CrowdStrike Holdings Inc. is acquiring Seraphic Security Ltd., a startup that helps enterprises protect employees’ browsers from online threats.

The companies announced the deal today without disclosing its financial terms, though Calcalist pegged the amount at $400 million. Seraphic, which maintains offices in Palo Alto, California, and Israel, previously raised about $37 million from investors. The company raised the bulk of the sum last year through a round that included CrowdStrike’s venture capital arm.

Browsers use a component known as a JavaScript engine to run the code that powers buttons, forms and other interactive webpage elements. Many web-borne cyberattacks target the JavaScript engine. Seraphic provides a software platform that fends off such hacking attempts by hardening workers’ browsers. According to the company, it injects a so-called abstraction layer into the host browser that isolates its JavaScript engine from malicious requests.

Some web-borne cyberattacks take over users’ computers by exploiting memory corruption bugs. Those are flaws that make it possible to overwrite parts of a computer’s RAM, such as sections that host browser code, with malware. Seraphic mitigates RAM-based exploits by randomizing the memory addresses where a browser’s JavaScript engine is kept. That makes it harder for hackers to find addresses they can overwrite.

For added measure, Seraphic analyzes more than 200 data points about each webpage that users visit. The company says its software can find ransomware, phishing links and other threats.

The platform is designed to mitigate not only cyberattacks but also risky user behavior. It scans files that workers upload to cloud services for business information that shouldn’t be shared outside their organization. Additionally, administrators can block other potential data leak vectors such as a browser’s clipboard, screen sharing tool and printing features.

Seraphic’s platform doesn’t focus solely on securing browsers. As of November, the software can secure desktop applications based on the open-source Electron framework. Electron renders user interface components using Chromium, the browser engine that underpins Chrome.

CrowdStrike plans to integrate Seraphic’s technology with its flagship Falcon cybersecurity platform. The development effort will also encompass another startup, SGNL Inc., that the company bought last week for $740 million.

After a cybersecurity system approves a log-in request, it usually only revokes the user’s access at the end of the application session. SGNL offers a platform that revokes access earlier if it detects malicious activity. CrowdStrike will use the platform and Seraphic’s software to secure workers’ browser sessions.

“With Seraphic, we will transform the SOC by correlating trillions of endpoint signals with deep, in-session browser telemetry,” CrowdStrike President Michael Sentonas wrote in a blog post. “This will allow the Falcon platform to understand user behavior, application context, and data flow in real time, unlocking insight into browser-based risk that standalone enterprise browsers and legacy security often can’t achieve.”

Preventing unauthorized artificial intelligence use is another focus of the acquisition. Following the deal, Seraphic will roll out new safeguards against so-called shadow AI services. The features will be designed to protect both company-issued computers and employees’ personal devices. 

Image: Seraphic Security