At this week’s Black Hat 2025 conference in Las Vegas, three security vendors made announcements that could reshape how enterprises secure unmanaged devices, enable zero-trust collaboration, and grapple with the unchecked spread of shadow AI. Check Point Software, Menlo Security, and SentinelOne each introduced or acquired technologies designed to tackle threats that have ballooned in the hybrid work era—threats that traditional perimeter defenses can no longer contain.
The Vanishing Perimeter and the Rise of Unmanaged Endpoints
The modern enterprise sprawls across managed and unmanaged devices, with employees, contractors, and third parties accessing corporate resources from anywhere. This reality has shattered the old castle-and-moat model. Research highlighted at the conference quantifies the crisis: an average 31% of endpoints that touch corporate systems are unmanaged, meaning IT has no direct control over them. Worse, 59% of those unmanaged desktops lack any alternative protection such as Secure Access Service Edge (SASE), zero trust frameworks, or equivalent controls. They are, effectively, black holes at the edge of the enterprise.
For attackers, these endpoints are gaping entry points. For defenders, they underscore the urgent need for novel strategies that extend security beyond the traditional perimeter. The three announcements from Check Point, Menlo, and SentinelOne all aim to bridge this gap, each taking a distinct but complementary path.
Check Point’s Enterprise Browser: Zero Trust for the Unmanageable
Check Point Software, already a significant player in network and browser security, took a decisive step into the enterprise browser market with its new Check Point Enterprise Browser. Announced via a company blog during Black Hat, the solution is purpose-built to enforce zero trust on devices that IT doesn’t own or manage.
The browser’s core capabilities include:
- Data isolation: Sensitive corporate data remains quarantined within secure browser sessions, preventing leakage or exfiltration from unmanaged devices.
- Integrated Data Loss Prevention (DLP): Real-time scanning and enforcement block confidential information from entering or leaving authorized web applications.
- Security posture checks: Automated assessments ensure that each session and device meets corporate compliance and security benchmarks before granting access.
- Complete session visibility: IT teams gain forensic-level insight into browsing activity and resource usage, which is critical for compliance and rapid incident response.
By employing browser extension technology and tight integration with existing identity providers, Check Point’s approach avoids the friction of installing heavy endpoint agents. This makes it feasible to extend strong security to contractors, gig workers, and BYOD participants quickly. However, success is not guaranteed—users must still be persuaded to operate within the sanctioned browser, and change management will be essential to drive adoption.
Check Point’s move also validates the rising importance of enterprise browsers as strategic security platforms. Rather than trying to secure the entire device, the browser becomes the secure container through which all corporate access flows, effectively shifting the security perimeter to the application layer.
Menlo Security: A Two-Front Assault on Unmanaged Risk
Menlo Security, a pioneer in browser isolation, unveiled not one but two innovations at Black Hat 2025, both targeting the unmanaged device challenge from complementary angles.
Menlo Adaptive Web: Intelligent Browser Controls
Menlo’s Adaptive Web feature adds dynamic, intelligent controls to its existing remote secure browser service. Unlike approaches that require local software on the endpoint, Menlo’s technology delivers the entire browser experience from a remote cloud environment. New capabilities include:
- Data redaction: Sensitive data such as Social Security numbers or credit card details is automatically concealed within browser sessions.
- Field identification and disabling: High-risk input fields, especially credential fields, can be blocked or made read-only to prevent unintended exposure.
- SafeSearch enforcement: Web content filters reduce the risk of users accessing phishing sites or otherwise dangerous web destinations.
Because nothing is installed on the user’s device, Menlo Adaptive Web can be deployed with almost zero friction across BYOD and contractor endpoints. This installation-free model is a significant differentiator, though it may introduce latency for highly interactive applications—a trade-off that organizations must evaluate against their performance requirements.
Menlo Secure Storage: Zero-Trust File Collaboration
The second announcement stemmed from Menlo’s recent acquisition of Votiro, a data security specialist. Menlo Secure Storage is a file collaboration service designed to eliminate the risky workarounds that employees adopt when sharing documents between managed and unmanaged devices.
In typical scenarios, a contractor might download a sensitive spreadsheet to a personal laptop, edit it locally, and re-upload it—exposing the file to theft or compromise. Menlo Secure Storage solves this by keeping all files and operations within Menlo’s secure cloud environment. Users on any device can view, edit, and collaborate without the files ever leaving the protected enclave. Policies enforce controlled sharing and editing, aligning with zero-trust principles even across mixed user types.
This approach directly addresses a common but often overlooked vector: the document collaboration gap. By eliminating the need for insecure local downloads, Menlo Secure Storage reduces the attack surface dramatically. However, its success hinges on seamless integration with everyday productivity tools like Microsoft 365 and Google Workspace; any friction could push users back toward unsecured habits.
SentinelOne’s AI Security Gambit: Taming Shadow AI
If unmanaged devices represent a known threat with emerging solutions, shadow AI is a danger that many organizations are only beginning to recognize. SentinelOne’s announcement at Black Hat 2025 that it intends to acquire Prompt Security signals a major step toward integrating end-user AI governance into mainstream endpoint protection.
Fresh research presented at the conference reveals the extent of the problem:
- 53% of end users admit to using AI tools that their organization explicitly bans.
- 45% suspect colleagues are sharing confidential or privileged data with unauthorized AI platforms.
- While 72% of IT decision-makers believe they have strong AI usage policies, only 44% of corporate workers are actually aware of them.
- Enforcement perception diverges sharply: 53% of IT leaders think oversight is strict, while only 36% of users agree.
Prompt Security specializes in protecting AI interactions at the user level. Its technology can:
- Analyze prompt content: Detect when employees submit sensitive or non-compliant data to generative AI tools, flagging or blocking the transfer in real time.
- Discover shadow AI: Illuminate unsanctioned AI tool usage, providing audit trails and usage maps that help organizations understand the true extent of shadow AI.
- Enforce user-level policies: Allow IT to balance productivity needs with protections, instead of resorting to a blunt blocking approach that often leads to more dangerous workarounds.
By folding these capabilities into its Singularity platform, SentinelOne could offer the industry’s first deeply integrated solution that connects endpoint security with AI usage governance. This convergence is timely: as employees increasingly slip sensitive data into ChatGPT, Copilot, or unvetted third-party AI tools, the gap between enterprise security and real user behavior grows ever wider. The acquisition positions SentinelOne to close that gap, but the company will need to carefully address privacy concerns and avoid creating a surveillance-first culture that undermines user trust.
Common Threads and Unresolved Tensions
All three announcements share several strategic characteristics:
- Context-aware, adaptive security: Rather than rigid, one-size-fits-all rules, the new solutions rely on real-time signals, user context, and dynamic policies.
- Inclusion of unmanaged and BYOD endpoints: Each vendor acknowledges that the hybrid workforce is permanent, and security must extend to devices that IT will never fully control.
- Data-centric protection: Check Point and Menlo both focus on keeping data inside secure containers, aligning with modern data protection regulations and zero-trust principles.
- Proactive AI enforcement: SentinelOne’s move reflects a broader industry shift from simply blocking AI tools to intelligently managing how they’re used.
Yet significant challenges lie ahead. User adoption remains the perennial hurdle; no amount of technical wizardry matters if employees reject the new tools or find ways around them. Change management, clear communication, and user education will be as important as the technology itself. Privacy concerns also loom large: session monitoring and AI usage tracking can easily be perceived as intrusive, potentially breeding resentment and shadow IT behaviors. Furthermore, as organizations lock down one vector, attackers and creative users will adapt—an endless arms race that demands continuous innovation.
What Black Hat 2025 Tells Us About the Future
The announcements from Check Point, Menlo Security, and SentinelOne do not represent the birth of entirely new categories. They signal instead the maturation and convergence of trends that have been building for years: the enterprise browser as a security workload, zero trust becoming the default architecture, and AI governance evolving into a core security discipline. In a landscape where the perimeter is gone and human behavior is the last mile, the best defenses will wrap security around how people actually work—on any device, with any tool, from anywhere.
For security leaders, the path forward is clear but demanding. Embrace adaptive, behavior-centric solutions that extend protection beyond managed assets. Invest in the organizational muscle needed to drive adoption and trust. And recognize that the line between IT security and employee enablement has never been thinner. The vendors that made waves at Black Hat 2025 have laid down their markers; now it’s up to enterprises to turn those innovations into hardened defenses—before the next wave of threats breaks.