Menlo Security Products and Services:
Menlo Security's solution focuses on cybersecurity utilizing the cloud-native Menlo Security Platform; please see below for products/services offered:
The Menlo Security Isolation-Powered Cloud Platform features the following:
Elastic Isolation Core™:
- Optimizes for individual user traffic demands and patterns
Session Replay:
- Browser session visibility
- Allows security teams to automate data collection and research
- High-fidelity replays of user browsing sessions
- Enables identification of potentially compromised data and how threats targeted users
- Maintains integrity of forensic data through a chain of custody, encryption and secure storage
Document Isolation:
- Complete visibility into password-protected files
- Proved protection against weaponized documents and other file-based attacks
- Renders standard file/document formats into a safe, isolated viewer
- Rewrites and isolates embedded links within documents
- File REST API integrates with third-party malware analysis engines and Content Disarm and Reconstruction (CDR) tools
- Provision of safe PDF versions of original attachments for offline viewing
Read-Only Web:
- Site access control based on app function, including create, login, search, upload and share
- Enables safe social media site access
- Allows the user to log in whilst disabling form-based input and other functionality
- Preserve native end-user experience within read-only growing sessions whilst remaining isolated from harmful active content
- Capability can extend to other widely used cloud applications through the use of inline CASB
Malware Detection and Prevention:
- Protection against browser exploits, multi-stage attacks, drive-by downloaders, malicious web downloads, zero-day browser vulnerabilities and links leading to malicious documents
Phishing Prevention:
- Proprietary link risk-scoring algorithm
- Account takeover prevention
- Credential phishing protection extended to mobile users
- Customizable banners
- Prevention of attackers using email accounts to hijack other services
- Stops attackers from accessing sensitive data in file shares, calendar events, email and contacts
- Renders links in read-only format to prevent users from inputting credentials into suspicious sites
- Zero-hour credential phishing protection for websites categorized as benign or unclassified
Data Protection:
- Detection and prevention of sensitive data exfiltration via data input and file uploads
- Compliance with regulatory mandates such as GDPR, PCI-DSS, HIPAA and GLBA
- Data exfiltration prevention by disallowing the copying of content to online file storage and personal email accounts
- Identify PHI, PII and other sensitive content using hundreds of built-in predefined data classifiers
- Policy definition to control and detect sharing of Microsoft Information Protection (MIP) labelled documents
- Prevention of attempts to upload sensitive data to both sanctioned and unsanctioned cloud apps
Orchestration:
- Automation and tools to augment security operations to respond, triage and investigate email attacks
SSL Termination:
- Security at scale whilst enabling high-performance, low-latency user experience
- Cloud-native architecture provides autoscaling SSL/TLS inspection
- Inspection of encrypted web traffic for data loss, advanced threats and malware
Zero-Day Protection:
- Cloud-based disposable virtual containers to execute active content such as Flash or JavaScript
- Isolates all content through assumed risk without affecting user experience
- Protection against zero-day browser vulnerabilities through remote browser isolation
- Zero-day attack forensics via iSOC feed, insights and browser recorder/session replay
- Browser isolation renders malware-free, non-executable content almost identical to the native experience
API and Verified Integrations:
- Policy, RESTful, Content and Logging APIs
Third-Party Integration Categories:
- SIEM, SSO, SOAR, SD-WAN/SASE, CDR, MDM, AV, Firewall, Sandbox, Proxy, Custom
Elastic Edge:
- Global presence
- <100ms latency connections with Tier 1 peering
- Meets compliance requirements for ISO 27001, FedRAMP and SOC 2 with third-party audits
- Auto-scaling
- On-demand scaling to support new user populations
- Cloud Hardware Security Module (HSM)
- SSL termination for all sessions by default
- Five 9s availability with a highly redundant cloud-native architecture
- Bring Your Own Certificate for customer-specific certificates
- Multi-tenant layer-7 firewall to steer and manage non-HTTP outbound connections
Cloud Connect:
- SD-WAN integration
- SAML, IP-based, X-headers
- IPSec, Proxy Chaining, Firewall Integration, PAC, Transparent Proxy, GRE, Prepend
- Policy enforcement via user authentication
- Menlo Connect endpoint agent
- Flexible traffic steering and ingress routing
- MDM integration for mobile devices
Secure Web Gateway (SWG):
- Granular policy control, including IP, group and user
- User interaction limits for over 75 categories of websites
- Utilize Menlo Query language to create custom queries
- Use API to third-party SIEM and BI tools to export log data
- Integrated status and dynamic file analysis using anti-virus, file reputation check and sandboxing
- Custom and built-in queries for flexible exploration and analysis of data
- Content risk inspection and malicious behaviour detection of downloaded original documents
- Built-in traffic analysis
- Built-in custom reports and alerts with detailed event logs
- Up to one-year flexible data retention periods
- Upload/download controls and document access controls, including view-only, safe or original downloads based on file type
- Protection against known and unknown threats in documents by removing executable content through integrations with existing third-party content Disarm and Reconstruction (CDR), sandboxing and anti-virus solutions
- Enhance the user experience by enabling user/group policies to control bandwidth in low-latency, high-bandwidth environments predictably
Remote Browser Isolation (RBI):
- Routes all online traffic through a remote cloud-based browser
- Zero-trust solution treats all content as malicious
- Elastic scaling to support shifting traffic volumes and any number of employees
- Enables work-from-anywhere by supporting SaaS-based applications, business tools, remote web browsing and online documents
- Granular control and visibility of policies, including by file type, user, group or website category, to determine what content is read-only, blocked or safe as original content
Email Isolation:
- Email link isolation
- Optional read-only access to websites
- Attachment isolation
- Optional safe or original attachment download
- Anti-phishing awareness training
- Integrates with existing email infrastructure, including native integration with Google Workspace and Microsoft 365
- Anti-virus document scan and sandbox options
Cloud Access Security Broker (CASB):
- Integrates with third-party CASB solutions
- Leveraging deep insights into SaaS application traffic to ensure compliance
- Granular policy control for SaaS applications
Data Loss Prevention (DLP):
- Restrict documents from being uploaded to the internet
- Enhanced visibility for on-premises solutions
- Integrations with third-party DLP solutions for both cloud-based and on-premises DLP
Menlo Private Access (MPA):
- Zero Trust Network Access
- 9995% Global availability
- <100ms latency connections with tier 1 peering
Cloud Firewall/Firewall as a Service (FWaaS):
- Software-based
- Cloud hosted
- Delivers security controls for all ports and protocols, users and locations
Isolation Security Operations Center (iSOC):
- Threat intelligence, including compromised sites, malware access and zero-hour fishing
- Assists in fine-tuning custom policies
- Rectify vulnerabilities created by policy changes to provide prioritized and proactive alerts
- Threat monitoring of global internet traffic routing through the Menlo Global Cloud
Solutions
- Implement Secure Access Service Edge (SASE)
- Ransomware Prevention
- SaaS application access control
- Virtual network separation
- Remote work security
- Phishing and ransomware protection
- Data loss prevention
- Mobile malware prevention
- Migration of on-premise proxy to Cloud SWG
- Google Workspace and Microsoft 365 security
- Private application security
- Malicious document download prevention