banner-blog.jpg

BLOG

Kowsik Guruswamy

Kowsik Guruswamy
Chief Technology Officer
Find me on:

Recent Posts

Update on DoD’s Cloud-Based Internet Isolation

Posted by Kowsik Guruswamy on Oct 28, 2020

I’m very proud of what we do at Menlo Security. We work very hard to make sure organizations and users around the world can safely access the tools and information they need to keep businesses running. We prevent confidential data from falling into the wrong hands. We protect users’ most personal data from malicious actors. And we enable remote productivity for organizations impacted by pandemics, wildfires, and other hazards.

Read More

Tags: phishing, secure web gateway, Menlo Security, By Light, DISA, federal cybersecurity, zero-days, drive-bys

Five Cloud Security Considerations for CISOs

Posted by Kowsik Guruswamy on Oct 8, 2020

Discover How You Can Protect Users and the Organization in Today’s New Normal

The past six months have been a whirlwind of change. Security teams across the world have scrambled to empower distributed users with the tools and information they need to keep businesses running. Now everyone is accessing everything from everywhere, with limited control and visibility into who is accessing what, where, and on what device.

Read More

Tags: cybersecurity, phishing, spearphishing, cyberattacks, Web Security, HTTPS, SaaS, cloud security, VPN, email security, new normal, cloud apps, BYOD

Providing 100 Percent Malware-free Email and Web Browsing

Posted by Kowsik Guruswamy on Aug 11, 2020

How a Fortune 500 Customer Embraced Menlo’s Isolation as Their Primary Defense Against Phishing and Email Threats.

I had the opportunity to chat with one of our largest customers the other day. I can’t mention the company name, but they are a big, well-known brand. Menlo works with eight of the ten largest banks and four of the five biggest credit card companies in the world. Let’s just say it was one of them.

 

Read More

Tags: malware, cybersecurity, phishing, isolation, secure web gateway, financial services security, email security, global cloud proxy

The Critical Role of SSL Inspection to Avoid Secure Malware Delivery

Posted by Kowsik Guruswamy on Apr 7, 2020

If you think the little green lock of https equals security, think again. The bad news is that the bad guys use encryption too. Many people mistakenly assume that as long as an SSL certificate is present, they’re safe from attack, but that couldn’t be further from the truth. From Reductor to Godlua and numerous other variants, it has become all too clear that new types of malware are being secreted behind a symbol that was once seen as secure.

Read More

Tags: Isolation Core, HTTPS, SSL Inspection

How to Mitigate Phishing Threats inYour Organization

Posted by Kowsik Guruswamy on Dec 5, 2019

From a bad actor perspective, phishing is the cheapest and easiest way to infiltrate organizations and personal information
to make a profit. By nature, humans are curious and are oft en overconfident when it comes to security. Phishing is an even greater threat for mobile users, too. Without key visual cues, like the ability to hover over a link to determine its destination, it is much easier for a user to make the simple mistake of clicking a bad link and falling victim to a phishing attempt. The popularity of social media has also made it much easier for hackers to find valid email addresses and research users’
life activities to create sophisticated, tailored phishing attacks.  From a security perspective, there are typically three approaches to solving the phishing problem – email security gateways, web proxies and security training awareness – but each has its own limitations.

Read More

Tags: phishing, email attachments, anti-phishing, phishing prevention, Google Docs email scam, email threats

Why Outsmart Cyber Attackers When You Can Remove Them Entirely?

Posted by Kowsik Guruswamy on Dec 5, 2019

Cyber threat actors have gotten smarter--or lazier--depending on your perspective. It used to be fairly
common for attackers to spend days or even weeks probing targeted networks for vulnerabilities to
exploit. Once identified, they would break down traditional cybersecurity defenses around the network
perimeter and steal as much information as they could, or cause as much chaos as possible, before the
hole was patched and they were shut out.

Today, threat actors are much more subtle. Instead of trying to break down the castle walls, they simply
steal the keys and stroll through the front door. By tricking users into willfully giving up their credentials
through spear phishing, threat actors can simply remain undetected for days, weeks or even months until
the time is right to execute their mission-- to extricate data, hold systems hostage, spy on users or all of
the above.

Is this lazy or creative? Depends on who you ask, maybe it’s a generational thing.

Read More

Tags: email threats, security breach, ZeroTrust Internet, Secure Web Access

Don’t Be a Wildebeest

Posted by Kowsik Guruswamy on Mar 29, 2018

 On the Serengeti, wildebeest have survived for millennia by using a simple strategy: safety in numbers. It’s great for the species, but each animal can only hope that another one will take one for the team.  

 

Read More

Tags: browser-based attacks, remote browsers, cyberattacks, isolation platform, trust, "risky web", safe web

10 Tips to Reduce Malware Threats

Posted by Kowsik Guruswamy on Mar 6, 2017



Half of the web is vulnerable to malware, as we measured recently in our State of the Web research report, making it clear that merely visiting a legitimate web site is risky.

Read More

Tags: malware, cybersecurity, phishing, isolation, security, ransomware, credential theft, malware vulnerabilities, cyber theft, security strategy, anti-phishing, cyber threats, Google Chrome, bitcoins

Browsing the Web is a Leap into the Unknown

Posted by Kowsik Guruswamy on Dec 13, 2016

Users must recognize that they are taking a significant risk when connecting directly to the Internet. The new Menlo Security State of The Web report reveals that nearly half (46%) of the Internet’s top 1 million web sites, as ranked by Alexa, are risky.  

Read More

Tags: malware, cybersecurity, blog, isolation, malware vulnerabilities, cyber theft, security strategy, anti-phishing, state of the web

Phishing & Ransomware at Singapore GovWare

Posted by Kowsik Guruswamy on Oct 18, 2016

I was in Singapore last week attending GovWare, speaking at the event and also meeting a number of customers and partners. Land of eternal summer, I think the lows were in the high 70's which made my morning runs, huh, interesting. Isolation is not a new concept here in Singapore, as the government pulled out 100,000 computers (de-linked) from the Internet to avoid any malware contamination. The government personnel are given dedicated kiosks (black computers) from which they can access the Internet, but that's about it. This is an extreme form of Isolation, while 100% safe, is also at cross-roads with user experience. But this has been the history of Isolation though. We've always been forced to trade off between security and user experience. Security by shackles.

Read More

Tags: phishing, ransomware, singapore, govware

Connect with us

Lists by Topic

see all

Recent Posts