toolkit, designed to provide organisations with the ability to assess their levels of protection and current exposure to Highly Evasive Adaptive Threats (HEAT). Since July 2021, Menlo Security has seen a 224% increase in HEAT attacks. These attacks allow threat actors to deliver malicious content, including ransomware, to the endpoint by adapting to the targeted environment. HEAT Security Assessment Toolkit The HEAT Security Assessment Toolkit includes a HEAT Check test and a HEAT Analyzer that runs on the Splunk Platform. The HEAT Check enables customers to run a light penetration test, in order to identify if they are susceptible to HEAT attacks. The Menlo Security HEAT Analyzer App for Splunk provides organisations with visibility around HEAT attacks that their network may have been exposed to over the past 30 days. What is a Highly Evasive Adaptive Threats (HEAT) attack? Highly Evasive Adaptive Threats (HEAT) are a class of cyber threats targeting web browsers as the attack vector and employs techniques to evade multiple layers of detection in current security stacks including firewalls, Secure Web Gateways, sandbox analysis, URL Reputation, and phishing detection. HEAT attacks are used as the initial access point to deliver malware or to compromise credentials HEAT attacks are used as the initial access point to deliver malware or to compromise credentials, which in many cases leads to ransomware attacks. “Ransomware, data and credential theft and other malware are on the rise. Couple this with the Log4J vulnerability, the Lazarus and Conti groups increased attacks targeting web browsers and the result is security teams worldwide facing a nearly non-stop barrage of incidents,” said John Grady, Senior Analyst at Enterprise Strategy Group - ESG, adding “Tools such as the HEAT Security Assessment can help ensure companies are aware of potential attacks before they have a chance to happen.” Lightweight penetration and exposure assessment The HEAT Security Assessment Toolkit provides a lightweight penetration and exposure assessment, in order to help an organisation better understand their susceptibility to HEAT attacks. “HEAT attacks are defined by the techniques that adversaries are increasingly using to evade detection by traditional security tools,” said Mark Guntrip, the Senior Director of Cyber Security Strategy at Menlo Security. Mark Guntrip adds, “HEAT techniques can be used individually or in combination for any type of attack that targets the user, endpoint, or applications, including ransomware. The HEAT Security Assessment Toolkit is critical to helping companies ensure they are protected against these attacks.” HEAT Check The HEAT Check enables customers to run a light penetration test to find if they are susceptible to HEAT attacks The HEAT Check enables customers to run a light penetration test to find if they are susceptible to HEAT attacks. The assessment leverages several real-world HEAT attacks currently being used by threat actors, safely enabling the user to determine their exposure. The HEAT Check does not deliver actual malicious content. It uses an industry standard EICAR file to test an organisation’s existing HEAT exposure. If the EICAR file is delivered without triggering an alert inside an organisation’s current security stack, then the security technology is not providing the requisite level of protection to defend against HEAT attacks. Menlo Security HEAT Analyzer To assess current HEAT exposure, the HEAT Analyzer, now available on Splunkbase, provides organisations with visibility around HEAT attacks that their network may have been exposed to over the past 30 days. This assessment tool analyses the company’s web traffic to determine the scale of HEAT exposure currently in their network and identifies the associated websites that were accessed. The Menlo Security HEAT Analyzer provides organisations with a simple and effective way to perform a URL & category analysis of the visited websites. The HEAT Analyzer Report will highlight a customer’s exposure to HEAT attacks, as well as the number of legacy URL reputation evasions, including click time mis-categorisations, specific categories serving up Legacy URL Reputation Evasion techniques (LUREs), as well as frequently seen domains.