London-based zero-trust enterprise browser SURF launches out of stealth with seed investment round

London-based zero-trust enterprise browser SURF launches out of stealth with seed investment round

Published: 14-11-2022 16:56:00 | By: Pie Kamau | hits: 3636 | Tags:

New zero-trust enterprise browser SURF, announced it has launched out of stealth with an investment round led by 11.2 Capital, Okta Ventures, Mango Capital and security-focused Angel investors. The seed round, combined with the already expanding customer base, will give the company the resources and support to grow significantly over the coming years.

SURF reinforces organizational security by providing the critical visibility necessary to prevent attacks while simultaneously ensuring every user's privacy. The platform streamlines collaboration and delivers easy, secure access to applications and data for managed and unmanaged (BYOD) devices.

Pramod Gosavi, 11.2 Capital: "The browser has become the main productivity tool for employees, which has turned it into the largest attack surface as well. We invested because SURF directly addresses companies' security needs without compromising on the productivity and privacy of the end users."

The platform leverages identity first and already has deep integration with Okta's market-leading identity platform and access management (IDP) technology.

Austin Arensberg, Senior Director, Okta Ventures: "The secure enterprise browser is one of the fastest growing markets. We wanted to make sure we backed the most comprehensive solution - SURF, which simultaneously delivers on companies' critical priorities of identity, security, and privacy."

Founders Moty Jacob and Ziv Yankowitz spent five years working together as CISO and CTO at London-based ICAP-NEX Group, which was acquired by CME Group (the world's leading derivatives marketplace) for $5.4 billion. They built Chromium-based applications to strengthen security and ease management of financial transactions.

SURF Security was established to allow global enterprises to close security gaps – without affecting productivity -- by collapsing the security stack into one single powerful control point: the enterprise browser.

"Ziv and I have taken a pragmatic approach to building the browser, completely eliminating the trade-off between strengthening security at the expense of agility and productivity. We wanted to be business enablers," says Moty. "After many years of trying to stay one step ahead of threat actors with too many niche tools, we decided to integrate many security tools into a single solution, reinforced with zero trust and identity - while making everything easy for administrators and users."

Robin Vasan, Founder and Partner, Mango Capital: "SURF has completely rethought browser endpoint security by natively designing the solution around Chromium and CDN/edge platforms, such as Cloudflare and Fastly. They are also providing tight integration with key identity platforms like Okta and HashiCorp in user and machine identity security respectively, strengthening their market position."

The SURF browser observes every interaction between users and applications to discover policy breaches while enabling complete administrative visibility and control – without collecting individual personal data.

After quick and easy provisioning, enterprises can enforce security controls like DLP, content disarming and reconstruction, phishing prevention, session killswitch, on-the-fly file encryption, browser extension management, device posture checks, transactional MFA, watermarking, and more.

SURF replaces existing tools like VDI, VPN, RBI, DaaS, etc. Instead of adding overhead layers of virtualization, cost, and complexity and fracturing the user experience, the security and access controls are built directly within the browser. Users get full native experiences and streamlined performance, without any middle tiers, as if they were using the consumer version of any browser.

The platform delivers a complete end-to-end zero-trust experience for both on-prem and cloud applications, all built inside the browser. The comprehensive solution eliminates shadow IT, data leakage, social engineering, credential stuffing, unwanted extensions, browser-based attacks, and many other threats. Enterprises can streamline access to all software development tools and processes as well.