Open any employee's browser right now and count the tabs.
On a typical workday, a knowledge worker has 15 or more open at once — CRM, email, finance tools, HR systems, whatever SaaS app someone found last month, and at least one generative AI tool that probably isn't covered by SSO. Each tab is a live interaction with an application, a form, a credential field, or a prompt box.
We've written about how the browser quietly became the most dangerous place to work. Here, I'll go one level deeper and explain why your existing security stack can't see what's happening inside those sessions — and what that means for the threats already in motion right now.
What does working in the browser actually mean for security risk?
Not that long ago, the browser was basically a delivery mechanism — a way to reach applications that lived somewhere else. The real work happened on managed servers or desktop software. The browser just got you there.
That’s not how things work anymore. Today, the browser is where work actually happens. CRM, HR, finance, procurement, legal review, customer support — and now a growing layer of AI-assisted work on top of all of it — all run inside browser sessions. Industry research puts roughly 85 percent of enterprise knowledge work in the browser. At this point that’s not a trend worth tracking; it’s just the baseline.
Most work happens in the browser. Most attacks touch the browser. Most security controls are anchored somewhere else.
What that shift means is that the browser has become the place where sensitive things happen all day long. Files move through it. Credentials get entered into it. Data gets copied across tabs, pasted into AI tools, uploaded to SaaS apps that may or may not be sanctioned.
The browser is no longer a path to your attack surface. For most organizations, it is the attack surface — and it's the one layer most security stacks weren't designed to see inside.
Why can't traditional security tools see inside a browser session?
The tools in most enterprise security stacks were built for a different version of the threat landscape — one where the perimeter was the primary battleground and the browser was incidental. That history created a structural gap that's now impossible to ignore.
Why doesn't EDR see what happens inside the browser?
Endpoint detection and response is excellent at what it was designed to do: monitor processes and file system activity at the OS layer. It sees what executes on the device. It doesn't see what a user types into a form inside a browser tab, what gets pasted into a generative AI prompt, or what file gets quietly uploaded to an unsanctioned SaaS tool. That activity doesn't cross the threshold EDR is watching.
Why doesn't DLP catch data that moves through the browser?
Most DLP tools were built around email and known file-transfer paths — they intercept data at egress points the tool was designed to monitor. When a sensitive document gets copied into a browser-based AI tool, it doesn't route through those egress points. It moves through the session, and the DLP never sees it.
Why doesn't SSO or identity management cover browser activity?
Identity and access management covers the login. SSO gives visibility into which sanctioned applications users are accessing. But SSO coverage isn't universal — many SaaS tools, and nearly all consumer AI products, get accessed outside the identity provider entirely. And even inside SSO-governed apps, what users actually do once they're authenticated is invisible to the identity layer by design.
The pattern holds across the stack: endpoint security sees the device, identity security sees the login, and neither one is watching what happens inside the session in between. That gap is not a flaw in any individual tool. It's a consequence of building security controls that were never designed to look there.
Endpoint security sees the device. Identity security sees the login. Neither one is watching what happens inside the session in between.
What kinds of risk actually live inside an active browser session?
The exposure that lives inside a browser session isn’t some edge case scenario — it’s playing out constantly, across organizations of every size, in ways that most security tools have no visibility into.
A few patterns show up repeatedly:
Shadow SaaS and shadow AI. Employees regularly spin up accounts in productivity tools, collaboration apps, and AI platforms that never touch the identity provider. Security teams have no record of these applications existing. That means no policy coverage, no monitoring, and no way to know what company data is flowing through them.
Sensitive data pasted into unsanctioned AI tools. Research from Netskope's 2026 Cloud and Threat Report found that organizations are experiencing an average of more than 200 sensitive data policy violations per month linked to generative AI use — most occurring in personal or unmanaged AI accounts operating outside SSO controls. The data leaves the governed environment through a text field in a browser tab.
Credential theft through phishing. An employee gets a convincing message — AI-crafted, contextually relevant, routed through a legitimate file-sharing platform so email filters don’t catch it. They click through to a login page that looks right. They enter their credentials. At no point did the identity layer get involved, and the EDR had nothing to flag. By the time anyone knows something happened, the credential is already in use somewhere else.
Exfiltration through legitimate interfaces. Once an attacker obtains valid credentials — through phishing, credential stuffing, or stealer logs — they operate inside legitimate sessions performing legitimate-looking actions. CrowdStrike's research shows attacker breakout times have compressed to minutes in many cases. Inside an authenticated browser session, that speed means exposure often completes before any alert fires.
What these scenarios share is that none of them require a novel exploit or unusual behavior. They happen through normal interfaces, using normal workflows, in the same tabs employees have open all day. That’s what makes them hard to catch with tools that weren’t designed to look there.
How do security teams close the browser security gap?
The only place enforcement can actually work is where the exposure happens — inside the session, at the moment a user is interacting with a form, entering credentials, uploading a file, or pasting data into a prompt. Upstream controls at the perimeter don’t reach it. Downstream detection in the logs comes too late.
Every major shift in enterprise technology has eventually required a new control layer. Firewalls for networks, EDR for endpoints, CASB for cloud. The browser, which is now where most work actually happens, has been the notable exception.
Browser security is built to close that gap, operating as a lightweight layer inside the browser itself — not as a proxy, not as an isolated environment — monitoring, detecting, and acting at the point of risk before a user submits a form, enters credentials on a suspicious page, or pastes sensitive data into an unsanctioned tool. It doesn’t ask employees to only use the browser or apps sanctioned by the company, nor does it change anything about how they work.
The browser security solutions that deploy as a lightweight extension through existing MDM or GPO, run quietly in the background, and only intervene when something triggers a policy violation will have the highest adoption rates and close that security gap that exists in your enterprise today.
What does lightweight browser security look like in practice?
One Neon Cyber design partner highlighted this gap. A marketing employee accessed a generative AI tool outside SSO and typed sensitive product codenames into a prompt — while using a password that had already been compromised in a prior breach. Active credential stuffing campaigns were targeting that exact password across multiple sites simultaneously.
Neon caught both in real time and gave the security team a complete forensic record to work from. From the outside, the activity didn't look serious, just someone doing their job. But it opened up the company to two different exposure vectors, and none of their existing security tools caught it.
That kind of compounding exposure — ordinary behavior creating simultaneous risk across multiple vectors — is precisely what session-layer controls exist to catch, and what every tool above the browser is structurally unable to see.
See Neon Cyber in Action
Want to learn more about how Neon operates inside the browser, detecting and stopping AI data leakage and phishing attacks at the point of click? Book your demo today.