SquareX Browser Detection and Response: Closing the SWG and EDR Visibility Gap

SquareX’s browser extension turns any browser on any device into an enterprise grade secure browser. SquareX’s industry-first Browser Detection and Response (BDR) solution empowers organizations to proactively defend against browser-native threats including Last Mile Reassembly Attacks, rogue AI agents, malicious extensions and identity attacks. SquareX is the only solution that provides BDR, enterprise browser and browser DLP capabilities in a single extension. Unlike dedicated enterprise browsers, SquareX seamlessly integrates with users’ existing consumer browsers, delivering security without compromising user experience.

In the presentation, Shourya Pratap Singh explains that this solution is necessary because the very definition of an endpoint is evolving. Whereas endpoints were once defined by native applications and local storage, today the browser has become the primary application platform where most organizational work occurs. This shift means that the attack surface has also moved to the browser. Singh argues that traditional security tools, which were designed when browsers were simple rendering tools, are no longer sufficient. The modern browser is a complex ecosystem with advanced protocols and capabilities, making it impossible to infer all threats simply by inspecting network traffic, as was possible in the past. This complexity creates a significant visibility gap for existing security stacks.

Singh details how both Endpoint Detection and Response (EDR) and Secure Web Gateway (SWG) solutions fail to close this gap. EDR tools have limited visibility because the browser operates as a “closed box,” preventing them from seeing threats that live and die entirely within it, such as malicious extensions, identity-based consent attacks, or threats delivered via WebAssembly. Likewise, network-based SWG solutions lack the application context to detect advanced evasions. Singh uses the example of “Last Mile Reassembly Attacks,” where a malicious file is broken into individually benign chunks that pass through network security, only to be reassembled into a threat by JavaScript on the client side. By operating as a browser extension, SquareX’s BDR provides the necessary in-browser visibility to detect and respond to these modern, evasive threats that bypass traditional security controls.