SquareX is launching "The Browser Security Field Manual" at Black Hat

PALO ALTO, Calif. - July 17, 2025 - PRLog -- SquareX announced the launch of The Browser Security Field Manual at Black Hat USA 2025. In addition to a comprehensive practical guide to the latest TTPs attackers are using to target employees in the browser, this manual features industry perspectives from leading CISOs from multiple Fortune 500 enterprises and other iconic companies, who share their perspectives on the evolving browser security landscape, the importance of each threat vector, and how they expect these attacks to evolve in the near future. Major contributors include:

• Rathi Murthy, CTO of Varo Bank, Fmr. CTO of Expedia and Verizon
• Rahul Kashyap, Fmr. CISO at Arista Networks
• John Carse, Fmr. CISO at Dyson

As the browser becomes the new endpoint, it has also become the single most common initial access point attackers use to target employees. This is evident in the recent uptick in browser-based attacks such as the Cyberhaven breach, polymorphic extensions and Midnight Blizzard RDP-based attack. Yet, despite the increasing awareness of the browser security gap, given the nascency of the space, most security professionals lack the resources and tools to learn about this emerging threat landscape.

To address this gap, The Browser Security Field Manual systematically guides practitioners through the techniques attackers are using to target employees in the browser across five major threat vectors - Phishing, Malicious Browser Extensions, Browser-based Data Loss, Identity Attacks and Browser-Native Ransomware. Co-authored by Audrey Adeline and Vivek Ramachandran, the book covers everything from common to bleeding edge techniques, including sample code snippets and case studies of such attacks unfolding in real life.

"Attackers thrive on information arbitrage. As the place where 85% of work happens, it's imperative that security teams understand how their employees are being targeted," said Audrey Adeline, SquareX Researcher and Co-author of The Browser Security Field Manual. "We've been extremely fortunate to work closely with some of the industry's top thought leaders, and we hope that this new edition of The Browser Security Field Manual will provide security teams with not only the practical aspect of browser security, but also an industry perspective of how these threat vectors are impacting organizations in real life today and how they may evolve in the future."

This release builds on a successful soft launch of the book at RSAC this year, where SquareX shared early copies with hundreds of CISOs for early feedback and worked closely with many of these security leaders to incorporate their deep industry insights into the second edition of the book.

The Browser Security Field Manual will be available at Black Hat and DEF CON 33 bookstores, with the authors participating in both stores' book signing event. The Black Hat book signing event is taking place at the Black Hat bookstore on Thursday, August 7 at 3:00pm – 3:30pm.