Abstract

Secure Web Gateways have served as guardians of safe online browsing for enterprises for over a decade. Initially, when these technologies were introduced, the internet was a simpler environment, characterized by basic protocols and web applications just beginning to transition into the web 2.0 era.

However, the digital landscape has transformed dramatically since then. Modern web applications are highly complex, incorporating advanced features like progressive apps. Similarly, web protocols have been extensively revised, introducing newer versions such as QUIC and HTTP/3. Concurrently, attackers have significantly advanced, with easily accessible tools enabling them to launch potent attacks with minimal technical knowledge or understanding.

As a result, Secure Web Gateways are now less effective, failing to detect a large number of attacks. This vulnerability has left organizations exceedingly exposed to web browsing attacks from their users.

The question arises: what comes next?

The discussion turns to the evolution of browsers and endpoints over recent years. These platforms have seen significant advancements, now offering robust processing capabilities that support native browser security.

Enforcing security controls on the client side is often perceived as inherently insecure. In this talk, we will take a deep dive into the browser as a security platform and how a browser-native security approach can detect the newer generation of attacks which go completely undetected by Secure Web Gateways.