Gen AI altering browser risk: Generative AI has fundamentally altered the browser risk profile. Gogia noted that the browser is now a bidirectional data exchange, where employees routinely feed sensitive context into AI systems. Most of this activity happens outside formal enterprise governance. Copying internal data into AI prompts, uploading files for summarisation, or using AI-enhanced browser features has become one of the fastest-growing data leakage paths in organisations. As a result, browser-level enforcement is one of the few practical ways to address this without resorting to unrealistic bans.CrowdStrike will also integrate SGNL’s continuous authorization technology, enabling permissions to be dynamically granted or revoked on a per-session and risk-level basis.The two solutions combined will create what the company described as a unified security fabric.The integration will be designed to secure how generative AI applications and agents are accessed, to prevent shadow AI tools from scraping or exfiltrating sensitive enterprise data. It will also aim to prevent the copying, uploading, or screen-grabbing of sensitive data using AI-based content filtering and granular execution-layer controls, stop session hijacking, sophisticated phishing, and man-in-the-browser attacks at the point of execution by randomizing the browser’s JavaScript engine.In addition, CrowdStrike will extend protection to unmanaged and BYOD devices by securing the browser session without requiring a full endpoint agent.
First seen on csoonline.com
Jump to article: www.csoonline.com/article/4116703/crowdstrike-to-add-browser-security-to-falcon-with-seraphic-acquisition.html
