How do we improve our ability to detect attacks and secure the enterprise? It’s a question that has been exercising the C-Suite and security teams for years now. For many, the solution has been to keep buying new products and services in the hope it delivers that security they seek. Unfortunately, as we see on a weekly basis, the number of breaches continues to grow with no sign of abating.
Enterprise Times talked with Jonathan Lee, principal product manager at Menlo Security, about Highly Evasive Adaptive Threats (HEAT), AI and how we better secure the enterprise. Companies are continuing to embrace Software as a Service apps and use the browser to deliver their own apps. It makes the browser a key attack vector for attackers. We asked Lee how we do a better job of securing it.
Lee talked about how our way of securing the browser needs to change. The use of allow and disallow lists might have worked 20 years ago but is no longer effective. There has to be a review of what we do and how we do it.
In addition, Lee sees attackers demonstrating not only increasing sophistication but a detailed understanding of the enterprise security stack. It means that enterprise security teams need to rethink their security controls and what they do.
AI is another part of the equation for attackers and defenders. The effectiveness of AI-generated phishing attacks is of real concern. Yet defensive AI is only showing patchy results. Lee talked about how Menlo is using AI in a different way to support security teams.
To hear more of what Lee said, listen to the podcast
Where can I get it?
You can listen to the podcast by clicking on the player below. Alternatively, click on any of the podcast services below and go to the Enterprise Times podcast page.