Menlo Security Raises $40M to Advance Malware Isolation Technology

The security startup continues to evolve its isolation technology to help protect organizations from emerging forms of malware.

Menlo Security

Menlo Security announced on Dec. 11 that it has closed a $40 million Series C round of funding, which it intends to use to grow its security isolation platform.

The new round, which included the participation of American Express Ventures, Ericsson Ventures and HSBC, brings total funding to date for the company to $85 million. Menlo Security emerged from stealth mode in June 2015 with an isolation platform that makes use of Linux Containers (LXC) to help protect against web-based attacks. The company has since expanded its platform to also protect against email-based threats.

"One can never know if a given piece of content is good or bad, so we decided to isolate everything," Amir Ben-Efraim, CEO of Menlo Security, told eWEEK

The way the web isolation platform works is that Menlo Security runs web browsers in the cloud that download all the content that is requested by the user, then mirrors the details of the session to the user endpoint.

"No outside content ever executes on the endpoint, and that's how we know we are keeping you safe," Ben-Efraim said.

Menlo Security expanded into email protection after achieving initial client success with the web isolation platform. Ben-Efraim said his company’s email isolation technology protects against risks from links as well as email attachments. It works with both on-premises and cloud-delivered email services.

"We now make the claim that we can eliminate malware from both web and email, and we have found that typical customer engagements include both capabilities," he said.

Email can often include confidential information, though Ben-Efraim emphasized that Menlo Security doesn't introduce any new privacy concerns by routing traffic through its isolation platform. For on-premises email system deployments, the isolation platform is deployed alongside the existing email system, and Menlo doesn't see any of the organization traffic. For cloud-based email, Ben-Efraim said his company's technology just scans emails for web links.

"There is no data being retained by Menlo, and we're not violating any privacy issues," he said.


Ransomware is often delivered to victims via email links and attachments, which has helped to fuel demand for Menlo's technology in 2017. 

"Nine out of 10 times, when you look at the latest cyber-attacks, they often default to starting with an email," Ben-Efraim said. 

With the isolation platform, email-based malware links are not executed on the endpoint, which Ben-Efraim said is appealing to organizations. The alternative to an isolation approach is to try to mitigate risk by detecting and blocking incoming threats, which doesn't work as well, according to Ben-Efraim.

Going a step beyond simple isolation of web and email threats, Menlo Security also provides a dashboard that provides metrics on activity within an organization. The dashboard provides insight into which employees are clicking links within the isolation platform. Ben-Efraim said that in addition to identifying those who click links, the Menlo platform can provide coaching to help users understand why they shouldn't click all links.

"Humans like to click links," he said. The workflow we have coaches people in real time."

Looking forward, Ben-Efraim has big plans for his company in 2018 as he looks to grow the business and expand the reach of the isolation platform technology.

"We are big believers that isolation is the only path forward on engaging with the outside world," he said. "For us, we're going to continue to try to find more ways to apply isolation to more content and expand the concept across a wider spectrum."

Sean Michael Kerner is a senior editor at eWEEK and Follow him on Twitter @TechJournalist.

Sean Michael Kerner

Sean Michael Kerner

Sean Michael Kerner is an Internet consultant, strategist, and contributor to several leading IT business web sites.