Web Security

How Organizations Can Totally Eliminate Web And Email Based Threats

Expert Insights met with Menlo Security CMO Young-Sae Song and CTO Kowsik Gruswamy, to talk about the Menlo Security platform.

Expert Insights Interview With Song and Gruswamy Of Menlo

Menlo Security promises to totally eliminate web and email based threats, using Isolation. Isolation is an approach to security which removes threats from the user entirely, stopping attacks, without impacting the user experience.

To find out more about this technology, we met up with Young-Sae Song (Chief Marketing Officer) and Kowsik Gruswamy (Chief Technical Officer) from Menlo Security at the Gartner Security and Risk Management Summit in London.

You can watch the full interview here:

Who are Menlo Security?

Menlo Security, founded in 2013 and based in Palo Alto CA, is a leading vendor for Isolation. In 2018, analyst firm Gartner named Menlo Security a visionary vendor in the ‘Secure Web Gateway’ space, for its Isolation technology.

“Menlo Security is the first company in many years to be added to the Secure Web Gateway Magic Quadrant,” Song tells me.  “It’s a validation of our approach to security, which is quite different from how the industry has been doing it. Other companies today take the approach of trying to determine what’s good and what’s bad. Our view is that it’s a losing battle, which is proven by the constant headlines of breaches and data leakages. We think a better way to approach security is to not trust anything and to keep everything outside.”

“Our Isolation separates the company network from the outside web, while allowing all employees access to the internet, seamlessly.”

Market Leaders

Menlo Security recently raised an extra $75 million in funding to help grow its global sales team, showcasing their growing dominance in this market.

“We’ve seen a tremendous response to the market for Isolation,” Song tells me. “For the $75 million that we raised recently, the lead investor was JP Morgan. It’s really a validation of the potential of our technology.”

“An interesting note is that many of the actual financial institutions invested in us started out as customers. They found the technology was so compelling, that they actually then became investors. We were thrilled to have them invest in the company and participate in the latest round.”

Menlo’s Current Successes

How is Menlo helping customers at the moment?

“I can rattle off a whole bunch of stories here!” Kowsik says. “There’s a large hotel, before Menlo they were getting 5 ransomware hits every single month, because people will just go to random places, download some PDFs and get infected. Post Menlo, they’ve had none, zero.”

“There’s another very large customer, they have a call centre with thousands of people. They were constantly getting Word documents with macros for inquires, but each one had the potential to be weaponized. With Menlo, they pretty much eliminated that entire class of problems, because with our Document Isolation capability you can view the document without having to download it. That’s a significant benefit of the platform.”

What is Browser Isolation?

Isolation is an area that many organizations may be learning about for the first time and looking to research furthur.  So how does Isolation work, and how does it stop threats?

“If you look at all the possible threats for an enterprise, 95-99% come via the browser,” Kowsik explains. “Our insight was if we can isolate that browser, we can pretty much eliminate all of those email and web threats.”

“What we do is to run a browser on behalf of you in the cloud, and that browser goes to the website. Our patented technology (Menlo Security Adaptive Clientless Rendering) means we can synchronise what the isolated browser sees back to your own browser. This means you as a user can’t tell the difference between the rendered page and the original.”

The Rapid Growth of Isolation

Gartner has predicted that over the next 3 years, 50% of enterprises will begin to begin to use Isolation technologies to protect their networks.

“The rapid growth is because we’re at a point in the industry where the easy problems have been solved,” Song tells me. “Having an AI algorithm detect one extra threat better than another product isn’t going to help solve the difficult problems.”

“On the other hand, what we do is completely eliminate the threat. I think that Isolation will actually emerge as the definitive, most conclusive way, to protect yourself, because you know it’s 100% safe versus the other technologies.”

The Problem with the Legacy Approach to Web Security

There’s already an established market for web security technologies, such as the Secure Web Gateway and the DNS Web Filter.

Why then, is Isolation technology becoming so rapidly popular and what are the issues with the legacy Isolation approach?

“Existing web-based technologies today are all based on this principle of figuring out if something is good or bad,” Kowsik says. “But, that’s a losing battle. If you allow access, you run the risk of compromise because the threat detection is not guaranteed to be 100% effective, and if you block access then the user is going to complain.”

“Isolation gives that third way, which is a safe allow. That way, security teams aren’t overburdened by employees complaining about blocked access, but at the same time they can be confident that allowing the user to visit a page will not result in a breach.”

Is Isolation a Replacement for Other Security Technologies?

Due to the different technologies on offer, businesses may wonder if they need to have one technology, like a Web Proxy in place, or whether a multi-layered web security approach is the best way forward.

“If you think about technologies like Web Proxies, there’s three things that they provide Enterprises,” Kowsik explains. “The first is Acceptable Use policies, that make sure employees are not going on unsavoury websites and so on. This is typically done via URL filtering, and Menlo already offers URL filtering as part of our policy framework.”

“The second is stopping inbound threats, that are coming from the internet to infect employees, which proxies typically offer through AV and sandboxing, which is not conclusive. This is where Menlo shines because Isolation allows us to essentially eliminate that entire class of problems coming in via the proxy.”

“The third thing is data leak prevention and detection, which makes sure that employees are not accidentally leaking information. Menlo has that capability as well. If you’re using a legacy proxy like an appliance, you can easily switch over to the Menlo Cloud Proxy so you can reap all the benefits of the cloud as well as Isolation.”

Isolation for Small Businesses

Due to the enterprise features and comprehensive security Isolation, some smaller companies may wonder if Isolation is right for them.

“Definitely,” says Kowsik. “I would say small businesses more than anything need the benefit of isolation because of it’s simplicity. You don’t have to worry about false positives, false negatives or if someone is infected.”

A Seamless User Experience

The simplicity of the using Isolation platforms is a crucial aspect of its appeal.

“A seamless user experience was one of the main goals for the company when we first started thinking about Isolation,” Kowsik tell me. “Our magic is that we’ve taken this concept of Isolation and operationalized and prioritized in such a way that it’s very easy to deploy and you’re not sacrificing user experience.”

“From an end user perspective, there is nothing to install, it’s simply a setting in the browser, and then isolation actually happens. I think that helps with very, very large scale deployments because it makes it that much easier.”

“Another beauty of isolation is that we don’t have alerts,” Kowsik explains. “One of the large credit card companies that we work with had about 1000 web related incidents that they had to investigate every single month. This meant they had to spend a lot of time investigating alerts, and if they’re not real, that’s time wasted. If they are real, they have to go to the user, wipe their desktop and that’s a lot of productivity lost.”

“Post-Menlo, that company has no alerts, there’s nothing there. Because we’re not saying if something is good or bad, we don’t give alerts. We have logs and events that tell you which user went where. But there’s no real threat coming back into the enterprise. So, we don’t really alert the admins on anything.”

How Isolation Can Help to Stop Phishing Attacks

Phishing attacks are one of the biggest threats facing businesses as the moment. Menlo promises to eliminate them completely.

“Phishing is a big problem,” Song tells me. “Our approach to phishing is very, very simple. We basically isolate the threat. We actually integrate with email systems such as Office 365, Exchange, or Gmail, and any URLs that are actually delivered by email are rewritten and forced into Isolation. The user actually views any kind of phishing site or attachment in isolation, based on our Threat Intelligence.”

“According to policies that have been set, we then block the entry of credentials and the uploading of files, so we really protect the end user from phishing attacks. On top of that we add a banner that warns users it’s a phishing email, so it’s really apparent to the user that they’re being attacked.”

“This is, in some ways, even better than some of the security awareness training solutions out there because you’re alerting users when they’re actually experiencing real life attacks, rather trying to train them with fake phishing emails. We’ve found our phishing protection to be tremendously effective, and we basically eliminate phishing for the customers using our product.”

Cloud Transformation

One important security trend is customers moving towards cloud services such as Office 365.

“With cloud transformation, there’s typically two objectives,” Kowsik explains. “The first is the move to Office 365. Typically, in a large organization with branch offices, the security stack is in the headquarters, and everything from the branch is tunnelled back to the HQ to reap the benefits of security. However, O365 doesn’t really play very well, so there’s a lot of network congestion caused by bringing everything back to headquarters.”

“This has meant that businesses have to let the branches go to the internet directly, but then they cannot leverage the security appliances anymore. That’s where Menlo can come in and basically be that cloud layer between the branch offices and the rest of the internet.”

“The second thing is that customers are just tired of appliances and they want to move to the cloud. They need that layer of security in the cloud. Menlo helps these customers be secure in the cloud by virtue of Isolation and the other capabilities that we have.”

The Future of Isolation Technology

Menlo Security already offers businesses zero-malware infections, customisable policies, anti-virus engines, email protection, and more. For such a fully featured technology in this stage of its growth, where will it go next, and how will the technology continue to evolve going forward?

“That’s an interesting question,” Kowsik says. “I joke and say we sell a bulletproof vest, it’s just going to stop the bullets, but customers still need to know where the bullets are coming from and what type of bullets they’re getting hit with. There’s a lot of interest with providing customers with threat intelligence, in the context of forensics and reporting rather than policy decision making.”

“There’s also interest around secure cloud transmission, SD-Wan and things like that. There’s interest around connectivity and how we get more into Menlo. Right now, there’s a number of different ways, but we’ll continue to expand and explore other ways of integrating with the enterprise network, so it makes it that much easier to reap the benefits of Isolation in the cloud.”

Interested in Menlo Security or Isolation technology?

What would Kowsik and Song’s advice be to customers thinking of looking into an Isolation solution?

“The simplest thing is to try it!” Kowsik says. “We actually have a website, it’s called try.menlosecurity.com. It doesn’t require any plugins; you just need to sign up. You can actually experience the product first-hand.”

“A lot of time when we talk to customers, they already believe it will solve the security problem. Typically, most of the questions are around user experience and latency. That’s what the website really helps you to understand.”

“The second thing to do is, talk to our customers. I think that’s by far the biggest proof that it works, they love the product and they’re adopting the technology, and they’re adopting it worldwide.”

Thanks to Young-Sae Song and Kowsik Gruswamy for this interview. You can find out more about Menlo Security at https://www.menlosecurity.com/.

You can read customer reviews of Menlo Security here, and of other vendors in the Isolation space here.

For more interviews, blog articles and market guides, visit https://www.expertinsights.com/insights/