Menlo Security: Unified AI & Human Threat Prevention
▼ Summary
– Menlo Security has launched a Browser Security Platform to secure the “agentic enterprise,” where AI agents outnumber humans and the browser is the primary operating system.
– The platform embeds security directly into the browser session to protect AI agents from threats like prompt injection and data exfiltration, which can occur at machine speed.
– It provides a unified control plane for applying security and governance equally to both human and AI agent users, enabling safe automation of complex workflows.
– The solution addresses specific AI agent vulnerabilities, such as hidden malicious commands in documents, by enforcing instruction-data separation and sanitizing data.
– This approach allows AI agents to safely interact with legacy applications lacking modern APIs, helping organizations eliminate “modernization debt” and capture immediate ROI.
The security landscape is undergoing a fundamental transformation as autonomous AI agents become integral members of the enterprise workforce. Menlo Security has introduced its Browser Security Platform, a solution designed to secure this new “agentic enterprise” where AI actors may soon outnumber human employees. The platform provides a unified control plane to enforce governance and threat prevention at machine speed for both human and non-human users, all deployed on a global, elastic cloud infrastructure.
“The next billion web users won’t be human,” stated Bill Robbins, CEO of Menlo Security. He emphasized that this is not a distant prediction but a present-day reality. By embedding protection directly into the browser session, organizations can safely deploy AI agents to operate at unprecedented scale without exposing themselves to catastrophic risks like prompt injection or data theft. Without such safeguards, a single compromised agent could move laterally across systems, exfiltrate data, or execute fraudulent transactions autonomously.
Michael D’Arezzo, Executive Director of Information Security at Wellstar Health System, highlighted the innovative approach. “Menlo is building governance directly into the agents, securing them from inception,” he explained. This method creates essential guardrails, allowing users to develop agents with appropriate privileges and lifespans. The inherent security against threats and data leakage provides the confidence needed to scale an agentic strategy effectively.
This platform launch follows a record fiscal year for Menlo, which exceeded $140 million in annual recurring revenue with strong net retention. To bolster its market position, the company recently partnered with Google to deliver least-privilege remote access to applications and data via the browser. This collaboration helps organizations avoid the cost and complexity of traditional virtual desktop infrastructure, extending zero-trust security controls to AI agents and any device, whether managed or unmanaged.
The shift to an agentic enterprise introduces unique challenges. AI agents often automate complex workflows using headless browsers or direct web protocols, operating entirely outside the visibility of conventional security tools. “The browser is where agent identity, intent, and action converge, making it a critical control point,” noted Antonio Bovoso, Principal at Consiro Advisory. Threat actors are already exploiting this transition with attacks invisible to humans, such as hidden prompt injections in documents. For instance, an AI agent processing an invoice could be tricked by concealed text within a file to redirect payments to a malicious account, all while a human supervisor sees only a normal document.
The Menlo Browser Security Platform addresses these issues by treating humans and agents as equal participants, offering several core capabilities. Its AI agent security functions as a “Guardian Runtime,” enforcing instruction-data separation. This ensures agents cannot confuse malicious data with legitimate commands, neutralizing threats like goal hijacking and preventing sensitive data exfiltration. Universal connectivity breaks through the “Modernization Wall” by allowing agents to safely interact with legacy, API-deficient applications. It translates and sanitizes data, enabling agents to replicate human workflows without requiring costly infrastructure upgrades, thereby capturing immediate AI return on investment.
Furthermore, the platform provides deterministic visibility, operating at the browser DOM and file component level to deliver full forensic intelligence and real-time session views, unlike legacy systems blind to visual context. It also enforces least-privileged agent governance with granular controls to stop autonomous agents from lateral movement or unauthorized data access.
This architecture moves the security control point directly into the browser session, creating a state of ‘Architectural Immunity.’ Evasive threats are neutralized before they can reach an AI’s reasoning workflow or a human endpoint, thanks to cloud runtime processing with multimodal visual analysis. This unified trust layer stops the most sophisticated agentic-era threats at their point of entry.
“AI agents represent a fundamental shift in enterprise computing,” said Ramin Farassat, Chief Product Officer at Menlo Security. He concluded that for the first time, security teams have a single control plane applying identical security and governance policies to an AI agent processing invoices and the human CFO approving them, all executed at machine speed with complete forensic visibility.
(Source: Help Net Security)