SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image
Interview: How Menlo Security's isolation platform is changing web security
Tue, 6th Sep 2016
FYI, this story is more than a year old

Menlo Security has been doing big things from Silicon Valley, taking different approaches to the security industry than most providers. Now the company has reached Australia, and its prospects are vast.

Stephanie Boo, Menlo Security's APAC managing director, talks with TechDay about their innovative way of tackling malware prevention, and their plans for the Australian market.

Isolation technology is the name of Menlo's game, and is its primary malware prevention tool. This is a hugely different approach to what other security providers take, such as labelling specific websites as 'good' and 'bad'. Instead of denying access, the company uses a non-invasive way of blocking web-based threats through browsers, undetectable by users. The company says the approach moves execution away from the endpoint and provides an isolated place for threats to initiate their malicious code.

The company runs a web-based isolation platform, known as Menlo Security Isolation Platform. The platform prevents malicious content from ever reaching customers' browsers. They do this by using a sandbox technique that filters malicious code or scripts and lets all genuine content through normally.

The cloud-based sandbox and its content is deleted at the end of every web session, so users never receive any of the dangerous script on their computer.

The company says that this is a cost-effective solution for enterprises and users do not have to be updated with any extra software. There is also zero risk as the content never reaches users' computers, the cost of sanitation is kept to the host machine, and the SOC costs/alerts are decreased as false malware alerts are eliminated.

Trouble tickets drop, recategorization experts are no longer needed and the question is, why wouldn't you use this type of technology?

Boo says the company launched in Australia in January 2016, and the company has seen development across the security spectrum.

"Menlo Security focused on what makes the web dangerous. The world wide web was never built with security in mind, so therefore because of the fact that we have a lot more content on the web, attackers have found a good platform for them to plant the attacks, and therefore contributing to the fact that the world wide web has become an almost dangerous place to go".

She says it's a double-edged sword, you can't remove the web because it's how employees do their work. So how do we solve this problem?

"We turn active content into non-active content while preserving the user experience. Today we know that Flash has tonnes of vulnerabilities. Companies are saying 'best practice: kill flash'. But if you do not have Flash, some sites will not make sense to you. You'll see a white box with a cross. So what Menlo does is convert the content to HTML5, which presents content to the user as if they actually have Flash," Boo says.

"You will not know what you do not know" so instead of trying to analyse threats, it's about treating everything as potentially risky, she says, and she's taking that philosophy to not only Australia, but the entire APAC region.

She explains that the company has already seen key partnership signups within Australia, and is looking to expand even more.

Boo says Menlo is also 100% committed to the channel, saying "We believe we need to leverage the channel because ultimately customers have that long term relationship and trust with the channel - especially in the case of MSSP providers."

In terms of ransomware, the company's isolation technology can help stop the damage in its tracks, particularly as much of it slips past traditional security software. Even legitimate Alexa-ranked websites can still be a hosting point for malware, as they can rely on outdated server software or advertiser domains.

"Ransomware typically goes through two vectors, one is of course the email, and the other part is the web. There are cases of legitimate websites being compromised with ransomware," she says, citing a shopping website in Southeast Asia that was recently compromised.

Now users just browse the web and there is the potential for ransomware attacks. Blocking access to specific website is too restrictive.

Boo says that isolation blocks malware and ransomware from getting through, eliminating threats entirely and allowing users to continue browsing as normal.

Boo says that other types of malware such as phishing and spear-phishing are definitely areas that Menlo Security will be addressing through email security products. She explains that these areas have become a very major concern, especially when it comes to data loss or website spoofing.

With many avenues to go down, Menlo's path into Australia and the wider APAC market is full of opportunity for innovating in the cybersecurity realm.