As SaaS applications dominate the business landscape, organizations need optimized network speed and robust security measures. Many of them have turned to SASE, a product category that offers cloud-based network protection while improving the performance of network infrastructure.
However, a new report: “Better Together: SASE and Enterprise Browser Extension for the SaaS-First Enterprise” (Download here), tests SASE’s ability to provide comprehensive security against web-based cyber threats on its own. From phishing attacks to malicious extensions and account takeovers, traditional network traffic analysis and security fall short. The report sheds light on these limitations and introduces the role of secure browser extensions as an essential component in a comprehensive security strategy.
SASE Advantages and limitations
SASE takes on a dual role in addressing both infrastructure and security. However, while SASE offers clear security benefits, it may not fully cover the breadth of the web-borne threat landscape. SWG, CASB, and NGFW are not the silver bullet to all your SaaS-first organization’s security needs, even when they are packaged as SASE.
The modern threat landscape is shaped by the centrality of the browser as the primary workspace. These new threats leverage the browser as a bridge between the device and organizational resources and aim to gain malicious access to the organization through phishing, malicious extensions, and account takeover, to name a few. While SASE is designed to protect the perimeter from threats attempting to enter it, this new threat landscape relies on traffic from the browser to a SaaS app or website, which SASE does not fully cover.
Close the gap with secure browser extensions
Secure browser extensions complement SASE’s network security measures. Through in-depth session analysis and proactive threat prevention, these extensions provide granular visibility and real-time protection against sophisticated web-borne threats, effectively closing the gaps left by SASE.
SASE and Secure Browser Extensions: 3 Use Cases
How do the differences between SASE and secure browser extensions manifest themselves when dealing with real threats? The report provides three use cases.
1. Phishing
- SASE Limitations: SASE’s NGFW or SWG has no visibility into the actual session, leaving it to rely on known malicious addresses or emulate the session in a virtual environment. As a result, SASE misses approximately 60% of malicious web pages. It also cannot detect pages that disable its phishing activity when run in a virtual environment.
- The solution: A secure browser extension provides granular visibility into the live session, enabling tracking of malicious components on the phishing web page and disabling them in real time.
2. Malicious extensions
- SASE Limitations: SASE’s NGFW or SWG does not have the ability to detect and block outbound traffic generated by any malicious extensions.
- The solution: The Secure Browser Extension provides visibility into your browser and detects and disables any extensions that introduce a data exfiltration risk.
3. Account takeover
- SASE Limitations: SASE’s CASB has no visibility into complex, modern web apps and is dependent on the app’s API, limiting protection to sanctioned apps.
- The solution: The secure browser extension integrates with the organizational identity provider and serves as an additional authentication factor. Access is only possible from a browser that has the extension.
With the dominant use of SaaS apps, the more important the role of the browser becomes and the threat landscape it encounters will increase. Can organizations ignore the risks posed by modern browsers? According to LayerX, network security alone is not enough and requires complementary measures that can fill SASE gaps.
To learn more about how you can get real-time protection against this evolving risk with a secure browser extension, read the entire report.