The web browser is the most used application within the enterprise but also the least protected. Bad actors are now increasingly targeting the weakest link: employees and consultants. Unfortunately, most of these attacks happen online when the employee or consultant is going about his daily work.
To counter these threats, security vendors have developed Secure Web Gateways (SWGs) as part of Secure Access Service Edge (SASE) or Security Service Edge (SSE) solutions to protect the browser. However, this approach is fundamentally flawed because these solutions are not equipped to detect attacks that occur on the client side.
The Last Mile Reassembly framework exposes a critical weakness in these security solutions. By assembling the malicious payload directly in the browser, these attacks bypass SWGs, no matter how advanced their file scanning capabilities are, including heuristic or AI/ML detection methods. Malicious files, instead of being directly downloaded and scanned on the network, are smuggled through the network and constructed within the browser. Similarly, malicious websites are packaged into formats that SWGs typically ignore and are then reassembled on the client side, completely evading detection.
All SASE/SSE vendors listed in the Gartner Magic Quadrant—who contribute to a Total Addressable Market of US$45 billion in 2023, forecasted to grow to US$80 billion by 2028—are affected by these attacks. Check if your SWG protects you against Last Mile Reassembly Attacks here.
