Menlo Security Cloud Security Platform is FedRAMP® Authorized
Traditional security approaches are flawed, costly, and overwhelming for security teams. Menlo Security is different. It’s the simplest, most definitive way to secure work—making online threats irrelevant to your users and your business.
Our platform invisibly protects users wherever they go online. So threats are history and the alert storm is over.
Traditional network security wasn’t built to address today’s complex enterprise environments. SASE fixes that problem.
Menlo Labs provides insights, expertise, context and tools to aid customers on their journey to connect, communicate and collaborate securely without compromise. The collective is made up of elite security researchers that put a spotlight on the threats you know and don’t know about.
Menlo Labs provides insights, expertise, context and tools to aid customers on their journey to connect, communicate and collaborate securely without compromise.
Menlo Security | Sep 03, 2020
Share this article
Phishing sites frequently evade web and email filters because of the inability of secure gateways to detect new phishing websites or categorize them properly. According to Menlo Labs, web and email gateways wrongly categorize 10-15 percent of malicious websites as safe.
This finding creates the perfect use case for Internet isolation. Simply isolate everything and no one has to worry about trying to anticipate the thousands of daily threats.
Currently, however, isolation is not considered a core part of the zero trust model by many in cybersecurity. This is a mistake.
Let’s take a moment to review why the industry should update its view of isolation to be included as a core solution that delivers zero trust, especially in the context of protecting against phishing attacks.
Zero trust currently consists of five principles that serve as its guiding light. (Zero Trust Networks, Gilman and Barth, 2017)
The zero trust philosophy was created by a high-level network architect within Forrester in 2010 as a set of building blocks for very large networks.
The concept itself is less about dictating the use of particular technologies and more about building a foundation of practices to guide security professionals on how to secure a network that allows users to connect from anywhere. Over time, specific technologies were developed and added as off-the-shelf solutions to address one or several of the five principles.
Consider phishing, for example, if an outsider gains access to an employee’s credentials, then they can attack the network by posing as that “approved” user.
To prevent infiltration, you need to find the root cause of the original security incident. Ninety percent of the time, it’s phishing through the browser. (CyberEdge, 2020).
Importantly, the initial threat occurs both when the phishing site evades web/email filtering and when the user actively enters their credentials.
Cloud-based Internet isolation obviates the idea of trust entirely. Rather than establishing a trusted connection between the host and the Internet, the trust is between the Internet and the virtualized container (remote browser), which can be terminated or limited at will by the IT team.
Isolation enables a new spin on existing capabilities; for example, the ability to place phishing sites into read-only mode to prevent credential theft.
In this lens, isolation should apply to zero trust because of the functionality that precludes the need to establish trust between host machines and the Internet.
The flexible nature of the implementation of Internet isolation has led to market confusion over what should be included as a part of zero trust.
There are no rigid protocols to follow—only guidelines designed to enhance one’s thinking about security. The strength of the Zero Trust security model lies in re-contextualizing existing and new technologies away from a centralized, perimeter-focused security model. Cloud-based isolation is a powerful technology that meets the goals of this new form of architecture and may represent a new frontier in the world of secure access under the banner of zero trust.
To learn more about how isolation works to protect against phishing and malware attacks, download our eBook available now.
Posted by Menlo Security on Sep 03, 2020
To talk to a Menlo Security expert, complete the form, or call us at (650) 695-0695.