Menlo Security announces strategic partnership with Google
Icon Rounded Closed - BRIX Templates
Press Release

Menlo Security Cloud Security Platform receives FedRAMP® Authorization

Menlo Security has achieved FedRAMP Authorization for remote browser isolation (RBI) and Cloud Based Internet Isolation (CBII) technologies to isolate your people and data from malware, ransomware, spyware, and zero days. Menlo Security is uniquely positioned as FedRAMP Moderate Authorization for this set of solutions

MOUNTAIN VIEW, Calif., Jan.31, 2023– Menlo Security, a leader in cloud security, today announced that the Menlo Security Cloud Security Platform powered by a patented Isolation Core™ has received Authorization to Operate (ATO) at the moderate level under the Federal Risk and Authorization Management Program (FedRAMP).

Instead of a detect and response approach, Menlo’s FedRAMP Authorized Cloud based Internet Isolation (CBII) Security Platform powered by an Isolation Core™ stops threats before they ever happen. This means safe browsing of all content from anywhere all the time. According to DISA’s Requirement and Analysis office, CBII is expected to save the DoD the more than $300 million it would have cost to upgrade cybersecurity tools to defend internet access points.

The Federal government is deploying more cloud services as it moves toward digital transformation. As part of keeping the country, its networks and workers safe, the White House issued an executive order mandating Zero Trust security for all federal government agencies by the end of 2024. Using the Menlo Cloud Security Platform enables agencies to isolate their networks and employees and data from malware, ransomware, spyware, and zero days exploits.

With a Zero Trust focus, Menlo’s Cloud Security platform is designed to eliminate malware threats, including ransomware. Menlo Security’s isolation-powered platform securely connects users to websites and applications from anywhere while scaling elastically to meet user demand without sacrificing the user experience. Today, Menlo cloud security solutions are deployed by more than 100 government agencies, including the United States Department of Defense (DoD), mission partners, international governments, and State, Local, and Education Departments (SLED) across the United States.

Although FedRAMP is a federally mandated program, SLED agencies throughout the United States can apply the FedRAMP framework in their own cloud contracts and assessments to achieve many of the same benefits that apply to federal agencies. Menlo Security is also a member of the StateRAMP program which represents the shared interests of state and local governments. Like FedRAMP, StateRAMP is based on NIST 800-53 guidelines to ensure standardization and best practices for cybersecurity.

Since March 2019, Menlo Security, together with Integration partner, By Light, has been delivering its CBII solution to protect Department of Defense (DoD) networks worldwide. By Light and Menlo Security have worked closely with the DISA CBII Program Management Office (PMO) to design and implement the CBII capability that eliminates browser and web-based threats including phishing, drive-by-downloads, and zero-day browser vulnerabilities. FedRAMP authorization allows Menlo to extend its world-class protection to the civilian sector.

In addition to these threats, Menlo Security has identified a surge in cyberthreats termed Highly Evasive Adaptive Threats (HEAT) that bypass traditional security defenses. HEAT attacks are a very common class of cyber threats targeting the web browser as a highly vulnerable web attack vector used for 75% of the working day. HEAT attacks employ techniques to evade detection by multiple layers in the current security stack including firewalls, Secure Web Gateways, sandboxing, URL Reputation, and phishing detection.

“Together with Menlo Security, we’re providing DISA with a cloud security solution that directly enhances the Department’s ability to defend the DoD Information Network (DODIN),” said Mike Hatcher, Chief Revenue Officer, By Light. “We look forward to continuing our partnership with Menlo to provide government agencies with the solutions that help keep our cybersecurity infrastructure, and its users, safe, secure and productive.”

“As security moves to the cloud, organizations are streamlining the number of security applications in their network reducing costs” said Raquel Hernandez, Information Systems Project Manager, Sandia National Laboratories. “Menlo’s FedRAMP certified CBII platform is easy to deploy and manage.”

“Achieving FedRAMP authorization for the Menlo Cloud Security Platform is a true testament to the value of our Isolation Core architecture. Our ability to protect the users from sophisticated attacks while maintaining a consistent user experience will enable the government agencies to focus on their mission,” said Poornima DeBolle, Menlo Security co-founder and Chief Product Officer. “Highly Evasive Adaptive Threats (HEAT) are challenging legacy security stacks with new techniques to deliver malware to the user. Our Zero Trust approach, powered by our innovative Isolation Core, has been proven by CBII in the DoD with millions of users for more than two years. We look forward to bringing the same protection to all government agencies with our FedRAMP Authorization.”

Key features of the Menlo Cloud Security Platform, also known as CBII, include:

  • Isolation Core – The patented Menlo Isolation Core protects against known/unknown threats and isolates them before they reach users. Zero-trust isolation provides 100% protection without special software or plug-ins, so users don’t experience negative impacts or interruption.
  • Centralized Platform – Menlo’s cloud-native platform which prevents malware from reaching users, eliminates the need for multiple technologies, and gives IT managers one interface to navigate.
  • Elastic Edge – A platform built to scale globally on demand. It dynamically scales to meet any scale with over enterprise-level growth-over five million in production. The platform is also easily extendable with a rich set of APIs and integrations.
  • HEAT Attack Prevention – Menlo’s Zero Trust approach combined with its Isolation Core ensures that all web traffic is subject to enterprise security controls resulting in a truly preventative approach to security that addresses the legacy flaws of today’s network security stack and ultimately delivers a more secure security posture.

For more information about Menlo Security’s Government solutions, please visit:

About Menlo Security

Menlo Security protects organizations from cyberattacks by eliminating the threat of malware from the web, documents, and email. Menlo Security’s patented Isolation-powered cloud security platform scales to provide comprehensive protection across enterprises of any size, without requiring endpoint software or impacting the end user-experience. Menlo Security is trusted by major global businesses, including Fortune 500 companies, eight of the ten largest global financial services institutions, and large governmental institutions. The company is backed by Vista Equity Partners, Neuberger Berman, General Catalyst, American Express Ventures, Ericsson Ventures, HSBC, and JP Morgan Chase. Menlo Security is headquartered in Mountain View, California. For more information, please visit