Here Are 6 Hot Browser Security Startups In 2022
Some startups are developing new ‘enterprise browsers,’ which build upon open-source code, while others are adamantly anti-enterprise browsers, saying there’s no need to develop entirely new ones. CRN looks at what six hot startups are doing in the browser security space.
Cybersecurity experts have long known that web browsers, among the most heavily used applications around, often serve as major cyberattack vectors.
Despite numerous attempts to improve browser security over the decades, web-based attacks have been on the rise in recent years—and the pandemic-era increase in remote work has only exacerbated the browser vulnerabilities problem.
Not surprisingly, investors have recently been pouring hundreds of millions of dollars into startups promising safer browsers and safer browsing experiences.
The cybersecurity trend includes some companies, most of them from Israel, developing entirely new “enterprise browsers,” which build upon the open-source Chromium code that today underlies Chrome, Edge, Firefox and other popular browsers.
An enterprise browser, whose icon can sit on an employee’s desktop just like any other browser, allows corporations to effectively customize and control the browsing capabilities of workers, such as limiting access to data and prohibiting certain types of downloads.
Then again, some startups are adamantly anti-enterprise browsers, saying there’s no need to develop entirely new enterprise browsers. Instead, they say, existing browsers just need either technological tweaking or new platform security measuresto improve browsing security.
As part of Cybersecurity Week 2022, CRN recently talked with executives from six startups developing various browser security products. The following is a look at these companies.
Island
Island, a Dallas-based startup valued at $1.3 billion, has not only developed its own enterprise browser, but it has already been deployed at some Fortune 100 companies and small businesses, said Michael Fey, co-founder and CEO of Island, which has raised $200 million in funding since its founding in 2020.
The company’s browser even has its own “Island” logo and can sit on employees’ computer desktops.
“It is a new browser, but it’s built on the Chromium open-source project,” Fey said in a recent interview with CRN. “Think of it as a cooperative member of the enterprise. It gives full control the last mile to the enterprise. Everything that occurs in the browser is now under control of the enterprise. If they wish it to be, it’s done.”
Though Island wouldn’t disclose numbers, Fey said about 50 percent of the privately-held company’s revenue now comes via the channel.
“Our channel relationships have been wonderful,” he said, adding he hopes to continue to grow Island’s channel business.
Island’s latest funding round came in March, when it raised $115 million in Series B financing led by New York-based Insight Partners.
Talon Cyber Security
After being named the “most innovative” startup at the RSA 2022 conference in June, Tel Aviv, Israel-based Talon Cyber Security is perhaps the best known startup that has developed its own enterprise browser.
Talon’s browser, called TalonWork, has been deployed at dozens of companies since the company emerged from stealth mode in late 2021, said Ofer Ben-Noon, co-founder and CEO of Talon Security.
TalonWork was also developed via the open-source Chromium.
“It’s not as if we needed to build the browsing capabilities that we’re getting everything from Chromium,” said Ben-Noon in an interview with CRN.
“What we have built is the security stack and access stack on top of Chromium. And that allows us pretty much to be focused only on the security and privacy access capabilities for the hybrid and distributed workforce,” he said.
“We have built the most powerful security and access suite inside the browser, and then all of that is configurable,” he added.
In August, the 75-employee Talon announced it raised $100 million in a Series A funding round led by Evolution Equity Partners, with participation from CrowdStrike’s Falcon Fund and CrowdStrike CEO George Kurtz, among others.
LayerX Security
How hot is the browser-security market these days? On Oct. 3, Tel Aviv-based LayerX emerged from stealth mode with $7.5 million in seed funding provided by Glilot Capital Partners and Kmehin Ventures, as well as FinSec Innovation Lab by Mastercard, Enel X, Int3, GuideStar and cybersecurity angel investors.
LayerX is the latest startup dedicated to developing safer browsing, but Or Eshed, co-founder and CEO of the 16-employee company, wants to make clear that LayerX is not producing an entirely new enterprise browser.
Instead, the company has developed a “user-first, browser-agnostic security platform so workforces can continue working on their favorite browsers, keeping both performance and experience intact,” as LayerX describes its product.
In an interview with CRN, Eshed said the goal is not to replace Chrome, Edge, Firefox and other browsers. It’s about adding new browsing security capabilities to them.
“Regular browsers are great. They stay compatible with the web. LayerX stays compatible with the browsers.”
The bottom line: CISOs like to customize their browsers and LayerX can provide that customization, Eshed said.
“The risks keep going up,” Eshed said of potential cyberattacks via vulnerable browsers. “It’s a modern problem requiring a modern solution.”
Perception Point
Perception Point is another company that believes developing an entirely new browser isn’t necessary.
Perception Point, which earlier this year acquired Tel Aviv, Israel-based Hysolate in a bid to make internet browsing more secure, recently launched Advance Browser Security that, via extensions and agents, provides detection, data loss prevention, governance and VM-based isolation.
“You don’t need to change anything in the way you work as a user or as an organization,” Tal Zamir, CTO of Perception Point, told CRN in an interview.
“You still use the standard Chrome or Edge that you’re using. But we will add all this security goodness of detection, DLP, VM-based isolation to the browser,” Zamir added. “The browser extension will give you all the detection and DLP governance capabilities. And the agent is required to give you the extra VM-based isolation component.”
He said there’s simply no need for Tel Aviv-based Perception Point, founded in 2015, or other companies to try to outdo Google and Microsoft when it comes to developing an entirely new browser.
“There’s a lot of innovation coming both out of Microsoft and of Google for making their browser the industry standard for business browsers,” he said. “If you go with some other custom [browser], you need to reinvent the wheel and to fight head-to-head with Microsoft and Google.”
Red Access
Red Access is yet another Israeli startup to recently emerge from stealth mode to unveil its new browser security technology.
And Dor Zvi, co-founder and CEO of Red Access, is also emphatic that Red Access has not produced a new enterprise browser.
Instead, Zvi said the 25-employee Red Access, founded earlier this year with $6 million in seed funding, has developed the “first SaaS-based, agentless security platform” that improves security while allowing employees to continue using Chrome, Edge and other browsers of their choice.
“Our approach is very different” from other browser-security products, Zvi recently told CRN. “We have the same functionality you can get from a browser, but from what we consider a less intrusive, completely agentless way.”
Through its platform, Zvi said Red Access helps secure “any activity of corporate employees across any browser and also any local web applications that we use to connect to the cloud.”
Zvi added: “If you’re using Chrome or Mozilla or Edge or an old browser or whatever browser until now, then keep using it. … We took the browser’s security a step further, creating a platform to cover the full browsing and web surveys.”
Red Access’ target customers right now are large enterprise companies and financial firms, including banks, insurers and credit unions, Zvi said. Red Access is also serving some technology, energy and chemical companies.
Seraphic Security
Seraphic Security is another Israeli startup that believes employees should be allowed to keep their current browsers.
But they should be browsers that have been effectively injected with Seraphic’s JavaScript agent in order to improve security, the company said.
In an August press release, the 22-employee Seraphic Security announced it had emerged from stealth mode to unveil what it called a “first-of-its-kind, enterprise-grade browser security and governance solution that works across any browser.”
Ilan Yeshua, co-founder and CEO of Tel Aviv-based Seraphic, told CRN that it’s just not realistic to expect employees to forgo their traditional browsers.
“You can tell [people] to change the browser, but we don’t think that this is the right approach,” said Yeshua.
“The approach is to keep your browser because if you want to keep productivity, you need to make it completely seamless to the user.”
Seraphic’s target customers are large and midmarket companies and cloud-native organizations, said Yeshua.