In today’s cybersecurity landscape, web browsers are among the most frequently targeted attack surfaces. In fact, in the last 12 months, 95% of organizations suffered a security incident originating from the browser. Traditional browsers, designed for broad usability, lack enterprise-grade security, leaving organizations vulnerable to emerging threats. What’s more, they are inherently vulnerable with 328 vulnerabilities discovered in 2024.

Two recent examples highlight the scale of the threat: CVE-2025-24113, a spoofing flaw in Safari that could mislead users into revealing sensitive information, and CVE-2025-24201, a vulnerability that allowed maliciously crafted web content to break out of the web content sandbox and may have been exploited in extremely sophisticated targeted attacks. While both were patched, they underscore how even well-maintained browsers can expose organizations to significant risk if not proactively secured.

If security is your priority, you need a browser built by the best minds in the industry—one that evolves as fast as the threats do. As cybercriminals exploit new vulnerabilities at an alarming rate, businesses need a browser that can proactively defend against attacks rather than merely react to them.

That’s where the Prisma Access Browser comes in.

At the core of Prisma Access Browser is cutting-edge security research conducted by Palo Alto Networks security research team. Our research-backed approach, combined with enterprise-grade mitigations and proactive threat detection, makes Prisma Access Browser the only choice for organizations that refuse to compromise on security, high performance and delightful user experiences.

Our world-class researchers—including renowned cybersecurity experts Edouard Bochin and Tao Yan, winners of the Chrome/MSEdge browser category at Pwn2Own 2024—continuously analyze zero-day threats and develop novel mitigations. These mitigations are embedded directly into our browser to help safeguard users before exploits become widespread. What’s more, the solutions team continuously performs security assessments of the browser’s capabilities, including the underlying Chromium infrastructure.

This proactive approach ensures Prisma Access Browser isn’t just another Chromium-based option—it’s a security-first platform designed to withstand modern cyberthreats. This is particularly crucial as security evolves, often introducing new vulnerabilities alongside advancements in protection.

One example of proactive research surfaced recently with the introduction of a major security innovation from Google, which, upon analysis, unearthed a new vulnerability.

Even Security Innovations Can Introduce Security Gaps

Introducing isolated web apps (IWAs) is a major advancement in browser security. These applications pioneered within the Chromium ecosystem, offer enhanced security by running in a restricted, sandboxed environment. Installed only from verified sources, IWAs operate under stricter content security policies (CSPs) and integrate more securely with operating systems, effectively bridging the gap between web and native applications.

IWAs introduce new levels of functionality to the browser, enabling web applications to request additional permissions and leverage advanced APIs. This enhances browser-based applications in ways never before possible. However, with greater capabilities come greater risks—particularly when low-level OS APIs are exposed to web environments.

The Risks of Network-Capable IWAs

While IWAs unlock exciting new possibilities, they also expand the browser’s attack surface. By exposing low-level OS APIs to the web, IWAs inadvertently create new attack vectors, reducing the complexity required for exploitation.

At this critical juncture, our world-class research team discovered a use-after-free vulnerability in the Chrome network stack, a flaw that could potentially be exploited to gain unauthorized access.

This issue, which was midrollout and initially deployed on Chrome OS, led to the CVE-2025-1006 vulnerability report. Alongside Edouard Bochin, our research team—including Tal Keren, Sam Agranat, Eran Rom and Adam Hatsir—was instrumental in identifying and reporting this flaw.

For full technical details on the vulnerability, visit the official CVE report.

In an era where the browser has become both the hub of your sensitive data and the frontline of cyberattacks, relying on generic, consumer-grade browsers is no longer enough. Prisma Access Browser stands apart—not just as a secure alternative, but as a purpose-built platform engineered by some of the world’s top security minds.

Backed by continuous threat research, real-time mitigation and a relentless focus on staying ahead of attackers, it's the browser built for modern enterprise demands. If your business depends on the web, your browser should be your strongest line of defense.

When it comes to protecting your business from browser-based threats, why settle for less? Request a demo today to experience the protection only Prisma Access Browser can deliver.