SquareX Collaborates with Top Fortune 500 CISOs to Launch The Browser Security Field Manual at Black Hat, the Ultimate Guide to the Browser Threatscape

The Browser Security Field Manual Launches at Black Hat 2025, Featuring Insights from Fortune 500 CISOs

PALO ALTO, Calif. – August 17, 2025 – SquareX announced the official launch of The Browser Security Field Manual at Black Hat USA 2025. In addition to a comprehensive practical guide to the latest TTPs attackers are using to target employees in the browser, this comprehensive manual features industry perspectives from leading CISOs from multiple Fortune 500 enterprises and other iconic companies, who share their perspectives on the evolving browser security landscape, the importance of each threat vector, and how they expect these attacks to evolve in the near future. Major contributors include:

• Rathi Murthy, CTO of Varo Bank, Fmr. CTO of Expedia and Verizon
• Rahul Kashyap, Fmr. CISO at Arista Networks
• John Carse, Fmr. CISO at Dyson

Why Browser Security Matters More Than Ever

As the browser becomes the new endpoint, it has also become the single most common initial access point attackers use to target employees. This is evident in the recent uptick in browser-based attacks such as the Cyberhaven breach, polymorphic extensions, and Midnight Blizzard RDP-based attack. Yet, despite the increasing awareness of the browser security gap, given the nascency of the space, most security professionals lack the resources and tools to learn about this emerging threat landscape.

What’s Inside the Browser Security Field Manual

To address this gap, The Browser Security Field Manual systematically guides practitioners through the techniques attackers are using to target employees in the browser across five major threat vectors – Phishing, Malicious Browser Extensions, Browser-based Data Loss, Identity Attacks, and Browser-Native Ransomware. Co-authored by Audrey Adeline and Vivek Ramachandran, the book covers everything from common to bleeding-edge techniques, including sample code snippets and case studies of such attacks unfolding in real life.

“Attackers thrive on information arbitrage. As the place where 85% of work happens, it’s imperative that security teams understand how their employees are being targeted,” said Audrey Adeline, SquareX Researcher and Co-author of The Browser Security Field Manual. “We’ve been extremely fortunate to work closely with some of the industry’s top thought leaders, and we hope that this new edition of The Browser Security Field Manual will provide security teams with not only the practical aspect of browser security but also an industry perspective of how these threat vectors are impacting organizations in real life today and how they may evolve in the future.”

From RSAC to Black Hat: Building on CISO Feedback

This release builds on a successful soft launch of the book at RSAC this year, where SquareX shared early copies with hundreds of CISOs for early feedback and worked closely with many of these security leaders to incorporate their deep industry insights into the second edition of the book.

The Browser Security Field Manual will be available at Black Hat and DEF CON 33 bookstores, with the authors participating in both stores’ book signing events. The Black Hat book signing event is taking place at the Black Hat bookstore on Thursday, August 7, from 3:00 pm – 3:30 pm. The book is also available for pre-order via The Browser Security Field Manual website. Alternatively, you can find out more about the manual at SquareX Booth #6825 during Black Hat on August 6 from 10 am to 6 pm or on August 7 from 10 am to 4 pm.

About SquareX: Pioneering Browser Detection and Response

SquareX‘s browser extension transforms any browser on any device into an enterprise-grade secure browser. SquareX’s industry-first Browser Detection and Response (BDR) solution empowers organizations to proactively detect, mitigate, and threat-hunt client-side web attacks, including malicious browser extensions, advanced spearphishing, browser-native ransomware, genAI data loss prevention, and more.

Unlike legacy security approaches and cumbersome enterprise browsers, SquareX seamlessly integrates with users’ existing consumer browsers, ensuring enhanced security without compromising user experience or productivity. By delivering unparalleled visibility and control directly within the browser, SquareX enables security leaders to reduce their attack surface, gain actionable intelligence, and strengthen their enterprise cybersecurity posture against the newest threat vector – the browser.

Find out more at www.sqrx.com.

About Cyber News Live

Stay ahead of the cyber curve with Cyber News Live, the frontline source for real-time cybersecurity reporting, threat intelligence insights, and educational content tailored for professionals, practitioners, and curious minds alike. From breaking breach news to deep dives on emerging attack vectors, our mission is to demystify complex cyber topics and make critical knowledge accessible to all.

We aim to bridge the gap between awareness and action—helping individuals, businesses, and communities stay resilient in an increasingly digital (and dangerous) world.