In 2013, Poornima DeBolle and the other founders of Menlo Security identified a major weakness in leading cyber security technologies.
“The founding team were looking at the threat landscape, and we recognized that all of these anti-virus, sandboxing and URL filtering solutions relied on this primary paradigm of detection,” DeBolle says.
The team realized that as threats were evolving, admin teams were having to decide whether to block content in order to stop threats, they couldn’t detect, or whether to be permissive, and allow access, but run the risk of letting malicious content into their network.
This boiled down to a choice for businesses between harming business productivity, or compromising security. For Menlo, the solution to this problem is Isolation.
Today, Menlo Security is a leading vendor in the Isolation space, securing customers all over the world.
How Isolation Works
Isolation provides enhanced security by creating a sheet of “bulletproof glass” between the user and the internet.
“Menlo’s Isolation platform effectively runs a browser on behalf of users, within a disposable container,” Menlo Security Systems Engineer Brett Raybould explains. Menlo have developed patented technology which takes browsing information and renders it safely to the user, removing any active code, including security threats.
Raybould explains that this means users can visit webpages, resources and documents, and view images, videos and fonts, as they normally would when browsing, without coming into contact with any threats.
Why Isolation Provides Better Security
This move away from detecting and identifying threats, towards an approach which eliminates the possibility of coming in contact with threats in the first place, is described by DeBolle as the major benefit of Isolation.
Senior Product Manager Jonathan Lee explains that most major web and email security solutions are only effective based on their ability to detect if a web page or an email is ‘good’ or ‘bad’.
He suggests they have to be very effective at making a judgement in real time as to whether a user should be able to visit a web page, or if it should be blocked.
“That’s a big ask of any security solution,” Lee explains. “That’s why we continue to see security defence breaches.”
The difference with Menlo, he explains, is that they don’t try and detect threats, or categorize pages as good or bad. Instead, they ensure that all content is safely delivered to users, in a way that won’t impact the user experience, or stop them from doing their jobs.
This also means the solution creates fewer admin tickets. Admins also don’t need to manage policies or update the solution with information on the latest class of threats because all threats are removed automatically.
The Importance of User Experience
The idea of Isolation has been around for a long time, going right back to the concept of physically creating an ‘air-gap’ by using one computer for internet browsing, and another computer for desktop productivity.
This is the security ideal, as it stops any online threats from infecting your local network, but it’s not exactly a user friendly solution.
So, the Menlo Security team decided that user experience needed to be at the forefront of their Isolation solution.
“We weren’t the first ones to think about Isolation. But we recognised that our concept of Isolation needed to have a very strong user experience component,” DeBolle explains.
“One of the key success measures for our customers is how it doesn’t impact the user experience,” Lee says. “What we hear from our customers is that Menlo doesn’t affect their ability to do their jobs.”
Menlo Security’s Growth and Target Markets
With their Isolation approach, Menlo Security has quickly become one of the leading vendors in this space.
The Menlo Isolation product launched in 2015, after four years of development, and has since become dominant in the global market for Isolation. In July 2019, Menlo announced an extra $75 million in funding, to help grow its global sales team.
“Menlo has got the highest number of users, the most available, least latent global cloud, and we haven’t seen any competitors who can compete with our coverage,” Lee says.
Menlo’s customer based is right across the board, including a number of different industries and verticals.
“We’ve found that Isolation is applicable across all different organizations and sectors, including legal, government, financial, healthcare, retail and manufacturing,” Lee explains. “All of those organizations are facing the same problems, including moving to the cloud, so we’re able to solve the same set of challenges across a very broad number of industries.”
“The simplicity of the technology makes it very widely applicable,” DeBolle adds. “We are going to take this technology into a broader marker, where we can be that secure web gateway, that web security layer, which replaces existing solutions, using Isolation as the primary security paradigm.”
The Successes of Isolation
As one of the top vendors in the Isolation market, Menlo’s customers are already seeing the benefits of Isolation in their security infrastructure.
DeBolle describes a financial institution, which was being hit with 2000 events to the SOC every month, which went down to just 2 after deploying Menlo.
“This made the SOC very efficient in being able to go chase real security issues, rather than finding a lot of false positives,” DeBolle explains.
Another key use case is email isolation. Another large financial organization used Menlo for email security, because despite all of their email defences, they were still getting about 3000 phishing attacks every three months.
“After Menlo, they’ve had zero-malware from the email vector, which is a big, big statement of advocacy for Isolation,” DeBolle says.
Why is Menlo Security the best choice for Isolation?
There are other vendors providing Isolation solutions on the market.
What sets Menlo apart from the competition, is the user experience and the scalability of the solution, according to Raybould.
“Alongside the user experience, the other key differentiator for me is our ability to scale,” Raybould explains. “We have a global cloud, where a customer can basically access the internet from anywhere, they get routed to the closest data centre, and they get minimal latency from it. I don’t know any competitors that have anything like that.”
DeBolle explains that in addition to the scalability, Menlo have invested a lot of time in their own infrastructure.
“As we’re providing you the security by removing risks away from your endpoint, we need to ensure that our cloud platform is secure in itself,” DeBolle explains.
“We are able to dynamically update the components we use, like the chromium engine and the flash engine. Keeping that up to date protects us from the internet and gives our users protection without them needing to update every endpoint in a very short period of time. That puts quote a bit of distance between us and the competition.”
How Isolation can stop phishing attacks
One of the major benefits of Isolation is the protection it provides against phishing attacks.
“Applying Isolation to email has been really effective as a means of proactively preventing users from clicking on phishing links, or entering their credentials on phishing websites,” Lee explains.
Phishing attacks are now very focussed on corporate cloud applications, such as Office 365, Drobox and DocuSign, which can make it very difficult for users to distinguish between what’s real and what’s an attack.
“The benefit of Isolation is we can inspect every single link and rewrite it so that there’s no way it can be bypassed, it has to go through Isolation,” Lee says.
The benefit of this is that it completely removes any malicious threats, such as ransomware, from being downloaded onto the user endpoint.
But removing the threats through Isolation is only one aspect of how Menlo stops phishing attacks. Because the risk of phishing comes from tricking the user into giving up credential information, Menlo has developed a ‘read-only’ mode for web page viewing, so that users cannot input text or upload files.
“With Menlo, not only is a page fully isolated, it is put into read-only mode,” Lee explains. “So, the user can still view the page, they can scroll through and navigate it, but they can’t enter in any information.”
This also has the benefit of providing a teachable moment, he explains. Without needing a security awareness, or phishing simulation solution, Menlo can provide users with a message, letting them know the page they are viewing is unsafe, and they have been fooled by a phishing attack.
Considering an Isolation solution?
Menlo’s advice if you’re considering an Isolation solution? Get in touch.
“The te Menlo’s advice if you’re considering an Isolation solution? Get in touch.“The technology is cloud based, so very easy to set up, deploy and trial,” Raybould says. “It integrates very easily with existing infrastructure. Get in touch and let’s get it set up!”