Menlo Security offers comprehensive Browser Isolation for businesses. Is it right for your organization?
Expert Insights / Jan 10, 2020By Joel Witts
What is Menlo Security?
Security is a web security vendor providing secure, cloud-based internet
isolation. Founded in 2013, in Palo Alto California, Menlo has taken a
‘Zero-Trust’ approach to web security and have built a platform that aims to
eliminate 100% of web and email threats.
One of their
core approaches to email and web security is that simply detecting threats is
not enough, but that threats must be isolated, away from endpoints and business
networks, to eliminate web malware, phishing and reduce credential theft.
Security argues that the traditional model of detecting threats, in order to
block them, is flawed. Due to the sheer number of threats, they argue that no one
solution is able to identify and block all of the web based security threats,
when hundreds of thousands of new attacks are being launched on a daily basis.
To deal with
this issue, Menlo Security has developed a platform which isolates all of your
users web browsing on a remote server. By isolating all web content in these
secure browsers, Menlo can prevent attacks from ever reaching your users
This can totally eliminate malware infections, and their customers report over 95% declines in successful data breaches. Menlo is now used by some of the world’s largest enterprises, including Fortune 500 companies and financial services institutions. It has been recognised by industry bodies such as Gartner, who named it a ‘Visionary’ vendor in their 2018 Magic Quadrant for Secure Web Gateways.
How Does Menlo Security Work?
Security isolates browsing activity away from end user’s devices and onto
remote, cloud servers that they operate. This server is completely separate
from the user’s endpoint and business networks, meaning they are fully
protected from any threats the user may come across in a browsing session.
Security delivers Server-Side Browser Isolation. This means they deliver
a remote browser to their users, which is hosted on a physically isolated
server built to handle cyber risks. This means there is an ‘air-gap’ between
the network, and any online threats. This does not require any additional
clients or software to be installed.
The core of Menlo Security’s Browser Isolation is their Adaptive Clientless Rendering (ACR), which provides clientless browser isolation with a native user-experience.
Utilizing ACR, the existing endpoint browser loads a safe transcoded version of the original page to users. It then relays in puts back to the original page with no latency, all over a secure HTTPS channel.
a seamless transparent user experience, that provides complete safety for
users. Using Document Object Model (DOM) Mirroring. This is the way in which
Menlo is able to mirror the safe portions of the website to render to the user,
while blocking any unsafe or malicious content.
Document applications such as Microsoft Office and PDF viewers are also susceptible to malicious content downloaded from the web or from email attachments. Menlo’s ACR technology also deals with these issues. When a user downloads a malicious document or file through their browser, ACR transcodes the document into a HTML-5 page, then loads this into the isolated browser. This means that users can still view the document, and it looks the same as it normally would, but any unsafe elements are kept fully isolated from the user and the endpoint.
Menlo Security Features Breakdown
All web content is isolated from devices, stopping threats from phishing websites, such as viruses and ransomware. SWG detects and detonates malicious content. Prevents vulnerabilities in flash. Renders unsafe documents in read-only form. Isolated containers are wiped after every session.
Admins can set policies that dictate what web traffic is isolated. Policies can be set per user, group, or file type. Admins create custom policies that allow specific users to access native documents. These documents go through a robust screening process for viruses and malware. Infected files are quarantined in a sandbox.
Menlo requires no additional client, agent, or browser plug-in. It integrates with most popular browsers. Highly scalable.
Menlo uses its patented ACR technology to ensure a seamless user experience. Supports most major Browser Plug-Ins. No Latency to the User. Supports Copy, Paste and Print.
Benefits of Menlo Security
Reduction of Web-Based Threats
the delivery of active code to the user’s local browser, which means it stops
web-based infections from reaching the user itself. Isolating Browsing activity
prevents ransomware and malvertising (malicious adverts) that infects large
numbers of popular websites regularly.
Prevents Phishing Attacks
help organizations mitigate the risks coming from phishing attacks. If a user
were to click on a link to an unsafe website, the web page displayed would only
show safe elements, to protect against any threats. Admins can also set the
page to be ‘read-only’ which prevent users’ from inputting their personal
details or passwords. Any documents attached to
a phishing email, such as a ZIP file containing ransomware, would be safely
rendered to users, isolating any threats.
Reduces Web Security Burden on Admins
isolation streamlines web security for admins. Their Isolation platform removes
97% of web traffic which comes from 3rd party sites that are
admins have far less web based alerts to review and enables admins to spend
more time on other attack vectors.
Protects against Malicious Downloads
safe versions of downloaded documents to users, isolating them from any threats
they may contain. Menlo’s ACR technology renders documents in much the same way
that it renders web pages, with any vulnerabilities removed from the user.
Users still access a rendered version of the document however, and can request
to download the original file to their endpoint if they need to edit it. Using
anti-virus scanning engines, Menlo will then determine if the original document
is safe, helping to ensure users are always fully protected.
Provides a Seamless User Experience
Security provides a seamless user experience. Users experience no latency, can
continue to use all their normal browser controls such as copy, paste and
print, and can continue to consume web content as they normally would. Menlo
helps to keep businesses productive without compromising security, as employees
can access downloaded documents, even from unknown sources, without having to
worry about malware or ransomware.
Affordable and Scalable
Menlo Security takes a ‘containerized’ approach to Browser Isolation. This is generally regarded as the most scalable, lightweight and affordable approach to browser isolation. It means that their remote servers only need to emulate the operating system and the browser to provide a rendered webpage to users, rather than needing to emulate the whole desktop and operating system, which has a far greater overhead.
Interview with Menlo Security
Expert Insights met with Menlo Security CMO Young-Sae Song and CTO Kowsik Gruswamy, to talk about the Menlo Security platform.
phishing and spear-phishing attacks coming via email are some of the biggest
threats facing businesses today. Everybody uses email, and attackers know that
this is a weak link in businesses’ security networks.
often fall through the gaps in security technologies because they don’t look
malicious at first glance. Instead, they utilize social engineering to attempt
to trick users into giving up their account information or make unauthorised
payments. Alternatively, phishing attacks may contain malicious attachments,
telling recipients it’s an important document they are required to open.
Security can help deal with both of these scenarios.
attacks distribute malicious email attachments. The attached file could be an Excel document,
or a ZIP folder, which would deliver some malware or ransomware to the user’s
Menlo Security helps to protect users on Office 365
against this type of threat. When the folder or document is opened by the user,
Menlo will scan the document with anti-virus systems. If the documents are
malicious, Menlo will then block the user from being able to open these
But the crucial aspect of Menlo Security is that if their
anti-virus engines determine the document to be safe, users are able to open an
isolated render of the document. This is important as because even if
anti-virus engines don’t identify a threat, the document could still be
malicious. This is because anti-virus engines often cannot spot zero-day
threats, that have not been seen before.
Because the document can be immediately viewed 100%
safely in isolation, users can view the document, without needing to worry
about safety threats. Admins can also provide users with the ability to download
a safe macro-free PDF version of the attachment, which removes any threats.
Malicious Email Links
Another common phishing attack is malicious email links.
This email links may take the user to a phishing site, where credentials can be
stolen, or malware can be downloaded.
Traditional email and web protection solutions struggle
to deal with these threats, as they simply attempt to categorize the link as
‘good’ or ‘bad’ which can be difficult when there is no reputation data because
the site is new.
Security can help deal with this issue, by opening all email links in
isolation. By opening email links in safe isolation, all users are protected
against any threats that may be contained, without blocking the users from
accessing the site itself.
site may be a convincing copy of a log-in page, for Office 365 for example. To
stop users from accidentally giving away confidential information, admins can
set a ‘read-only’ mode. This allows users to view the page but does not allow
them to input any text or upload any files.
admin policies, if the user then determines the web page to be safe, they can
request to turn off ‘read-only’ mode and visit an isolation version of the page
which they can log-in to as normal.
Admins can set warnings on these pages, which helps to offer phishing awareness to ensure users are aware the page may be unsafe.
Menlo Security is one of the leading vendors in the Browser Isolation space. They provide comprehensive security to their customers, promising up to 99% reduction in the number of data breaches customers face.
Security as an end user, there is almost no difference to using the browser
itself. Webpages load quickly, with dynamic content which updates in real time.
There’s even a way to remove adverts, as advertising code can be removed
from the webpages page you visit.
From an administration perspective, Menlo Security offers
granular controls and policies. Admins can set policies for what downloads
users can access from the internet, set ‘’Read-Only” modes on specific pages
and control what types of pages different groups of users can access. The service
is very easy to set up and can be as fast as two hours to get deployed. It’s
also highly scalable for growing businesses.
A key feature is the phishing protection. Phishing is one
of the major threats all of our readers have issues with. With Menlo, users can
get comprehensive protection against phishing attacks, without being blocked
from opening files.
reasonably priced – it’s a good solution for smaller and midsized companies but
offers enterprise level protection from threats. The solution works very well
with a Secure Email Gateway such as Proofpoint. Using these solutions together
would provide businesses with comprehensive protection against email threats
such as spam and phishing, while also protecting against browser and web based
We recommend that organizations considering Menlo Security should trial this service with a group of their high risk employees, to see how well the service works for them. We can provide a free quote of Menlo for anyone considering this service.