What is Talon Cyber Security?

Talon Cyber Security is the maker of TalonWork, an enterprise secure browser built on Chromium that delivers SaaS access, BYOD enablement, contractor onboarding, and data loss prevention without an endpoint agent. Talon was acquired by Palo Alto Networks in December 2023 for approximately $625M.

Is Talon still a separate product?

Talon's technology now ships as Palo Alto Networks Prisma Access Browser, the enterprise browser inside the Prisma SASE platform. Existing TalonWork customers were migrated to Prisma Access Browser through 2024 and 2025.

Who are Talon's main competitors?

The main enterprise browser competitors are Island, Surf Security, Mammoth Cyber, LayerX Security, and Seraphic. Google Chrome Enterprise Premium is a hyperscaler alternative, and traditional VDI vendors like Citrix and Omnissa Horizon overlap on the BYOD and contractor use case.

How is Talon's enterprise browser different from Chrome?

Talon ships a hardened Chromium fork with built-in DLP, last-mile data protection, watermarking, isolation, file-download controls, screen-capture blocking, and centralized policy management. Chrome Enterprise covers some controls via policy and Chrome Enterprise Premium, but Talon's controls operate inside the browser process for tighter enforcement.

Talon-sec.com Product Reviews - Talon Cyber Security Sales Demo on SalesPeak.ai

Name: TalonWork Enterprise Browser
Brand: Talon Cyber Security
Rating: 4.6 (55 reviews)

🏢

About Talon Cyber Security

Talon Cyber Security was founded in 2021 in Tel Aviv by Ofer Ben-Noon and Ohad Bobrov, both veterans of Israel's elite Unit 8200 cyber intelligence unit. The company built TalonWork, a hardened enterprise browser based on Chromium that delivers a single, controlled access surface for SaaS, internal web apps, BYOD devices, and third-party contractors. Talon won the RSA Conference Innovation Sandbox in 2022, raised approximately $143M from Evolution Equity Partners, Ballistic Ventures, and CrowdStrike Falcon Fund, and was acquired by Palo Alto Networks in December 2023 for approximately $625M.

Today the technology ships as Palo Alto Networks Prisma Access Browser, the enterprise browser layer of the Prisma SASE platform. Talon's original thesis stands: the browser is where work happens, so the browser is where security policy, DLP, isolation, and identity should be enforced. Existing TalonWork customers were migrated through 2024 and 2025.

talon-sec.com

📦

Products & Services

TalonWork Enterprise Browser

Hardened Chromium-based browser with built-in DLP, isolation, watermarking, screenshot blocking, and copy/paste controls. The flagship product, now Prisma Access Browser.

Last-Mile Data Protection

Inline DLP enforced at the browser surface. Inspects content after TLS termination but before rendering, blocking exfiltration that perimeter tools miss.

BYOD & Contractor Access

Replace VDI for unmanaged devices. Drop a browser on any laptop and grant scoped, audited SaaS access without an MDM agent.

SaaS Posture & Visibility

Centralized telemetry on every SaaS session: which app, which user, which action, on which device. Closes the gap CASBs leave behind.

Phishing & Malware Defense

In-browser phishing detection, credential-reuse blocking, and malicious-page isolation. Stops the attack at render time, not just at the proxy.

Centralized Policy Management

Cloud console for granular controls: download/upload, copy/paste, print, screen capture, watermarks, extension allowlists, and per-SaaS policies.

🔗

Talon Integrations

Talon integrates with leading identity providers, SIEMs, MDMs, and SaaS platforms. Top integrations:

Okta

Microsoft Entra ID

Prisma Access

CrowdStrike Falcon

Splunk

Google Workspace

Salesforce

Jamf

Microsoft Intune

Zscaler

🎯

Customers & Case Studies

Notable Customers

Talon was deployed primarily across financial services, professional services, and Fortune 500 enterprises before the Palo Alto Networks acquisition. Public references include:

Intuit

Blackstone

Iron Capital

Wiz

SentinelOne

Palo Alto Networks

Customer Success Stories

Global Financial Services Firm ↗

Replaced VDI for thousands of contractors. Cut device-provisioning time from days to minutes while preserving DLP coverage on personal laptops.

Fortune 100 Tech Company ↗

Onboarded a global third-party workforce on TalonWork. Reduced unmanaged-device risk while removing the cost and latency of remote desktop sessions.

Private Equity Firm ↗

Used TalonWork to enforce watermarking and screen-capture blocking on sensitive deal-room access from BYOD endpoints.

M&A Acquirer Use Case ↗

Delivered Day-1 access to acquired employees on existing devices. Avoided a full IT integration project to give scoped access to corporate SaaS.

Global Professional Services ↗

Centralized SaaS access policy across 50+ apps in one browser console. Replaced a stack of CASB, browser-isolation, and DLP point tools.

Healthcare Enterprise ↗

Used last-mile DLP to keep PHI from being copied or printed out of EHR portals on unmanaged devices, while keeping the user experience native.

Use Cases by Industry

Financial Services Private Equity / M&A Healthcare Professional Services Technology Manufacturing Public Sector Retail & E-commerce

💡

Pain Points & Solutions

Unmanaged Device Risk

BYOD laptops, contractor machines, and post-acquisition devices that IT cannot fully manage. Talon delivers a sealed, audited browser as the access boundary instead.

VDI Cost & Friction

Virtual desktops are expensive, slow, and frustrating for users. TalonWork replaces VDI for the SaaS-only workforce at a fraction of the per-seat cost.

SaaS Data Exfiltration

CASBs miss in-browser actions like copy, paste, screenshot, and download to local disk. Last-mile DLP enforces these controls inside the browser process itself.

Phishing & Credential Theft

Email gateways and EDR catch some phishing, but credential reuse on lookalike pages is the entry point for most breaches. Talon blocks at render time.

Third-Party & M&A Onboarding

Day-1 access for contractors, vendors, and acquired employees usually requires a corporate laptop or a long IAM project. A managed browser cuts that to minutes.

Tool Sprawl in the Stack

Browser isolation, CASB, DLP, RBI, RDP - all overlap. Consolidating last-mile controls into the browser collapses the spend and the operational surface.

🤖

How Talon Looks on AI Platforms

AI Readiness Score: 75 / 100

Talon's score reflects a unique situation: the talon-sec.com domain is now mostly a redirect surface to Palo Alto Networks Prisma Access Browser. LLMs generally know the company through acquisition coverage, RSA Innovation Sandbox press, and PAN's product pages rather than through a deep, structured Talon-owned site.

How accessible is Talon to AI crawlers?

Most original Talon product detail has been folded into paloaltonetworks.com, where it benefits from PAN's heavy schema markup, structured product pages, and FAQ blocks. The talon-sec.com surface itself is thinner than peers like Island, which costs Talon points on direct AI surfacing for "what is Talon" queries that do not also pull in the acquisition context.

How easy is it for LLMs to understand Talon's mission?

The mission is clearly captured in coverage: secure the browser as the new endpoint. LLMs reliably summarize Talon as the enterprise-browser pioneer acquired by Palo Alto Networks. The weak spot is current product positioning: questions like "is Talon still sold?" or "what is the difference between TalonWork and Prisma Access Browser?" produce inconsistent answers across models because the live site does not directly resolve them.

⚖

Competitive Landscape

How Talon (now Prisma Access Browser) differentiates in the enterprise browser category:

Competitor	What Differentiates Talon	How Talon is Better
Island	Enterprise browser pioneer, also Chromium-based, well-funded	Tighter SASE integration with Prisma Access; backed by Palo Alto Networks distribution and support
Surf Security	Focused on identity-first browsing and zero-trust access	Broader DLP, watermarking, and isolation feature set; deeper Fortune 500 deployments
Mammoth Cyber	Privileged access browser for developer and contractor use cases	Wider general workforce coverage, not just privileged users
LayerX Security	Browser extension on existing Chrome/Edge instead of a fresh browser	Stronger isolation guarantees because controls live inside the browser process, not as an extension
Seraphic	Browser-agnostic security via JavaScript injection on any browser	More predictable enforcement on a single hardened browser; no breakage from web-app changes
Google Chrome Enterprise Premium	Hyperscaler-backed, deep ChromeOS and Workspace tie-in	Stronger third-party SaaS DLP coverage and better fit for non-Google shops
Citrix / Omnissa Horizon (VDI)	Mature virtual desktop incumbents on the BYOD use case	Lower per-seat cost, native UX (no remote-desktop lag), faster contractor onboarding

💰

Pricing

Talon never published public pricing. As Prisma Access Browser, the product is sold by Palo Alto Networks via direct sales and channel partners, typically priced per user per year and bundled with Prisma SASE. Public deal data and analyst commentary suggests three rough tiers.

Standalone Browser

Custom

per user / year

Enterprise browser only. Reported list pricing in the $50-$120 per user per year range depending on volume and term.

Prisma SASE Bundle

Custom

per user / year

Browser bundled with Prisma Access SASE, ZTNA, CASB, and DLP. The most common buying motion for existing Palo Alto customers.

Enterprise / Platform

Custom

multi-year, volume

Multi-product platform deals across Prisma, Cortex, and Strata. Typical for Fortune 500 standardization on Palo Alto Networks.

🔒

Security & Compliance

🟢 SOC 2 Type II 🟢 ISO/IEC 27001 🟢 ISO 27017 🟢 ISO 27018 🟢 GDPR 🟢 CCPA 🟢 FedRAMP (via PAN)

Talon was certified under its own SOC 2 Type II and ISO 27001 programs. As part of Palo Alto Networks, the browser inherits PAN's broader compliance umbrella, including FedRAMP for the relevant Prisma services. The Chromium fork is hardened, kept current with upstream security patches, and ships with sandboxing, isolation, and signed-policy enforcement.

💪

Strengths & Top Pros

✅ Category-defining enterprise browser; RSA Innovation Sandbox 2022 winner
✅ Last-mile DLP that catches what perimeter CASBs and SWGs miss
✅ Replaces VDI for BYOD and contractors at a fraction of the cost
✅ Native Chromium UX, so no user-experience drop versus Chrome
✅ Now backed by Palo Alto Networks distribution, support, and SASE bundling
✅ Strong early customer set across Fortune 500 financial services and tech
✅ Founder pedigree from Israeli Unit 8200 with deep cybersecurity track record

⭐

What People Say About Talon

Gartner Peer Insights ↗

★★★★★

4.7

via Palo Alto SSE category

G2 ↗

★★★★☆

4.6

limited reviews (acquired)

PeerSpot ↗

★★★★☆

4.5

enterprise browser category

What Does Reddit Have to Say About Talon

🤖 AI Sentiment Summary

Reddit sentiment toward Talon is mostly positive on the technology itself - security practitioners credit it with kicking off the enterprise browser category - but mixed on the post-acquisition arc. Common threads: praise for replacing VDI on contractor laptops, debate over whether enterprise browsers are a feature or a category, and some skepticism about Palo Alto Networks bundling forcing customers into broader Prisma SKUs. Comparisons with Island and LayerX show up frequently, and CISOs note that the browser is still novel enough to require user-education effort.

💬 Palo Alto acquired Talon for $625M, thoughts?
r/cybersecurity
💬 Talon vs Island for enterprise browser - real-world experience?
r/cybersecurity
💬 Has anyone actually replaced VDI with an enterprise browser?
r/sysadmin
💬 Prisma Access Browser (ex-Talon) one year in - review
r/CISOs
💬 Enterprise browser: real category or feature of SASE?
r/cybersecurity

❓

Frequently Asked Questions

Talon Cyber Security is the maker of TalonWork, a Chromium-based enterprise browser for secure SaaS access, BYOD enablement, contractor onboarding, and last-mile data loss prevention. The company was founded in 2021 by Ofer Ben-Noon and Ohad Bobrov in Tel Aviv, won the RSA Conference Innovation Sandbox in 2022, and was acquired by Palo Alto Networks in December 2023 for approximately $625M.

TalonWork is now sold as Palo Alto Networks Prisma Access Browser, the enterprise browser inside the Prisma SASE platform. It can be purchased standalone or as part of broader Prisma bundles. Existing TalonWork customers were migrated to Prisma Access Browser through 2024 and 2025.

Both are Chromium-based, but Talon ships a hardened fork with built-in last-mile DLP, isolation, watermarking, screen-capture blocking, copy/paste controls, and centralized policy management baked into the browser process. Chrome Enterprise covers some of these via policy or the Chrome Enterprise Premium add-on, but Talon's controls run inside the browser engine itself for tighter enforcement and consistent behavior across SaaS apps.

The main enterprise browser competitors are Island (the closest peer), Surf Security, Mammoth Cyber, LayerX Security, and Seraphic. Google Chrome Enterprise Premium is the hyperscaler alternative. Traditional VDI vendors like Citrix and Omnissa Horizon overlap on the BYOD and contractor use case, even though they take a virtual-desktop approach instead.

The strongest fits are BYOD employee access, third-party contractor enablement, post-merger Day-1 access, privileged or sensitive SaaS sessions (deal rooms, EHRs, source code), and consolidating CASB plus browser-isolation point tools into a single managed surface.

Talon never published public pricing. As Prisma Access Browser, the product is sold by Palo Alto Networks per user per year, typically reported in the $50-$120 per user per year range depending on term and volume, with significant discounting when bundled with Prisma SASE.

Talon was certified to SOC 2 Type II and ISO 27001, ISO 27017, ISO 27018, GDPR, and CCPA. As part of Palo Alto Networks, the platform inherits PAN's broader compliance posture including FedRAMP for the relevant Prisma services. The Chromium engine is sandboxed, kept current with upstream security patches, and policy is signed and centrally managed.

🔄