Palo Alto Networks first to break the silence: While SquareX directly disclosed the LMR vulnerability to all major vendors, Palo Alto Networks is the first to publicly confirm it. The acknowledgement came in the form of a September 4 announcement where Palo Alto Networks unveiled new capabilities added to its Prisma Browser.In the announcement, the company said that Prisma Browser has been upgraded “to intercept and neutralize encrypted, evasive attacks that assemble inside the browser and bypass traditional secure web gateways.” With the announcement, the company admitted the architectural shortfall of SWGs in handling these attacks.”Palo Alto Networks represent the first among SASE/SSE vendors to recognize that the shift towards browser-native threats and need for browser-native security is inevitable (hence their acquisition of Talon for $625M), but we expect more SASE/SSE vendors to follow suit as while it is cannibalistic to their existing cash cow business, as the browser becomes the new endpoint, they will have to build, acquire or partner with a browser security company soon to remain relevant,” Adeline added. It’s unclear whether Prisma Browser enhancements are aimed at LMR attacks per se, but the company’s description closely aligns with how SquareX defines LMR. Palo Alto Networks did not immediately respond to CSO’s request for comments.
First seen on csoonline.com
Jump to article: www.csoonline.com/article/4059348/palo-alto-networks-acknowledges-browser-malware-risks-validating-squarexs-lmr-attack-findings.html
