Application Security

MirrorTab Raises $8.5M Seed Round to Take on Browser-Based Attacks

San Francisco startup secures $8.5 million in seed funding led by Valley Capital Partners to tackle browser-based malware attacks.

San Francisco startup secures $8.5 million in seed funding led by Valley Capital Partners to tackle browser-based malware attacks.

MirrorTab, a San Francisco startup building technology to neutralize malicious attacks at the browser layer, has secured $8.5 million in seed funding led by Valley Capital Partners.

The round, which also included GV, Ludlow Ventures, Altman Capital Fund, NextGen Venture Partners, and Alumni Ventures, underscores mounting investor interest in so-called “browser isolation” technologies — tools designed to protect both enterprises and end users from web-based threats.

Unlike traditional browser security products that shift user traffic through dedicated cloud servers, MirrorTab positions itself on the application side, intercepting and sanitizing a browser session before it ever reaches the customer’s device. The company argues this eliminates the traditional client-side attack surface — malware, malicious scripts, or compromised browser extensions — by preventing raw code or sensitive data from being exposed in the user’s environment.

“Using isolation technology, MirrorTab removes the browser as an attack surface, obfuscating data, code, and Application Programming Interfaces (APIs) to establish the most secure web sessions. This ensures that sensitive business, personal and financial information can be shared with confidence,” the company said in a statement announcing the new financing.

According to MirrorTab advisor Allison Miller, former CISO of Reddit, the MirrorTab technology “creates a secure, bot-proof wrapper” around sensitive web sessions. The company says that even if a customer’s device is infected, the session is still isolated from malicious code,  providing an advantage that could resonate with financial services, e-commerce, and government agencies increasingly worried about client-side attacks such as Magecart or formjacking.

“Browsers have become the battleground for hacking, bots, and malware,” said Brian Silverstein, CEO and founder of MirrorTab, noting that modern cyberattacks are leveraging browsers, AI and automation to evade detection, mimic human-like behavior, and execute attacks that cannot be prevented with typical web security controls.

Advertisement. Scroll to continue reading.

MirrorTab plans to use the seed capital to expand its platform capabilities and partnerships with existing security stacks like web application firewalls (WAFs) and bot management tools.

Related: Cybercriminals Make Millions With Ad Fraud Bot Farm

Related: Seraphic Attracts $29M Investment to Chase Enterprise Browser Business

Related: Surf Security Adds Deepfake Detection Tool to Enterprise Browser

Related: LayerX Raises $26 Million for Browser Security Platform

Related Content

Malware & Threats

Law enforcement and private partners took down 106 SocGholish C&C servers and domains as part of Operation Endgame.

Cybercrime

Dutch authorities seized command-and-control servers tied to a botnet of infected computers, smartphones, and tablets that was allegedly used to power a residential proxy...

Malware & Threats

Security firms took down all four command-and-control (C&C) channels used by the GlassWorm malware.

Cybercrime

Jacob Butler, 23, has been arrested in Canada and US authorities are seeking his extradition on computer hacking charges.

Malware & Threats

The exploitation of the command injection vulnerability started one year after public disclosure and PoC exploit code publication.

Malware & Threats

Focused on persistence, the botnet does not engage in widespread infection and avoids blacklisted IPs and critical infrastructure entities.

Cybercrime

Ilya Angelov was a member of the cybercrime group tracked as TA-551, Shathak, Gold Cabin, Monster Libra, and ATK236.

Cybercrime

The lesser-known JackSkid and Mossad botnets have also been targeted in the operation.

Copyright © 2026 SecurityWeek ®, a Wired Business Media Publication. All Rights Reserved.

Exit mobile version