Surface Security

Surface Security develops an on-premises browser security platform described as a "browser identity and action firewall." The platform is designed as an automated security analyst in each browser to monitor and protect browser activity without requiring a browser replacement, cloud-based proxy, or vendor cloud infrastructure. It is deployed on-premises or within a customer's VPC (sovereign deployment). The platform addresses browser-based threats that fall outside the coverage of traditional email gateways and endpoint detection and response (EDR) tools. Its core focus areas are identity, data, and action occurring within the browser environment. Key technologies and capabilities include: - Surface Vision: An on-device, adaptive page-level detection engine combining DOM analysis, OCR, perceptual hashing, and machine learning to identify phishing kits, including zero-day variants not covered by known signatures. - Shadow Sessions: A multi-plane deception mechanism designed to detect stolen session tokens and cookies at the moment of replay, both inside and outside the customer's perimeter. - Agentic AI Security: Guardrails for AI agents operating in the browser, including prompt-injection detection, origin-pinned credentials, and action-level governance. - A SOC investigation console, policy engine, and step-up identity verification capabilities. The platform covers a range of browser-based attack vectors including adversary-in-the-middle (AitM) phishing, ClickFix attacks, malicious browser extensions, MFA bypass, redirect chains, session theft, and malicious copy-paste techniques. Surface Security targets regulated industries such as finance, healthcare, government, and critical infrastructure, where sovereign (non-vendor-cloud) deployment is a priority.