We provide market insights, research and advisory, and technical validations for tech buyers.
Published: 07 Aug 2025
Black Hat 2025 is this week, and through all the fervor, a few things have caught my eye as worth mentioning.
Two of them -- from Check Point Software and Menlo Security -- deal with secure access to apps and data from unmanaged devices, while a third from SentinelOne is around end-user AI usage.
Unmanaged devices announcements
My recent research into the intersection of endpoint management and security has shown that an average of 31% of endpoints that access corporate resources are unmanaged. More importantly, 59% of those unmanaged desktops are not secured by secure access service edge, zero trust or other alternative means, so they're just black holes at the edge.
With this in mind, I'm particularly interested in two announcements from vendors Check Point and Menlo.
Check Point
Check Point has been doing browser security for a long time but focused more on the network and browser extension angles with its announcement. At Black Hat, they published a blog detailing their Check Point Enterprise Browser as a way to secure unmanaged devices to deliver zero trust to any device.
Touting data isolation, integrated DLP, security posture checking and complete session visibility, this can absolutely fill a role in environments with lots of BYOD or otherwise unmanaged resources. That is, assuming IT can get the browser on to the device, which is typically using identity provider integration.
There are many other products that do this, of course, but it's another important part of the overall Check Point platform. Further, it's putting more energy into the red-hot enterprise browser space overall.
Menlo
Menlo's announcements actually span two products, one in the enterprise browser space and another in file collaboration, each of which helps address the challenge of unmanaged and BYOD devices.
Along the enterprise browser lines, Menlo announced Adaptive Web. This feature adds controls to its flagship browser service that supports features such as data redaction; field identification/disabling, such as passwords; and SafeSearch enforcement. These features are in addition to Menlo's existing remote secure browser technology, which does not require anything to be installed on the endpoint itself.
While Menlo is known for browser security, they acquired Votiro earlier this year to add file and data security to their offerings. The first integration resulting from that acquisition appears to be Menlo Secure Storage, which enables file collaboration that aligns with zero-trust frameworks. It does so by addressing the document collaboration challenges that occur across mixed user types -- such as employees and contractors -- and devices that often require insecure workarounds.
Menlo Secure Storage enables collaboration by ensuring all files and file operations stay within the Menlo Secure Cloud environment. This means employees or contractors with managed or unmanaged devices can collaborate without resorting to insecure shortcuts, such as downloading things to an insecure local device to edit, then re-uploading.
AI and user security
In perhaps the biggest splash on my radar, SentinelOne announced that they intend to acquire Prompt Security, which specializes in end-user AI security -- think prompt content, shadow AI, etc.
This announcement is exciting to me because it's the first real integration of end-user-facing AI into an endpoint security vendor, and the timing is perfect. I've conducted research into how organizations deliver AI, and how end users actually use AI. This was in an effort to quantify the value, challenges, and the benefits that AI and AI PCs offer, but also to get a grasp on shadow aI usage.
More than half -- 53% -- of end users say they use shadow AI, defined as AI that they know to be disallowed by their organization.
Put succinctly, shadow AI is real and quite troublesome. Here are a few data points:
While 72% of IT decision-makers (ITDMs) say their organization has an AI policy, just 44% of corporate knowledge workers say the same thing. So, there is a distinct lack of awareness of AI policy.
Fifty-three percent of ITDMs say AI enforcement is strict and consistent, compared to 36% of end users. More importantly, 30% of end users think IT trusts them to use AI with minimal oversight. Just 13% of ITDMs agree with that statement.
More than half -- 53% -- of end users say they use shadow AI, defined as AI that they know to be disallowed by their organization, and nearly half -- 45% -- say they suspect their co-workers are sharing confidential, privileged or private data with unauthorized AI tools.
There are a number of ways to deal with this, and I recently wrote about how blocking everything as a way of mitigating shadow AI can actually lead to more problems. Ultimately, the best approach will be a combination of blocking, policy and enforcement as part of an overall end-user AI strategy. With that in mind, I'm excited to see what SentinelOne does with Prompt Security.
Wrap-up
There are many other announcements coming out of Black Hat, but these ones stuck out to me because they align with the three most active areas that I cover. Unmanaged endpoints, especially those that aren't secured by alternative means, comprise about one-sixth of all endpoints in organizations, so products and services to help deal with that are very important.
With respect to browser apps, browser security and enterprise browsers, I've got plans to dig more deeply later this year with some research, and I can't wait to share that data when it's available.
Gabe Knuth is the principal analyst covering end-user computing for Enterprise Strategy Group, now part of Omdia.
Enterprise Strategy Group is part of Omdia. Its analysts have business relationships with technology vendors.
