COMMENTARY: Web browsers are both a critical tool and a potential risk for organizations. Whether it’s employees accessing cloud services, doing research, or collaborating through web-based platforms, the browser serves both as a gateway to productivity – and to cyber threats.
According to the 2024 Browser Security Report from LayerX, 33% of browser extensions in companies are categorized as high-risk. To top it off, a staggering 45% of all web browsers on corporate devices use personal profiles that fly under IT’s radar.
[SC Media Perspectives columns are written by a trusted community of SC Media cybersecurity subject matter experts. Read more Perspectives here.]
With these stats in mind, framing the web browser as the Achilles’ heel of a modern enterprise doesn’t seem like far-fetched rhetoric. When its security gets kept in limbo, it’s a known vessel for credential phishing, drive-by downloads, cross-site scripting (XSS), man-in-the-browser (MitB) attacks, DNS spoofing, and ransomware attacks.
AI lays the groundwork for positive change
The evolution of web technologies and the increasing sophistication of cybercriminals’ tactics have made old-school blacklisting and signature-based detection inadequate. The need to bridge this gap has led to new approaches where AI plays a role. With unparalleled data analysis capabilities under the hood, the tech complements the existing protection tools for proactive threat hunting.
Let’s look at seven areas of browsing security where AI shows a lot of promise for organizations today:
Behavioral biometrics: To unveil potential foul play, AI can analyze users’ unique browsing patterns such as typing rhythm, mouse movements, scrolling behavior, and navigation habits. This helps pinpoint anomalies that indicate account takeovers, bot activity, or insider threats. The technology learns from these interactions and adapts to changes in behavior. This paves the way for dynamic and proactive security measures directly within the browser environment.More accurate malware detection: Detection engines powered by machine learning extract distinctive features of malware strains, including code and file structure, API calls, behavioral patterns, and embedded strings. Based on that data, AI builds a model of what malware looks like. Think of it as learning the fingerprint of harmful software, even if a specific instance of it has never been seen before. These systems can detect and block polymorphic malware, which changes its form to evade detection, and fileless malware, which operates in memory without leaving a trace on the hard drive.Next-level URL filtering: AI models analyze millions of data points such as URL reputation, domain age, and content patterns to detect malicious websites in real time. Tools that leverage AI-enhanced threat intelligence can integrate seamlessly with browsers to offer on-the-fly protection. For instance, organizations can deploy DNS-based solutions that prevent employees from accessing risky sites regardless of location.Phishing protection “on steroids”: Machine learning excels at recognizing even the most subtle signs of phishing attempts. The tech scrutinizes web page layouts, text styles, and domain details to identify sites that mimic legitimate ones. AI-driven phishing protection works well in tandem with traditional email and browser security, flagging risky links or redirecting workers to warning pages. It also looks beyond simple keyword checks to understand the context and intent behind a potential credential phishing attempt.Secure web gateways with AI-based browser isolation: AI-backed secure web gateways (SWGs) automatically place suspicious sites in a sandboxed environment to prevent harmful scripts from affecting the user’s local device or enterprise network. Risky sessions are isolated dynamically to contain web-based threats without disrupting employee productivity. It’s especially effective for protecting against zero-day vulnerabilities.Interplay between AI and privacy tools: While a VPN for Chrome or another browser used in the organization is already a valuable tool for encrypting web traffic, integration with AI enhances its effectiveness. AI can monitor network activity and adaptively activate a VPN connection when users access unsecured networks or high-risk web services. This ensures privacy, and also reinforces compliance with organizational security policies, particularly for remote workers who frequently use public Wi-Fi or untrusted networks.Adaptive user behavior analytics: With AI on board, user behavior analytics (UBA) tools learn from the network’s activity over time to detect insider threats, whether malicious or accidental. These systems easily spot compromised accounts by recognizing behaviors that don’t align with established patterns. For example, if an employee who usually accesses only HR systems starts looking over financial data, this would trigger an alert. Pushing an AI agenda represents the road ahead for browser security. This technology combines intelligence, adaptability, and precision to detect and block some of the most dangerous threats targeting the enterprise. While it does the heavy lifting to traverse huge data sets and build complex models, the future likely holds a synergy of AI and battle-tested traditional security tools.
David Balaban, owner, Privacy-PC
SC Media Perspectives columns are written by a trusted community of SC Media cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.
