What security teams need to know about the browser-based attack techniques that are the leading cause of breaches in 2025.
“The browser is the new battleground.” “The browser is the new endpoint”.
These are statements you’ll run into time and again as you read articles on websites like this one. But what does this actually mean from a security perspective?
In this article, we’ll explore what security teams are trying to stop attackers from doing in the browser, breaking down what a “browser-based attack” is, and what’s required for effective detection and response.
What is the goal of a browser-based attack?
First, it’s important to establish what the point of a browser-based attack is.
In most scenarios, attackers don’t think of themselves as attacking your web browser. Their end-goal is to compromise your business apps and data. That means going after the third-party apps and services that are now the backbone of business IT — and therefore the top target for attackers.
The most common attack path today sees attackers log into third-party services, dump the data, and monetize it through extortion.
You need only look at last year’s Snowflake customer breaches or the still-ongoing Salesforce attacks to see the impact of these attacks.
Attacks have shifted from targeting local networks to internet services, accessed through employee web browsers
... continue reading