Why is Last Mile Reassembly
dangerous to enterprises?
The web browser is the most used application within the enterprise
but also the least protected. Bad actors are now increasingly
targeting the weakest link: employees and consultants.
Unfortunately, most of these attacks happen online when the employee
or consultant is going about his daily work.
To counter these threats, security vendors have developed Secure Web
Gateways (SWGs) as part of Secure Access Service Edge (SASE) or
Security Service Edge (SSE) solutions to protect the browser.
However, this approach is fundamentally flawed because
these solutions are not equipped to detect attacks that occur on
the client-side.
The Last Mile Reassembly framework exposes a critical weakness in
these security solutions. By assembling the malicious payload
directly in the browser, these attacks bypass SWGs, no matter how
advanced their file scanning capabilities are, including heuristic
or AI/ML detection methods. Malicious files, instead of being
directly downloaded and scanned on the network, are smuggled through
the network and constructed within the browser. Similarly, malicious
websites are packaged into formats that SWGs typically ignore and
are then reassembled on the client-side, completely evading
detection.
All SASE/SSE vendors listed in the Gartner Magic Quadrant—who contribute to a Total Addressable Market of US$45 billion in
2023, forecasted to grow to US$80 billion by 2028—
are affected by these attacks. Check if your SWG protects you against Last Mile Reassembly
Attacks
here.