The Gately Report: Menlo Security Tackling Browser Attacks, AI Threats

The massive spike in browser-based phishing attacks presents an opportunity for Menlo Security and its partners to help overwhelmed security operations centers (SOCs).

That’s according to Todd Wilson, Menlo Security’s vice president of global channels. Menlo Security recently reported a 198% increase in browser-based phishing attacks in the second half of 2023 compared to the first half of the year. When specifically looking at attacks classified as evasive, the researchers observed a 206% increase.

“These are overloading the SOC, and as they overload the SOC, they're trying to figure out what's real, what's fake, how do I manage it and how do I triage it,” he said. “Menlo just blocks it at the gate. So when we've been implemented, we've seen a 70% reduction in these alerts to the SOC, which then allows them to be more proactive and more active. But also for the partners, it gives them more time to help bring in more products to make them more efficient. If your SOC is running at 120%, you're not able to deploy something new to help them do other things, [so] look at other avenues."

Data security posture management (DSPM) is a new, up-and-coming technology, but overwhelmed SOCs aren’t able to implement it, Wilson said.

“So by bringing Menlo, we're able to reduce those alerts, give them more time to look at the less top-level applications or intrusions, and be able to be more proactive,” he said. “And then, of course, that turns into partner services because then they can sell services on every other product to help make that product better.”

Related:The Gately Report: Centripetal Brings Vast Threat Intelligence to Cyber Fight

Menlo Security Generative AI Report

Menlo Security also released its 2023 generative artificial intelligence (AI) report that showed 55% of generative AI inputs contained sensitive and personally identifiable information (PII). Despite warnings, employees continue to include sensitive and corporate data in their generative AI prompts.

Menlo Security's Todd Wilson

“Menlo's been out there talking about generative AI for probably eight months now and we've gotten a lot of great traction,” Wilson said. “Partners keep telling me that they're seeing customers ask for it, but not really implementing it until the past two months. Now, customers are starting to implement controls. And our unique value proposition is the way that we translate that session and can do things like cut-and-paste controls. We have this large semiconductor manufacturer that bought Menlo through one of our distributors, and what they're looking to do is allow their teams access, but then also be able to put the right guardrails in place that their IP didn't get there. It's been a huge use case for partners, and now the company that makes the iPhone and other companies like that have bought our generative AI controls because of the need for generative AI, but also the need for security.”

Related:The Gately Report: PAM Provider CyberQP Helping MSPs Navigate Cybersecurity Challenges

Scroll through our slideshow above for more from Menlo Security and more cybersecurity news.