Research, insights, and practical guidance on browser extension security for enterprise IT and security teams.
99% of enterprise employees have at least one browser extension installed. Most IT teams have zero visibility into what those extensions can access — or whether any have been silently compromised. Here's what that means, and what to do about it.
A practical guide covering native Group Policy and registry-based extension management across Chrome, Edge, Firefox, and Brave on Windows — and where those tools fall short.
How managed preferences and plist-based policy work on macOS for Chrome, Edge, Firefox, Brave, and Safari — including what Safari extension management actually requires.
Eight criteria for evaluating browser extension management software — from cross-browser coverage and continuous inventory to risk scoring, MDM independence, and audit requirements.
Step-by-step instructions for blocking browser extensions across Chrome, Edge, Firefox, and Brave on Windows and macOS — covering blocklist vs allowlist, registry policy, and managed preferences.
A practical framework for creating and enforcing a browser extension security policy — risk tiers, approved and prohibited lists, request process, and the technical enforcement mechanisms that make it real.