A win-win for customers?: Zscaler has acknowledged that browser runtime behaviour was a missing piece in its zero-trust security, and having SquareX solution in its portfolio can help fill the gap, noted Gogia.For Zscaler customers, this acquisition would mean browser security is no longer an afterthought or a separate tool to evaluate but a native part of the platform.”It reduces reliance on legacy access methods like VPN and VDI, especially for external users. It also gives Zscaler the ability to unify policy enforcement across network access, app usage, and now browser behaviour. Zscaler customers will be able to apply in-session controls to activities that were previously invisible, such as clipboard actions, extension behaviour, or AI prompt submission. They also gain options for session isolation, file download inspection, and least-privilege app access via browser,” added Gogia.On the other hand, for SquareX customers, this means scale and integration. Vivek Ramachandran, founder and CEO of SquareX, confirmed in a blog post that customer deployments and investments will be protected, and over time, they will benefit from tighter integration with Zscaler services, expanded analytics, and more robust, risk-based controls across managed and unmanaged devices.In both instances, the customer benefits from improved alignment between access, behaviour, and enforcement approaches, stated Dhar.
Different roads to browser security: Of late, leading cybersecurity companies have been strengthening their product portfolios by investing in and acquiring specialized browser security firms. This is an indication that they now see browser-native security as strategic rather than optional. For instance, in January this year, CrowdStrike acquired Israel-based Seraphic Security, a browser runtime security company, which it plans to integrate into the Falcon platform.For CISOs, the concern has shifted from the security of the browser to where the security of the browser should be located. Dhar explained in the case of Zscaler’s move with SquareX, the strategy is to integrate browser controls with its access component of Zscaler zero trust. That’s security beyond granting access. However, in the case of the acquisition by CrowdStrike involving Seraphic, the strategy falls under endpoint security as they extend the visibility of EDR solutions to include the browser.
First seen on csoonline.com
Jump to article: www.csoonline.com/article/4128745/zscaler-extends-zero-trust-security-to-browsers-with-squarex-acquisition.html
