Cybersecurity firm Sophos is widening its bet on hybrid work security, rolling out a browser-centric product aimed at companies struggling to control cloud apps and employee use of AI tools. The move puts the cybersecurity firm into more direct competition with heavyweight secure access service edge vendors, while pitching a cheaper and less complex option for mid-market customers.
Sophos on Tuesday unveiled Workspace Protection, a new bundle built around its Protected Browser, developed with Island. The product is designed to secure work that happens in the browser, where Sophos says most corporate activity now lives, and to give IT teams clearer sight of shadow IT and unsanctioned AI use.
The launch matters because hybrid work has pushed security controls away from the office network and into SaaS apps, browsers and personal devices. Many firms have responded by layering multiple cloud security tools, often at high cost and with limited visibility over what staff actually do online.
Sophos is taking a different route.
Instead of routing traffic through central gateways, Workspace Protection applies controls directly inside the browser and on the endpoint. That lets policies follow users across locations, devices and networks, without forcing companies to rebuild their infrastructure.
At the centre is the Sophos Protected Browser, a Chromium-based enterprise browser that allows firms to manage app access, restrict data handling and monitor web activity. It plugs into Sophos Central, the company’s management console, and surfaces usage of unapproved apps and AI tools across the organisation.
That visibility is becoming urgent. More than half of employees now use AI tools at work, often without clear rules or oversight, according to industry research cited by Sophos. For security teams, the risk is less about malware and more about data leaking into third-party models.
“Security teams are getting crushed by complexity as hybrid work, SaaS and AI collide,” said Mike Jude, a research director at IDC. He said Sophos’ approach delivers outcomes associated with SASE and secure service edge models, but through the browser and endpoint rather than new network layers.
Workspace Protection bundles several existing Sophos tools with the new browser layer. These include zero trust network access for private apps, DNS-based threat blocking, and an email monitoring add-on for Google and Microsoft environments. Customers can deploy the pieces together or pick specific components.
For Sophos, the strategy leans on its installed base of endpoint security customers, many of whom lack the budget or staff to run full SASE stacks. It also deepens its partnership with Island, whose enterprise browser technology underpins the product.
“Work today demands tighter control of apps and data, not more boxes to manage,” said Joe Levy, Sophos’ chief executive, adding that browser-level controls give firms a more direct way to govern AI use.
Workspace Protection will be available to Sophos customers and partners from February 2026.
