How Organizations Can Totally Eliminate Web And Email Based Threats: Menlo Security
Expert Insights met with Menlo Security CMO Young-Sae Song and CTO Kowsik Gruswamy, to talk about the Menlo Security platform.
Expert Insights / Sep 27, 2019By Joel Witts
Menlo Security promises to totally eliminate web and email based threats, using Isolation. Isolation is an approach to security which removes threats from the user entirely, stopping attacks, without impacting the user experience.
To find out more about this technology, we met up with Young-Sae Song (Chief Marketing Officer) and Kowsik Gruswamy (Chief Technical Officer) from Menlo Security at the Gartner Security and Risk Management Summit in London.
You can watch the full interview here:
Who are Menlo Security?
Menlo Security, founded in 2013 and based in Palo Alto CA,
is a leading vendor for Isolation. In 2018, analyst firm Gartner named Menlo
Security a visionary vendor in the ‘Secure Web Gateway’ space, for its
“Menlo Security is the first company in many years to be added to the Secure Web Gateway Magic Quadrant,” Song tells me. “It’s a validation of our approach to security, which is quite different from how the industry has been doing it. Other companies today take the approach of trying to determine what’s good and what’s bad. Our view is that it’s a losing battle, which is proven by the constant headlines of breaches and data leakages. We think a better way to approach security is to not trust anything and to keep everything outside.”
“Our Isolation separates the company network from the
outside web, while allowing all employees access to the internet, seamlessly.”
Menlo Security recently raised an extra $75 million in
funding to help grow its global sales team, showcasing their growing dominance
in this market.
“We’ve seen a tremendous response to the market for Isolation,” Song tells me. “For the $75 million that we raised recently, the lead investor was JP Morgan. It’s really a validation of the potential of our technology.”
“An interesting note is that many of the actual financial institutions invested in us started out as customers. They found the technology was so compelling, that they actually then became investors. We were thrilled to have them invest in the company and participate in the latest round.”
Menlo’s Current Successes
How is Menlo
helping customers at the moment?
“I can rattle off a whole bunch of stories here!” Kowsik says. “There’s a large hotel, before Menlo they were getting 5 ransomware hits every single month, because people will just go to random places, download some PDFs and get infected. Post Menlo, they’ve had none, zero.”
“There’s another very large customer, they have a call centre with thousands of people. They were constantly getting Word documents with macros for inquires, but each one had the potential to be weaponized. With Menlo, they pretty much eliminated that entire class of problems, because with our Document Isolation capability you can view the document without having to download it. That’s a significant benefit of the platform.”
What is Browser Isolation?
Isolation is an area that many organizations may be learning about for the first time and looking to research furthur. So how does Isolation work, and how does it stop threats?
“If you look at all the possible threats for an enterprise,
95-99% come via the browser,” Kowsik explains. “Our insight was if we can
isolate that browser, we can pretty much eliminate all of those email and web
“What we do is to run a browser on behalf of you in the
cloud, and that browser goes to the website. Our patented technology (Menlo Security Adaptive
Clientless Rendering) means we can synchronise what the isolated
browser sees back to your own browser. This means you as a user can’t tell the
difference between the rendered page and the original.”
The Rapid Growth of Isolation
Gartner has predicted that over the next 3 years, 50% of enterprises
will begin to begin to use Isolation technologies to protect their networks.
“The rapid growth is because we’re at a point in the
industry where the easy problems have been solved,” Song tells me. “Having an
AI algorithm detect one extra threat better than another product isn’t going to
help solve the difficult problems.”
“On the other hand, what we do is completely eliminate the
threat. I think that Isolation will actually emerge as the definitive, most
conclusive way, to protect yourself, because you know it’s 100% safe versus the
The Problem with the Legacy Approach to Web Security
Why then, is Isolation technology becoming so rapidly popular
and what are the issues with the legacy Isolation approach?
“Existing web-based technologies today are all based on this principle of figuring out if something is good or bad,” Kowsik says. “But, that’s a losing battle. If you allow access, you run the risk of compromise because the threat detection is not guaranteed to be 100% effective, and if you block access then the user is going to complain.”
“Isolation gives that third way, which is a safe allow. That
way, security teams aren’t overburdened by employees complaining about blocked
access, but at the same time they can be confident that allowing the user to
visit a page will not result in a breach.”
Is Isolation a Replacement for Other Security Technologies?
Due to the different technologies on offer, businesses may wonder if they need to have one technology, like a Web Proxy in place, or whether a multi-layered web security approach is the best way forward.
“If you think about technologies like Web Proxies, there’s three things that they provide Enterprises,” Kowsik explains. “The first is Acceptable Use policies, that make sure employees are not going on unsavoury websites and so on. This is typically done via URL filtering, and Menlo already offers URL filtering as part of our policy framework.”
“The second is stopping inbound threats, that are coming
from the internet to infect employees, which proxies typically offer through AV
and sandboxing, which is not conclusive. This is where Menlo shines because
Isolation allows us to essentially eliminate that entire class of problems
coming in via the proxy.”
“The third thing is data leak prevention and detection, which makes sure that employees are not accidentally leaking information. Menlo has that capability as well. If you’re using a legacy proxy like an appliance, you can easily switch over to the Menlo Cloud Proxy so you can reap all the benefits of the cloud as well as Isolation.”
Isolation for Small Businesses
Due to the enterprise features and comprehensive security
Isolation, some smaller companies may wonder if Isolation is right for them.
“Definitely,” says Kowsik. “I would say small businesses
more than anything need the benefit of isolation because of it’s simplicity.
You don’t have to worry about false positives, false negatives or if someone is
A Seamless User Experience
The simplicity of the using Isolation platforms is a crucial
aspect of its appeal.
“A seamless user experience was one of the main goals for
the company when we first started thinking about Isolation,” Kowsik tell me. “Our magic is that we’ve taken this
concept of Isolation and operationalized and prioritized in such a way that
it’s very easy to deploy and you’re not sacrificing user experience.”
“From an end
user perspective, there is nothing to install, it’s simply a setting in the
browser, and then isolation actually happens. I think that helps with very,
very large scale deployments because it makes it that much easier.”
“Another beauty of isolation is that we don’t have alerts,” Kowsik explains. “One of the large credit card companies that we work with had about 1000 web related incidents that they had to investigate every single month. This meant they had to spend a lot of time investigating alerts, and if they’re not real, that’s time wasted. If they are real, they have to go to the user, wipe their desktop and that’s a lot of productivity lost.”
that company has no alerts, there’s nothing there. Because we’re not saying if
something is good or bad, we don’t give alerts. We have logs and events that
tell you which user went where. But there’s no real threat coming back into the
enterprise. So, we don’t really alert the admins on anything.”
How Isolation Can Help to Stop Phishing Attacks
attacks are one of the biggest threats facing businesses as the moment. Menlo
promises to eliminate them completely.
“Phishing is a big problem,” Song tells me. “Our approach to phishing is very, very simple. We basically isolate the threat. We actually integrate with email systems such as Office 365, Exchange, or Gmail, and any URLs that are actually delivered by email are rewritten and forced into Isolation. The user actually views any kind of phishing site or attachment in isolation, based on our Threat Intelligence.”
policies that have been set, we then block the entry of credentials and the
uploading of files, so we really protect the end user from phishing attacks. On
top of that we add a banner that warns users it’s a phishing email, so it’s
really apparent to the user that they’re being attacked.”
“This is, in some ways, even better than some of the security awareness training solutions out there because you’re alerting users when they’re actually experiencing real life attacks, rather trying to train them with fake phishing emails. We’ve found our phishing protection to be tremendously effective, and we basically eliminate phishing for the customers using our product.”
One important security trend is customers moving towards
cloud services such as Office 365.
“With cloud transformation, there’s typically two
objectives,” Kowsik explains. “The first is the move to Office 365. Typically,
in a large organization with branch offices, the security stack is in the
headquarters, and everything from the branch is tunnelled back to the HQ to
reap the benefits of security. However, O365 doesn’t really play very well, so
there’s a lot of network congestion caused by bringing everything back to
“This has meant that businesses have to let the branches go
to the internet directly, but then they cannot leverage the security appliances
anymore. That’s where Menlo can come in and basically be that cloud layer
between the branch offices and the rest of the internet.”
“The second thing is that customers are just tired of appliances and they want to move to the cloud. They need that layer of security in the cloud. Menlo helps these customers be secure in the cloud by virtue of Isolation and the other capabilities that we have.”
The Future of Isolation Technology
Menlo Security already offers businesses zero-malware infections, customisable policies, anti-virus engines, email protection, and more. For such a fully featured technology in this stage of its growth, where will it go next, and how will the technology continue to evolve going forward?
“That’s an interesting question,” Kowsik says. “I joke and
say we sell a bulletproof vest, it’s just going to stop the bullets, but
customers still need to know where the bullets are coming from and what type of
bullets they’re getting hit with. There’s a lot of interest with providing
customers with threat intelligence, in the context of forensics and reporting
rather than policy decision making.”
“There’s also interest around secure cloud transmission, SD-Wan and things like that. There’s interest around connectivity and how we get more into Menlo. Right now, there’s a number of different ways, but we’ll continue to expand and explore other ways of integrating with the enterprise network, so it makes it that much easier to reap the benefits of Isolation in the cloud.”
Interested in Menlo Security or Isolation technology?
What would Kowsik and Song’s advice be to customers thinking
of looking into an Isolation solution?
“The simplest thing is to try it!” Kowsik says. “We actually
have a website, it’s called try.menlosecurity.com. It doesn’t require any plugins;
you just need to sign up. You can actually experience the product first-hand.”
“A lot of time when we talk to customers, they already believe it will solve the security problem. Typically, most of the questions are around user experience and latency. That’s what the website really helps you to understand.”
“The second thing to do is, talk to our customers. I think
that’s by far the biggest proof that it works, they love the product and
they’re adopting the technology, and they’re adopting it worldwide.”