As SaaS applications dominate the business landscape, organizations require optimized network speeds and strong security measures. Many of them have turned to SASE, a product category that provides cloud-based network protection while enhancing network infrastructure performance.
However, a new report: “Better Together: SASE and Enterprise Browser Extensions for SaaS-First Enterprises” (download here) casts doubt on SASE’s ability alone to provide comprehensive security against network-borne cyber threats. A challenge was raised. From phishing attacks to malicious extensions and account takeovers, traditional network traffic analysis and security fall short. This report clarifies these limitations and describes the role of secure browser extensions as an important part of a comprehensive security strategy.
SASE Advantages and Limitations
SASE plays a dual role in addressing infrastructure and security. However, while SASE offers clear advantages in terms of security, it may not fully cover the broad scope of the cyber threat landscape. SWG, CASB, and NGFW are not a panacea for all security needs of SaaS-first organizations, even if they are packaged as SASE.
The modern threat landscape is shaped by the centrality of the browser as the primary workspace. These new threats leverage the browser as a bridge between the device and organizational resources, aiming to gain malicious access to the organization through phishing, malicious extensions, and account takeover. While SASE is designed to protect the perimeter from threats trying to get in, this new threat environment relies on traffic from the browser to a SaaS application or website that is not fully covered by SASE.
Bridging the gap with secure browser extensions
Safe Browser Extensions complement SASE’s network security measures. These extensions fill the gap left by SASE by providing granular visibility and real-time protection against complex network threats through deep session analysis and proactive threat prevention.
SASE and secure browser extensions: 3 use cases
How do the differences between SASE and Secure Browser Extensions play out when it comes to actual threats? The report provides three use cases.
1. Phishing
- SASE limitations: SASE’s NGFW or SWG lacks visibility into actual sessions, forcing them to rely on known malicious addresses or emulating sessions in a virtual environment. Therefore, SASE misses about 60% of malicious web pages. It also cannot detect pages that disable phishing campaigns when executed in a virtual environment.
- solution: Secure browser extensions provide granular visibility into live sessions to track malicious components in phishing pages and deactivate them instantly.
2. Malicious expansion
- SASE limitations: SASE’s NGFW or SWG lacks the ability to detect and block any outbound traffic generated by malicious extensions.
- solution: Safe Browser Extensions provide browser visibility and detect and disable all extensions that introduce the risk of data exfiltration.
3. Account Takeover
- SASE limitations: SASE’s CASB lacks visibility into complex, modern web applications and relies on the application’s API, limiting protection of sanctioned applications.
- solution: Secure Browser extensions integrate with your organization’s identity provider and act as an additional authentication factor. It can only be accessed through browsers with this extension.
As the use of SaaS applications dominates, the role of the browser becomes increasingly important – and the threat landscape it encounters increases. Can organizations ignore the risks posed by modern browsers? LayerX says cybersecurity alone is not enough and they are calling for complementary measures to close the SASE gap.
To learn more about how you can get real-time protection from this evolving risk with secure browser extensions, read the entire report.
