New Menlo Security Tools Fight Advanced Browser-based Attacks

Highlights:

• The first product, HEAT Shield, analyzes the URL of every website an employee visits. The system then generates a risk score indicating whether a URL will likely host malware.
• The second new offering introduced by Menlo Security recently is dubbed HEAT Visibility. It employs AI to monitor the web traffic of employees for malicious requests.

Menlo Security Inc., a well-funded cybersecurity startup, debuted two new tools designed to assist businesses in preventing so-called HEAT attacks.

HEAT is an acronym that stands for highly evasive adaptive threat. This term refers to web-borne malware that targets victims’ browsers and employs sophisticated obfuscation techniques to avoid detection. According to Menlo Security, each of its two newly-announced products addresses such attacks distinctly.

The first product, HEAT Shield, analyzes the URL of every website an employee visits. The system then generates a risk score indicating whether a URL will likely host malware. HEAT Shield’s risk evaluations can help businesses determine which websites should be blocked.

In certain circumstances, only a URL analysis is insufficient to prevent HEAT attacks. Hackers occasionally compromise legitimate websites and use them to propagate malware. Apparently, even legitimate websites may mislead traditional URL analysis tools.

Menlo Security has equipped HEAT Shield with artificial intelligence features to resolve this difficulty. These AI capabilities can scan the code elements of a worker’s visited websites for malware. In addition, the service employs computer vision to identify visual indicators that may indicate a website is malicious.

The second new offering introduced by Menlo Security recently is dubbed HEAT Visibility. It employs AI to monitor the web traffic of employees for malicious requests.

HEAT malware is challenging to detect with conventional traffic surveillance tools. Malware is frequently downloaded onto users’ browsers in a form that is encoded and inactive to avoid detection. The malicious code is inactive until it has infected the user’s computer.

HEAT Visibility automatically notifies administrators when it detects potential HEAT malware in the web traffic of end users. Additionally, information technology personnel have access to the HEAT Attack Dashboard feature. The feature displays comprehensive technical information regarding cyberattacks detected by its AI algorithms.

Nick Edwards, Menlo Security’s Vice President of product management, said, “Adversaries have placed a massive bullseye on the web browser. It has become the new desktop, where we spend the bulk of our working day. The capabilities we are introducing today mark a significant leap forward towards our mission of creating a secure, seamless browsing experience.”

According to the company, HEAT Shield and HEAT Visibility share the same technological foundation as its flagship product, the Menlo Security Platform. The platform enables employees to access websites hosted in the cloud rather than on their local computers. The original code of web pages is not downloaded onto users’ computers, preventing malware from reaching its intended target.