<p>Targeted detection and response software has become a crucial component of network security. Lately, it seems that for every technology an organization uses, a dedicated detection and response tool exists to secure it — such as network detection and response, endpoint detection and response (<a href=”https://www.techtarget.com/searchsecurity/definition/endpoint-detection-and-response-EDR”>EDR</a>), data detection and response, extended detection and response (<a href=”https://www.techtarget.com/searchsecurity/definition/extended-detection-and-response-XDR”>XDR</a>) and more.</p>
<p>The latest tool to enter the scene is browser detection and response (BDR).</p>
<p>In a nutshell, BDR enables browsers to detect, investigate and respond to threats that originate in or travel through them. BDR addresses a growing blind spot: Traditional endpoint agents and network controls often miss sophisticated web-based attacks, such as formjacking, malicious extensions, credential theft via injected scripts, <a href=”https://www.techtarget.com/searchsecurity/feature/How-to-avoid-phishing-hooks-A-checklist-for-your-end-users”>phishing that executes in the browser</a>, supply chain compromises on third-party JavaScript, and data exfiltration orchestrated through web apps or <a href=”https://www.techtarget.com/searchenterpriseai/answer/How-bad-is-generative-AI-data-leakage-and-how-can-you-stop-it”>AI chat interfaces</a>.</p>
<section class=”section main-article-chapter” data-menu-title=”How BDR works”>
<h2 class=”section-title”><i class=”icon” data-icon=”1″></i>How BDR works</h2>
<p>BDR places detection logic as close as possible to the point of interaction: the browser, which today tends to serve as the primary client for most users’ cloud apps, webmail, SaaS and third-party services. BDR captures telemetry and enforces controls where attackers operate, reducing time to detect and enabling faster, more precise containment.</p>
<p>BDR software is typically deployed three ways: as a managed browser extension, a lightweight browser agent or via a brokered browser session — i.e., remote browser isolation. It collects telemetry, including visited URLs, document object model changes, script execution trees, form submissions, clipboard operations, file uploads and downloads, and extension activity. This data is then correlated with user i
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: