StrongestLayer this week sharpened its focus on emerging identity and email security threats, highlighting the growing risk of Adversary-in-the-Middle (AiTM) phishing that can bypass multi-factor authentication. The company used recent LinkedIn content to explain how attackers proxy legitimate login pages to steal session cookies even after successful MFA.
Claim 55% Off TipRanks
- Unlock hedge fund-level data and powerful investing tools for smarter, sharper decisions
- Discover top-performing stock ideas and upgrade to a portfolio of market leaders with Smart Investor Picks
StrongestLayer emphasized that traditional defenses such as secure email gateways and sandboxing often fail to detect these AiTM campaigns, as messages can appear benign and automated analysis may be blocked. By noting that more than 10,000 organizations have reportedly been impacted, the firm underscored a sizable gap in current enterprise security stacks.
The company framed these developments as evidence of rising demand for advanced identity and session-layer security, particularly in Microsoft-based environments where complex authentication workflows are common. If organizations seek additional protection beyond conventional MFA and email filtering, vendors addressing AiTM techniques could see an expanding addressable market.
In parallel, StrongestLayer reiterated its architecture-first approach to email and communication security amid accelerating AI-driven threats, including tools referenced in Anthropic’s Project Glasswing and Mythos. Management argued that these large language model attack capabilities do not require a major shift in the firm’s product roadmap.
Internal data shared by the company indicated that 56.8% of attacks bypassing secure email gateways use four or more evasion techniques, while 35.9% move the malicious step off email entirely. StrongestLayer contends this pattern validates behavior- and workflow-aware defenses that model payment approvals, CFO behavior, and vendor invoicing rather than relying solely on content analysis.
Executives described their strategy as exploiting the “gap between persuasion and consistency,” positioning this as more durable against future AI-native threats than language-only detection. This approach may support the firm’s competitive stance in a crowded email and communication security market as customers reassess risk models.
The company also expanded its thought-leadership efforts with the launch of a podcast called “The Reasoning,” hosted by CEO Alan LeFort and CCO Karen L. The first episode explored topics such as the 12–14 month cadence of AI capability shifts, attacker–defender asymmetry, and key questions CISOs should raise with vendors.
While StrongestLayer did not disclose new financial metrics or customer wins, the week’s communications reinforced its strategic focus on multi-vector, AI-enhanced and MFA-bypassing threats. Collectively, the updates suggest the firm is aiming to position itself as a specialized provider at the intersection of identity, email, and AI-era security challenges.