Black Hat , Events , Security Operations

The Inadequacies of Secure Web Gateways in Modern Security

SquareX Founder Vivek Ramachandran on Why Script-Based Attacks Go Unnoticed in SWGs
Vivek Ramachandran, founder, SquareX

Secure web gateways struggle with modern web attacks because they focus on network traffic rather than browser-level activity, according to SquareX founder Vivek Ramachandran.

See Also: Corelight's Brian Dye on NDR's Role in Defeating Ransomware

This network-centric approach doesn't capture what happens in a user's browser, and Ramachandran said attackers exploit this lack of visibility to launch script-based attacks that secure web gateways can't detect. Architectural shortcomings make it difficult for gateways to handle attacks happening on the browser side since user interaction and dynamic page content play a critical role in delivering threats (see: Can Browser-Native Security Stop Web Attacks?).

"Without having all of these inputs, it is impossible for them to recreate what's happening in the browser, hence making it even more difficult to detect attacks," Ramachandran said. "We feel like the whole network-based proxy architecture unfortunately is not capable of detecting modern web attacks."

In this video interview with Information Security Media Group at Black Hat 2024, Ramachandran discussed:

  • The limitations of secure web gateways in identifying browser-side attacks;
  • How attackers exploit architectural flaws in gateways to deliver malicious content;
  • The promise of browser-native security products for real-time threat detection.

At SquareX, Ramachandran built a browser-native security product focused on detecting, mitigating and threat-hunting web attacks against enterprise users and consumers. Prior to that, he founded the Pentester Academy, which has trained thousands of customers and was acquired in 2021. Before that, Ramachandran's company built an 802.11ac monitoring product sold exclusively to defense agencies.


About the Author

Michael Novinson

Michael Novinson

Managing Editor, Business, ISMG

Novinson is responsible for covering the vendor and technology landscape. Prior to joining ISMG, he spent four and a half years covering all the major cybersecurity vendors at CRN, with a focus on their programs and offerings for IT service providers. He was recognized for his breaking news coverage of the August 2019 coordinated ransomware attack against local governments in Texas as well as for his continued reporting around the SolarWinds hack in late 2020 and early 2021.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.