What happened
Cloud security provider Zscaler announced it has acquired browser security startup SquareX to integrate its Browser Detection and Response (BDR) technology into Zscaler’s Zero Trust platform, enabling secure, lightweight extensions in standard browsers without the need for third-party enterprise browsers.Â
Who is affected
Enterprises and security teams relying on Zscaler and other Zero Trust solutions will see expanded browser security capabilities, and organizations evaluating secure access for unmanaged or BYOD devices may reassess browser-centric controls.
Why CISOs should care
The browser is a primary attack surface for modern threats, including phishing, malicious extensions, AI-driven data leakage, and insider risk. Embedding zero trust controls directly into browsers reduces reliance on legacy tools (like VPNs and VDIs) and aligns protection with how users actually access cloud and web-based applications.
3 practical actions
- Evaluate browser security posture: Assess current browser risk coverage and gaps in defending against in-browser threats such as phishing, malicious extensions, and AI-based data exposure.
- Align Zero Trust policies: Ensure your zero trust strategy incorporates browser context and controls across managed and unmanaged devices in line with emerging vendor capabilities.
- Review tooling roadmap: Consider how integrated browser security (extensions or agents) fits into broader security architecture, including secure web gateways, identity controls, and endpoint management.