Zscaler Bolsters Zero-Trust Arsenal with Acquisition of Browser Security Firm SquareX
Cloud security titan Zscaler Inc. has acquired SquareX, a pioneer in browser-based threat protection, in an apparent move to step away from traditional, clunky security hardware and toward a seamless, browser-native defense.
Over 1,000 Google employees demand the company cut ties with ICE
Cloud security titan Zscaler Inc. has acquired SquareX, a pioneer in browser-based threat protection, in an apparent move to step away from traditional, clunky security hardware and toward a seamless, browser-native defense.The acquisition, which did not include financial terms, integrates SquareX’s browser detection and response technology into Zscaler’s Zero Trust Exchange platform.Unlike traditional security tools that require employees to use specific, locked-down enterprise browsers, SquareX’s solution functions as an extension. This allows users to remain within familiar environments like Google Chrome or Microsoft Edge while gaining enterprise-grade protection against phishing, malicious extensions, and data leakage from generative artificial intelligence (AI) tools.Zscaler CEO Jay Chaudhry framed the acquisition as a necessary evolution beyond aging infrastructure. “Enterprises have historically relied on legacy VPNs and VDIs, but these technologies are fundamentally flawed and laden with security risks,” Chaudhry said. He noted that by deepening Zscaler’s capabilities within standard browsers, the company can now stop threats without the friction of deploying third-party software or managing complex agents.For IT leaders, the primary appeal lies in Bring Your Own Device security. Because SquareX technology resides within the browser, Zscaler can now extend its security umbrella to unmanaged personal devices, which is a persistent headache for cybersecurity teams.“Zscaler’s acquisition of SquareX extends zero-trust directly into the browser, where most SaaS and AI work now occurs. SquareX adds visibility into last-mile, in-browser threats that network controls can miss,” said Mitch Ashley, vice president and practice lead, Software Lifecycle Engineering, at The Futurum Group. “As AI workflows and agents increasingly operate within the browser, this layer becomes a critical control point for zero-trust. By enforcing policy through lightweight extensions on standard browsers, Zscaler can secure BYOD and unmanaged endpoints without relying on VPNs, VDI, or enterprise browsers.”The acquisition comes after SquareX secured $20 million in a Series A funding round led by SYN Ventures in April. According to SquareX founder Vivek Ramachandran, the integration will allow organizations to replace “expensive, insecure legacy access tools” with precise, risk-based policies that protect data and AI interactions without hindering employee productivity.The SquareX deal is the latest in a series of aggressive maneuvers by Zscaler to dominate the cybersecurity landscape through targeted acquisitions.The company’s recent portfolio expansion includes SPLX, an AI security firm acquired in November 2025 for an undisclosed sum; Red Canary, bought for $675 million to boost detection capabilities; Avalor, purchased for $350 million to enhance data security; and AirGap Networks to bolster agentless segmentation.
About Author
