SquareX helps organizations detect, mitigate, and threat hunt web attacks happening against their users in real-time. With our innovative browser-native security product, SquareX safeguards enterprise users from a spectrum of web-based threats, encompassing malicious files, websites, scripts, and compromised networks.

Web Attacks on your employees, a Blind Spot?

The web browser is the most used application within the enterprise but also the least protected. Bad actors are now increasingly targeting the weakest link: employees and consultants. Unfortunately, most of these attacks happen online when the employee or consultant is going about his daily work. Existing security solutions like Secure Web Gateways as part of SASE/SSE solutions are unable to protect users against modern web threats that happen on the client side, and endpoint security solutions have no visibility into what happens in the browser during an attack. This makes it currently impossible for enterprise security teams to detect, mitigate and threat hunt these attacks.

SquareX’s Technology Advantage

SquareX combines rules-based methods, heuristic analysis, and machine learning algorithms that run in the browser to continuously monitor page DOM changes, user interactions, and web traffic patterns to identify and block potential threats in real-time. Our technology can be deployed on any browser and does not need to inconvenience enterprises with a custom browser which additionally opens them up to other threats.

Case Study: Multi-channel Ransomware Attack

Attack Description: An adversary is targeting multiple users of an organization with the same ransomware, packaged as a malicious Excel document, and sent over multiple channels including LinkedIn, Twitter and Email.

SquareX Detect-Mitigate-Threat Hunt

Detect: SquareX’s browser extension constantly monitors the user’s interaction with websites, including when files are downloaded. In the above case, when the enterprise user downloads the file, the in-browser malicious file detector activates as it detects that the Excel file has malicious macro-based ransomware packaged into it.

Mitigate: Once the malicious file is detected, SquareX checks if the enterprise policy is ‘Block’/’Isolate’. In this case, the policy is set to ‘Block’ all malicious files, so the download is blocked and a warning message is shown to the user. SquareX immediately sends the file hash and the file to the cloud, where automatic remediation policies are pushed to block the same file across all enterprise user browsers.

Threat-Hunt: The enterprise admin gets an alert and in the SquareX enterprise portal a full description of the attack, the attack graph, and the details of the malicious file are made available. The admin can also see all related attacks with a single click using our automated threat hunting feature. Our AI Copilot presents a full timeline analysis of the attack and proposes remedial measures. Using our generalized threat hunting interface, the admin can further investigate similar threats,apply policies and other remedial actions.