SquareX Browser Detection and Response Demos

Shourya Pratap Singh, Principal Software Engineer, discusses the architecture of the SquareX Extension, engineered from the ground up with a modular and scalable design to deliver browser security. He explains how it augments existing security setups. Through demos, Shourya showcases use cases such as Browser Attack Detection and Response, Browser DLP, and enterprise browser use cases. He also highlights how the platform enables rapid modeling of protection against new threats, providing organizations with faster and more comprehensive browser security.

Throughout the presentation, Singh demonstrates how attackers exploit the visibility gap in traditional security tools by executing attacks entirely within the browser. He showcases how malicious files can be hidden in plain sight within legitimate web resources like CSS or WebAssembly files, and then reassembled and triggered as a download on the client side, bypassing proxy-based scanners. Similarly, he illustrates an OAuth consent attack where a legitimate link to a service like Salesforce is used to trick a user into granting risky permissions, leading to data exfiltration that email security and EDRs would miss. In both scenarios, the SquareX browser extension provides the necessary “last mile” control, intercepting the file download or the consent-granting action directly within the browser to block the threat before it can be executed.

Singh explains that the SquareX platform complements existing security setups by providing granular control and deep visibility into browser activity. Administrators can create policies using a simple UI, an AI-powered natural language generator, or a flexible Lua script editor, which allows for rapid defense modeling against novel attacks. Detections are enriched with an “AttackGraph” that maps the user’s entire navigation path leading to an incident, providing far more context than traditional logs. The extension-based approach is positioned as superior to dedicated enterprise browsers, as it avoids disrupting user behavior and workflows, enhances reliability, and seamlessly integrates with any browser to fill the critical security gaps in DLP and EDR.