Is the Browser Becoming the New Endpoint? www.darkreading.com/endpoint-…

Attackers prefer an easy target; currently, that appears to be the Web browser. It’s time to shore up those defenses.

High-profile attacks like the one last year against Snowflake that affected downstream database customers revealed dire third-party risks and emphasized the need for stronger browser security. In that case, attackers did not deploy malware or use a super sophisticated technique. Instead, they used stolen credentials and left no trail for security teams to follow.

More use means more targeting, but defenders need time to keep pace as they have in the past. Previously, attackers set their eyes on networks, so the industry responded with strong perimeters built out with firewalls and proxies. Threat actors shifted to user endpoints, which resulted in endpoint detection and response (EDR) tools. When social engineering and phishing attacks grew more prevalent, so did an email security push. “What we’re living though now is the latest iteration,” Orlando says. “It’s time for us to pivot and think about that as well.”