Zscaler moved to deepen its Zero Trust platform with the acquisition of SquareX, targeting a growing gap in browser-based security as enterprises rely more heavily on SaaS, AI tools, and BYOD environments. The deal, which closed on February 5, 2026, expands Zscaler’s Zero Trust controls directly into standard browsers without requiring a full agent or a dedicated enterprise browser.
Zscaler built its business by helping enterprises move away from VPNs toward Zero Trust Network Access through Zscaler Private Access. With SquareX, the company now applies similar principles to unmanaged endpoints by embedding lightweight browser extensions that enforce security policies inside widely used browsers such as Google Chrome and Microsoft Edge. This approach aims to reduce reliance on virtual desktop infrastructure while maintaining visibility and control over user activity.
The company said SquareX’s technology allows enterprises to secure SaaS and private applications on any device, including third-party and personal systems, while applying granular policies tied to user risk and data sensitivity. Financial terms of the transaction were not disclosed.
- Extends Zero Trust protections directly into standard web browsers
- Targets unmanaged and BYOD devices without requiring full agents or VDI
- Supports secure access to SaaS and private applications
- Positions browser security as part of Zscaler’s broader Zero Trust Exchange platform
“Enterprises have historically relied on legacy VPNs and VDIs, but these technologies are fundamentally flawed and laden with security risks,” said Jay Chaudhry, CEO, Chairman, and Founder of Zscaler. “With SquareX, Zscaler is deepening our Zero Trust Exchange Platform’s capabilities in standard browsers, such as Google Chrome or Microsoft Edge, to stop threats without having to deploy a third-party enterprise browser.”
🌐 Analysis
Browser-based security has become a focal point as enterprises adopt AI-driven workflows and expand SaaS usage beyond managed endpoints. Zscaler’s move follows a broader industry trend toward in-browser controls, with competitors increasingly positioning browser isolation, extensions, and inline inspection as alternatives to VDI-heavy architectures.
Zscaler is a publicly traded cloud security company (NASDAQ: ZS) headquartered in San Jose, California, focused on securing users, devices, and applications using a zero-trust architecture delivered as a global cloud service. Founded in 2007 by CEO Jay Chaudhry, a serial entrepreneur with prior exits to Cisco and Nokia, Zscaler’s mission is to enable secure digital transformation by replacing legacy perimeter security with its cloud-native Zero Trust Exchange, a distributed platform that enforces policy between users and applications without exposing networks to the internet. Its core products include Zscaler Internet Access (ZIA) for secure web and SaaS access, Zscaler Private Access (ZPA) for zero-trust application connectivity, and Zscaler Digital Experience (ZDX) for end-to-end performance monitoring. The company operates a large, purpose-built global security cloud and holds intellectual property across policy enforcement, inline inspection, and identity-centric access control. Zscaler has expanded its platform through acquisitions—including Cloudneeti (CNAPP), ShiftRight (application security), and SquareX (browser security)—and partners broadly with cloud providers, identity platforms, and enterprise software vendors.
SquareX is a cybersecurity company focused on browser-native security, developing technology to secure web access on unmanaged and third-party devices without requiring a dedicated enterprise browser or full endpoint agent. Headquartered in Singapore, SquareX built a lightweight, policy-driven browser extension platform designed to enforce Zero Trust controls directly within any standard browser, addressing risks such as phishing, session hijacking, malicious extensions, and data exfiltration. The company’s core intellectual property centers on inline browser isolation, real-time threat detection, and fine-grained access controls that integrate with enterprise identity and security stacks. SquareX was founded by a team with backgrounds in enterprise security and cloud architectures, and gained traction with organizations seeking alternatives to VPNs and virtual desktop infrastructure for secure remote and BYOD access.