[{"data":1,"prerenderedAt":2820},["ShallowReactive",2],{"application-flags":3,"navbar":7,"always-visible-banner":95,"navbar-about-highlight":155,"navbar-resource-highlight":211,"use-case-page":256,"blog/third-party-risk-management":1276},[4],{"name":5,"enabled":6},"maintenanceMode",false,[8,59,76],{"createdDate":9,"id":10,"name":11,"modelId":12,"published":13,"stageModifiedSincePublish":6,"query":14,"data":15,"variations":50,"lastUpdated":51,"firstPublished":52,"testRatio":33,"createdBy":53,"lastUpdatedBy":53,"folders":54,"meta":55,"rev":58},1742213002749,"efff2a27faf4408e9f908eba4b5542fe","inductive-automation","1c6207a5f24948ab82d4a0b17f251193","published",[],{"testimonial":16,"description":43,"type":19,"link":44,"title":47,"testimonialLink":48,"image":49},{"@type":17,"id":18,"model":19,"value":20},"@builder.io/core:Reference","f028f2b685bb47cd8bf9e82a26dd5a79","testimonial",{"query":21,"folders":22,"createdDate":23,"id":18,"name":24,"modelId":25,"published":13,"data":26,"variations":30,"lastUpdated":31,"firstPublished":32,"testRatio":33,"createdBy":34,"lastUpdatedBy":34,"meta":35,"rev":42},[],[],1735823466309,"We found Push to be more accurate when compared to competitors and the browser agent offered features that others couldn’t match.","42035571a56940ac98bff4544aa79aa5",{"author":27,"jobTitle":28,"quote":24,"image":29},"Jason Waits","\u003Cp>CISO at Inductive Automation\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Ff04c0c0689ce4a89ac0f0708d78c0a07",{},1735910703862,1735823501152,1,"ST0tXQM8slWpFrmioqKHmENB2qe2",{"kind":36,"lastPreviewUrl":37,"breakpoints":38,"hasAutosaves":41},"data","",{"small":39,"medium":40},640,768,true,"3v32gocrrqz","Join the industry's top security minds as they break down the browser attack landscape.",{"url":45,"text":46},"https://pushsecurity.com/webinar/state-of-browser-security","Save Your Spot","State of Browser Attacks Series","/customer-stories/inductive-automation","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fe94fca10aa7b46ac8052b7ea22de54cd",{},1776257019270,1742221533648,"CydmZnOWU1XuAaLhEDCoYNM4Z8W2",[],{"breakpoints":56,"kind":36,"lastPreviewUrl":37,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},320,"motto9r9yg",{"createdDate":60,"id":61,"name":62,"modelId":12,"published":13,"query":63,"data":64,"variations":69,"lastUpdated":70,"firstPublished":71,"testRatio":33,"createdBy":53,"lastUpdatedBy":72,"folders":73,"meta":74,"rev":58},1742208588866,"1c7a4e423bf54ac1a328bb4063459ef2","Banner",[],{"type":65,"url":66,"text":67,"link":68},"web-banner","https://pushsecurity.com/resources/browser-attacks-report","Get our latest report analyzing browser attack techniques in 2026",{},{},1774258294825,1742208637545,"jKjF9r5jcvXU8tzZEfFQm31Iyvr2",[],{"kind":36,"lastPreviewUrl":37,"breakpoints":75,"hasAutosaves":41},{"xsmall":57,"small":39,"medium":40},{"createdDate":77,"id":78,"name":79,"modelId":12,"published":13,"stageModifiedSincePublish":6,"query":80,"data":81,"variations":89,"lastUpdated":90,"firstPublished":91,"testRatio":33,"createdBy":53,"lastUpdatedBy":53,"folders":92,"meta":93,"rev":58},1742208469288,"6763051b201f44a0838c6400c580ca67","Resource highlight",[],{"image":82,"type":83,"description":84,"link":85,"title":88},"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F7b4a5ebf81d64e8c9d7fc35f6c96c4a9","resource","Learn about the latest techniques being used in the wild.",{"url":86,"text":87},"/resources/browser-attacks-report","Download now","Report: 2026 Browser Attack Techniques",{},1776255866789,1742208570400,[],{"kind":36,"lastPreviewUrl":37,"breakpoints":94,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},{"createdDate":96,"id":97,"name":98,"modelId":99,"published":13,"query":100,"data":101,"variations":145,"lastUpdated":146,"firstPublished":147,"testRatio":33,"createdBy":34,"lastUpdatedBy":148,"folders":149,"meta":150,"rev":154},1774965361051,"fd266d0172cc47429be7ad10f48c99ad","always visible banner","0678d178ec8b41efb8a23c09dba7874d",[],{"ctaText":102,"text":103,"url":37,"blocks":104,"state":141},"ewrererw","testrfesssssssssss",[105,129],{"@type":106,"@version":107,"id":108,"component":109,"responsiveStyles":119},"@builder.io/sdk:Element",2,"builder-ca12c06a52de41d7b8743da53118cd38",{"name":110,"tag":110,"options":111,"isRSC":118},"TopBannerContent",{"text":112,"ctaText":46,"url":45,"mainText":113,"cta":116},"New Webinar Series: Join John Hammond, Troy Hunt, and Matt Johansen for the State of Browser Attacks",{"content":114,"fontSize":115},"\u003Cp>New Webinar Series: Join John Hammond, Troy Hunt, and Matt Johansen for the State of Browser Attacks\u003C/p>","text-base",{"content":117,"fontSize":115,"url":45},"\u003Cp>\u003Cstrong style=\"font-weight:700;\">Save Your Spot\u003C/strong>\u003C/p>\n",null,{"large":120},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"marginTop":126,"marginBottom":126,"fontSize":127,"fontWeight":128},"flex","column","relative","0","border-box",".56rem","1.125rem","700",{"id":130,"@type":106,"tagName":131,"properties":132,"responsiveStyles":136},"builder-pixel-08zrjigffq5t","img",{"src":133,"aria-hidden":134,"alt":37,"role":135,"width":124,"height":124},"https://cdn.builder.io/api/v1/pixel?apiKey=f3a1111ff5be48cdbb123cd9f5795a05","true","presentation",{"large":137},{"height":124,"width":124,"display":138,"opacity":124,"overflow":139,"pointerEvents":140},"block","hidden","none",{"deviceSize":142,"location":143},"large",{"path":37,"query":144},{},{},1775137295127,1774968080803,"ax7YYfD0OCeqT1Vxxv1G4FUbqVr1",[],{"breakpoints":151,"hasLinks":6,"kind":152,"lastPreviewUrl":153,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},"component","https://pushsecurity.com/?builder.space=f3a1111ff5be48cdbb123cd9f5795a05&builder.user.permissions=read%2Ccreate%2Cpublish%2CeditCode%2CeditDesigns%2CeditLayouts%2CeditLayers%2CeditContentPriority%2CeditFolders%2CeditProjects%2CmodifyMcpServers%2CmodifyWorkflowIntegrations%2CmodifyProjectSettings%2CconnectCodeRepository%2CcreateProjects%2CindexDesignSystems%2CsendPullRequests%2CmergePullRequests&builder.user.role.name=Developer&builder.user.role.id=developer&builder.cachebust=true&builder.preview=always-visible-banner&builder.noCache=true&builder.allowTextEdit=true&__builder_editing__=true&builder.overrides.always-visible-banner=fd266d0172cc47429be7ad10f48c99ad&builder.overrides.fd266d0172cc47429be7ad10f48c99ad=fd266d0172cc47429be7ad10f48c99ad&builder.options.locale=Default","2lvuonnywj",[156,180],{"createdDate":157,"id":158,"name":159,"modelId":160,"published":13,"stageModifiedSincePublish":6,"query":161,"data":162,"variations":173,"lastUpdated":174,"firstPublished":175,"testRatio":33,"createdBy":53,"lastUpdatedBy":53,"folders":176,"meta":177,"rev":179},1776247359804,"9136a8f18b3b4a6ba29b8653a99372b1","testimonial-inductive-automation","20d9eaa352304613b3d1a794b400703d",[],{"link":163,"type":19,"testimonialLink":48,"testimonial":164},{},{"@type":17,"id":18,"model":19,"value":165},{"query":166,"folders":167,"createdDate":23,"id":18,"name":24,"modelId":25,"published":13,"data":168,"variations":169,"lastUpdated":31,"firstPublished":32,"testRatio":33,"createdBy":34,"lastUpdatedBy":34,"meta":170,"rev":172},[],[],{"author":27,"jobTitle":28,"quote":24,"image":29},{},{"kind":36,"lastPreviewUrl":37,"breakpoints":171,"hasAutosaves":41},{"small":39,"medium":40},"7t755zfvte3",{},1776247404986,1776247404973,[],{"breakpoints":178,"kind":36,"lastPreviewUrl":37,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},"4moh0qpywtr",{"createdDate":181,"id":182,"name":88,"modelId":160,"published":13,"meta":183,"stageModifiedSincePublish":6,"query":185,"data":186,"variations":207,"lastUpdated":208,"firstPublished":209,"testRatio":33,"createdBy":53,"lastUpdatedBy":53,"folders":210,"rev":179},1776255761419,"05a9322735fc427db12e2740e4302300",{"breakpoints":184,"kind":36,"lastPreviewUrl":37,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},[],{"testimonial":187,"link":206,"type":83,"title":88,"description":84,"image":82},{"@type":17,"id":188,"model":19,"value":189},"192acbb1f9ca4cac918c0ec435a8bae3",{"query":190,"folders":191,"createdDate":192,"id":188,"name":193,"modelId":25,"published":13,"data":194,"variations":200,"lastUpdated":201,"firstPublished":202,"testRatio":33,"createdBy":34,"lastUpdatedBy":53,"meta":203,"rev":205},[],[],1728981467463,"Push does for identity what CrowdStrike did for the endpoint",{"video":195,"jobTitle":196,"author":197,"qoute":37,"quote":198,"image":199},"https://cdn.builder.io/o/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F8b30e8ca50064058bbaef0f3c6164575%2Fcompressed?apiKey=f3a1111ff5be48cdbb123cd9f5795a05&token=8b30e8ca50064058bbaef0f3c6164575&alt=media&optimized=true","\u003Cp>Deputy CISO at Microsoft\u003C/p>\u003Cp>Former LinkedIn, Slack, Palantir\u003C/p>","Geoff Belknap","Push does for identity what CrowdStrike did for the endpoint.","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F748f0ad0a5064a00a13f4721fcc8dea1",{},1742902158597,1728981782923,{"kind":36,"lastPreviewUrl":37,"breakpoints":204,"hasAutosaves":41},{"small":39,"medium":40},"6s8ic0w0ao6",{"text":87,"url":86},{},1776255810913,1776255810900,[],[212,235],{"createdDate":213,"id":214,"name":88,"modelId":215,"published":13,"meta":216,"stageModifiedSincePublish":6,"query":218,"data":219,"variations":230,"lastUpdated":231,"firstPublished":232,"testRatio":33,"createdBy":53,"lastUpdatedBy":53,"folders":233,"rev":234},1776256900280,"1f429607996e4e5fae8fe3f9b9610e55","4829faa81e7c4ee8bd2d000e160e8d3c",{"breakpoints":217,"kind":36,"lastPreviewUrl":37,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},[],{"testimonial":220,"link":229,"type":83,"title":88,"description":84,"image":82},{"@type":17,"id":188,"model":19,"value":221},{"query":222,"folders":223,"createdDate":192,"id":188,"name":193,"modelId":25,"published":13,"data":224,"variations":225,"lastUpdated":201,"firstPublished":202,"testRatio":33,"createdBy":34,"lastUpdatedBy":53,"meta":226,"rev":228},[],[],{"video":195,"jobTitle":196,"author":197,"qoute":37,"quote":198,"image":199},{},{"kind":36,"lastPreviewUrl":37,"breakpoints":227,"hasAutosaves":41},{"small":39,"medium":40},"r77qqueuo3j",{"text":87,"url":86},{},1776256937553,1776256937540,[],"q0jkez80wkg",{"createdDate":236,"id":237,"name":11,"modelId":215,"published":13,"stageModifiedSincePublish":6,"query":238,"data":239,"variations":250,"lastUpdated":251,"firstPublished":252,"testRatio":33,"createdBy":53,"lastUpdatedBy":53,"folders":253,"meta":254,"rev":234},1776256949234,"ce043785b71b4ece98eac811ecf4ba10",[],{"link":240,"type":19,"testimonial":241,"testimonialLink":48},{},{"@type":17,"id":18,"model":19,"value":242},{"query":243,"folders":244,"createdDate":23,"id":18,"name":24,"modelId":25,"published":13,"data":245,"variations":246,"lastUpdated":31,"firstPublished":32,"testRatio":33,"createdBy":34,"lastUpdatedBy":34,"meta":247,"rev":249},[],[],{"author":27,"jobTitle":28,"quote":24,"image":29},{},{"kind":36,"lastPreviewUrl":37,"breakpoints":248,"hasAutosaves":41},{"small":39,"medium":40},"mnaneamy308",{},1776256974140,1776256974130,[],{"breakpoints":255,"kind":36,"lastPreviewUrl":37,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},[257,441,560,679,797,917,1037,1157],{"createdDate":258,"id":259,"name":260,"modelId":261,"published":13,"stageModifiedSincePublish":6,"query":262,"data":268,"variations":429,"lastUpdated":430,"firstPublished":431,"testRatio":33,"screenshot":432,"createdBy":34,"lastUpdatedBy":433,"folders":434,"meta":435,"rev":440},1744829487099,"387451215c314dd5bd654668cdc1a197","Zero-day phishing","cca4143377554c5a9163cc203a8ed2ba",[263],{"@type":264,"property":265,"operator":266,"value":267},"@builder.io/core:Query","urlPath","is","/uc/zero-day-phishing-protection",{"inputs":269,"customFonts":270,"seoTitle":318,"title":318,"tsCode":37,"seoDescription":319,"fontAwesomeIcon":320,"jsCode":37,"blocks":321,"url":267,"state":426},[],[271],{"family":272,"kind":273,"version":274,"lastModified":275,"files":276,"category":295,"menu":296,"subsets":297,"variants":300},"DM Sans","webfonts#webfont","v14","2023-07-13",{"100":277,"200":278,"300":279,"500":280,"600":281,"700":282,"800":283,"900":284,"800italic":285,"900italic":286,"700italic":287,"100italic":288,"italic":289,"regular":290,"200italic":291,"500italic":292,"300italic":293,"600italic":294},"https://fonts.gstatic.com/s/dmsans/v14/rP2tp2ywxg089UriI5-g4vlH9VoD8CmcqZG40F9JadbnoEwAop1hTmf3ZGMZpg.ttf","https://fonts.gstatic.com/s/dmsans/v14/rP2tp2ywxg089UriI5-g4vlH9VoD8CmcqZG40F9JadbnoEwAIpxhTmf3ZGMZpg.ttf","https://fonts.gstatic.com/s/dmsans/v14/rP2tp2ywxg089UriI5-g4vlH9VoD8CmcqZG40F9JadbnoEwA_JxhTmf3ZGMZpg.ttf","https://fonts.gstatic.com/s/dmsans/v14/rP2tp2ywxg089UriI5-g4vlH9VoD8CmcqZG40F9JadbnoEwAkJxhTmf3ZGMZpg.ttf","https://fonts.gstatic.com/s/dmsans/v14/rP2tp2ywxg089UriI5-g4vlH9VoD8CmcqZG40F9JadbnoEwAfJthTmf3ZGMZpg.ttf","https://fonts.gstatic.com/s/dmsans/v14/rP2tp2ywxg089UriI5-g4vlH9VoD8CmcqZG40F9JadbnoEwARZthTmf3ZGMZpg.ttf","https://fonts.gstatic.com/s/dmsans/v14/rP2tp2ywxg089UriI5-g4vlH9VoD8CmcqZG40F9JadbnoEwAIpthTmf3ZGMZpg.ttf","https://fonts.gstatic.com/s/dmsans/v14/rP2tp2ywxg089UriI5-g4vlH9VoD8CmcqZG40F9JadbnoEwAC5thTmf3ZGMZpg.ttf","https://fonts.gstatic.com/s/dmsans/v14/rP2rp2ywxg089UriCZaSExd86J3t9jz86Mvy4qCRAL19DksVat8JCm3zRmYJpso5.ttf","https://fonts.gstatic.com/s/dmsans/v14/rP2rp2ywxg089UriCZaSExd86J3t9jz86Mvy4qCRAL19DksVat8gCm3zRmYJpso5.ttf","https://fonts.gstatic.com/s/dmsans/v14/rP2rp2ywxg089UriCZaSExd86J3t9jz86Mvy4qCRAL19DksVat9uCm3zRmYJpso5.ttf","https://fonts.gstatic.com/s/dmsans/v14/rP2rp2ywxg089UriCZaSExd86J3t9jz86Mvy4qCRAL19DksVat-JDG3zRmYJpso5.ttf","https://fonts.gstatic.com/s/dmsans/v14/rP2rp2ywxg089UriCZaSExd86J3t9jz86Mvy4qCRAL19DksVat-JDW3zRmYJpso5.ttf","https://fonts.gstatic.com/s/dmsans/v14/rP2tp2ywxg089UriI5-g4vlH9VoD8CmcqZG40F9JadbnoEwAopxhTmf3ZGMZpg.ttf","https://fonts.gstatic.com/s/dmsans/v14/rP2rp2ywxg089UriCZaSExd86J3t9jz86Mvy4qCRAL19DksVat8JDW3zRmYJpso5.ttf","https://fonts.gstatic.com/s/dmsans/v14/rP2rp2ywxg089UriCZaSExd86J3t9jz86Mvy4qCRAL19DksVat-7DW3zRmYJpso5.ttf","https://fonts.gstatic.com/s/dmsans/v14/rP2rp2ywxg089UriCZaSExd86J3t9jz86Mvy4qCRAL19DksVat_XDW3zRmYJpso5.ttf","https://fonts.gstatic.com/s/dmsans/v14/rP2rp2ywxg089UriCZaSExd86J3t9jz86Mvy4qCRAL19DksVat9XCm3zRmYJpso5.ttf","sans-serif","https://fonts.gstatic.com/s/dmsans/v14/rP2tp2ywxg089UriI5-g4vlH9VoD8CmcqZG40F9JadbnoEwAopxRT23z.ttf",[298,299],"latin","latin-ext",[301,302,303,304,305,306,128,307,308,309,310,311,312,313,314,315,316,317],"100","200","300","regular","500","600","800","900","100italic","200italic","300italic","italic","500italic","600italic","700italic","800italic","900italic","Zero-day phishing protection","Detect phishing TTPs directly in the browser and stop credential theft.","faFishingRod",[322,421],{"@type":106,"@version":107,"tagName":323,"id":324,"children":325},"div","builder-76c6b8d1499346c7bc1fd56ae4e93638",[326,343,351,358,370,385,396,407,413],{"@type":106,"@version":107,"layerName":327,"id":328,"component":329,"responsiveStyles":340},"UseCaseHero","builder-5228fe062bef4a40a91e43f1112832fa",{"name":327,"options":330,"isRSC":118},{"title":318,"description":331,"points":332,"video":339},"\u003Cp>Push detects phishing as it happens. Autonomous agents hunt for new phishing techniques, identify kit signatures, and deploy detections within minutes of a new attack being analyzed. From cloned login pages to AiTM credential harvesting, Push sees what traditional filters miss and stops threats before they escalate.\u003C/p>",[333,335,337],{"item":334},"Detect phishing that bypasses traditional filters, including AiTM, SSO password theft, and fake login pages",{"item":336},"Stop never-before-seen attacks with AI-native behavioral and on-page analysis inside the browser",{"item":338},"Investigate faster with unified browser, user, and page context","https://cdn.builder.io/o/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F40433ceeb4f94b43a82e039a0f4fd411%2Fcompressed?apiKey=f3a1111ff5be48cdbb123cd9f5795a05&token=40433ceeb4f94b43a82e039a0f4fd411&alt=media&optimized=true",{"large":341},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"backgroundColor":342},"transparent",{"@type":106,"@version":107,"id":344,"component":345,"responsiveStyles":348},"builder-96634044407e491299e291ed64669e39",{"name":346,"options":347,"isRSC":118},"TrustedBy",{"AllPartners":41,"backgroundTransparent":6},{"large":349},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"backgroundColor":350},"#000",{"@type":106,"@version":107,"id":352,"component":353,"responsiveStyles":356},"builder-2c3768f930534557bb8978e32b6a6a0f",{"name":354,"options":355,"isRSC":118},"Diagonal",{"darkMode":41},{"large":357},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125},{"@type":106,"@version":107,"layerName":359,"id":360,"component":361,"responsiveStyles":368},"TextImageBlockVertical","builder-7c3c1c2840424db2ad2ccbfaf382dd64",{"name":359,"tag":359,"options":362,"isRSC":118},{"darkMode":6,"maxWidth":363,"maxTextWidth":364,"title":365,"description":366,"animatedTitle":37,"image":367,"reverse":6,"descriptionPaddingHorizontal":118},1200,800,"\u003Ch2>Why stop at the inbox?\u003C/h2>","\u003Cp>Phishing attacks have evolved. Whether attackers lure users with QR codes, instant messages, or OAuth consent screens, the outcome is the same: it plays out in the browser. Push gives you real-time detection for in-browser threats, stopping phishing and consent-based attacks before they lead to compromise\u003C/p>\u003Cp>\u003Cbr>\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F7fdcac241f0e4a049166d7076858adeb",{"large":369},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125},{"@type":106,"@version":107,"id":371,"component":372,"responsiveStyles":380},"builder-41c978b3669749cf947e622b4e79e4d7",{"name":373,"options":374,"isRSC":118},"TextImageBlockHorizontal",{"darkMode":6,"maxWidth":363,"imageMaxWidth":375,"textPaddingTop":376,"title":377,"description":378,"reverse":41,"image":379},600,100,"\u003Cp>Detect phishing at the edge\u003C/p>","\u003Cp>Push uses industry-first telemetry to detect phishing based on behavior, not static indicators. Autonomous agents analyze how phishing pages behave and how users interact with them, uncovering fake logins, credential theft, and phishing kits the moment they load in the browser.\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F9df3d180c97b4e61af142af2ccd68721",{"large":381},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"fontFamily":382,"paddingTop":383,"marginTop":384},"DM Sans, sans-serif","20px","0px",{"@type":106,"@version":107,"id":386,"component":387,"responsiveStyles":393},"builder-d2a7bc941feb43cdb898bc116b203cf9",{"name":373,"options":388,"isRSC":118},{"darkMode":6,"maxWidth":363,"imageMaxWidth":375,"textPaddingTop":389,"title":390,"description":391,"reverse":6,"image":392},120,"\u003Ch2>Go beyond blocklists and IOCs\u003C/h2>","\u003Cp>Push goes beyond URLs and easy-to-change indicators. It reads the full phishing playbook like script behavior, session hijacks, DOM changes, user inputs, then connects the dots in real time. This gives your team a complete picture of how the phishing attempt worked, not just an alert.\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fabfd58db169b433e96d3f1261797156e",{"large":394},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"paddingTop":395},"36px",{"@type":106,"@version":107,"layerName":373,"id":397,"component":398,"responsiveStyles":404},"builder-42c32198083f4880acb37c5cb76934da",{"name":373,"options":399,"isRSC":118},{"darkMode":6,"maxWidth":363,"imageMaxWidth":375,"textPaddingTop":400,"title":401,"description":402,"reverse":41,"image":403},140,"\u003Ch2>Enhance your phishing response\u003C/h2>","\u003Cp>When phishing enters your environment, speed matters. Push gives you instant access to the telemetry that counts like session data, user behavior, and page activity, so you can investigate fast, trigger in-browser prompts, or forward alerts to your SIEM or SOAR for response. All in real time, right from the browser.\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fbb195aec46904056b85e8688629e558e",{"large":405},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"paddingTop":406},"47px",{"@type":106,"@version":107,"id":408,"component":409,"responsiveStyles":411},"builder-9a95b9cbc4854421a92ef7b90f6c7adb",{"name":354,"options":410,"isRSC":118},{"darkMode":6},{"large":412},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125},{"@type":106,"@version":107,"id":414,"component":415,"responsiveStyles":419},"builder-0afa17a9f25c4661a90f314d5578aa18",{"name":416,"tag":416,"options":417,"isRSC":118},"LatestResources",{"sectionHeading":37,"customClass":418},"bg-black",{"large":420},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125},{"id":422,"@type":106,"tagName":131,"properties":423,"responsiveStyles":424},"builder-pixel-21yj6h3p4wh",{"src":133,"aria-hidden":134,"alt":37,"role":135,"width":124,"height":124},{"large":425},{"height":124,"width":124,"display":138,"opacity":124,"overflow":139,"pointerEvents":140},{"deviceSize":142,"location":427},{"path":37,"query":428},{},{},1776275046831,1745499158657,"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fff60c30a8442489c8ed7e0af9599d14f","kYgMv6WsbvfmlOUYqR2SFwGzw6e2",[],{"lastPreviewUrl":436,"winningTest":118,"breakpoints":437,"kind":438,"hasLinks":6,"originalContentId":439,"hasAutosaves":6},"https://pushsecurity.com/uc/zero-day-phishing-protection?builder.space=f3a1111ff5be48cdbb123cd9f5795a05&builder.user.permissions=read%2Ccreate%2Cpublish%2CeditDesigns%2CeditLayouts%2CeditLayers%2CeditContentPriority%2CeditFolders%2CcreateProjects%2CsendPullRequests&builder.user.role.name=Designer&builder.user.role.id=creator&builder.cachebust=true&builder.preview=use-case-page&builder.noCache=true&builder.allowTextEdit=true&__builder_editing__=true&builder.overrides.use-case-page=387451215c314dd5bd654668cdc1a197&builder.overrides.387451215c314dd5bd654668cdc1a197=387451215c314dd5bd654668cdc1a197&builder.overrides.use-case-page:/uc/zero-day-phishing-protection=387451215c314dd5bd654668cdc1a197&builder.options.locale=Default",{"xsmall":57,"small":39,"medium":40},"page","2daa5670b8504fc7ba4700633e8bd921","atvz4dp24b7",{"createdDate":442,"id":443,"name":444,"modelId":261,"published":13,"stageModifiedSincePublish":6,"query":445,"data":448,"variations":552,"lastUpdated":553,"firstPublished":554,"testRatio":33,"screenshot":555,"createdBy":34,"lastUpdatedBy":433,"folders":556,"meta":557,"rev":440},1756833377777,"54f8256648f54d439303734b1e69221b","Browser extension security",[446],{"@type":264,"property":265,"operator":266,"value":447},"/uc/browser-extension-security",{"seoDescription":449,"jsCode":37,"fontAwesomeIcon":450,"tsCode":37,"title":444,"seoTitle":444,"customFonts":451,"inputs":456,"blocks":457,"url":447,"state":549},"Shine a light on risky browser extensions.","faPuzzlePiece",[452],{"kind":273,"family":272,"version":274,"files":453,"category":295,"lastModified":275,"subsets":454,"variants":455,"menu":296},{"100":277,"200":278,"300":279,"500":280,"600":281,"700":282,"800":283,"900":284,"100italic":288,"italic":289,"regular":290,"900italic":286,"800italic":285,"700italic":287,"200italic":291,"300italic":293,"500italic":292,"600italic":294},[298,299],[301,302,303,304,305,306,128,307,308,309,310,311,312,313,314,315,316,317],[],[458,544],{"@type":106,"@version":107,"tagName":323,"id":459,"meta":460,"children":461},"builder-71d0648c1d2f4ede8d0d0b5b28b7b94c",{"previousId":324},[462,478,485,492,501,511,521,531,538],{"@type":106,"@version":107,"id":463,"meta":464,"component":465,"responsiveStyles":476},"builder-ff325b4b8fad4edea53f38865947e854",{"previousId":328},{"name":327,"options":466,"isRSC":118},{"title":444,"description":467,"points":468,"video":475},"\u003Cp>Browser extensions introduce new code, new permissions, and new potential for risk. Many include AI features, and most go completely unnoticed. Push gives you full visibility into every extension used across your workforce, across major browsers, so you can uncover shadow IT, assess risky permissions, and block unsafe tools before they lead to compromise.\u003C/p>",[469,471,473],{"item":470},"Discover every browser extension in use",{"item":472},"Spot risky or unsanctioned behavior",{"item":474},"Make informed decisions on extension policy","https://cdn.builder.io/o/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fc538aad95d7f403aa3c3551af72f67c0?alt=media&token=1411fa6d-2eac-4e6c-94bf-ea117da12d67&apiKey=f3a1111ff5be48cdbb123cd9f5795a05",{"large":477},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"backgroundColor":342},{"@type":106,"@version":107,"id":479,"meta":480,"component":481,"responsiveStyles":483},"builder-fb89d128c64e47cf9cbb11d90fc24523",{"previousId":344},{"name":346,"options":482,"isRSC":118},{"AllPartners":41,"backgroundTransparent":6},{"large":484},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"backgroundColor":350},{"@type":106,"@version":107,"id":486,"meta":487,"component":488,"responsiveStyles":490},"builder-54388d35126c4d0096eeebaf8c4448cd",{"previousId":352},{"name":354,"options":489,"isRSC":118},{"darkMode":41},{"large":491},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125},{"@type":106,"@version":107,"layerName":359,"id":493,"component":494,"responsiveStyles":499},"builder-3c8fa6785dd6466abf52a2470d66d85a",{"name":359,"tag":359,"options":495,"isRSC":118},{"darkMode":6,"maxWidth":363,"maxTextWidth":364,"title":496,"description":497,"image":498,"reverse":6},"\u003Ch2>Take control of browser extensions\u003C/h2>","\u003Cp>Attackers are increasingly using malicious browser extensions to gain access to data processed and stored in the browser. And the problem is, most security teams have no visibility into what extensions are being used. Push changes that. With browser-native telemetry, the Push extension continuously inventories browser extensions across your environment, flags the risky ones, and gives you intelligence to act. \u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>\u003Cbr>\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F0a004f16a6874f4c8fdf14344acc9fec",{"large":500},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125},{"@type":106,"@version":107,"id":502,"meta":503,"component":504,"responsiveStyles":509},"builder-93738f98109a4009affb349afd7bb182",{"previousId":371},{"name":373,"options":505,"isRSC":118},{"darkMode":6,"maxWidth":363,"imageMaxWidth":375,"textPaddingTop":376,"title":506,"description":507,"reverse":41,"image":508},"\u003Ch2>Discover every extension in use\u003C/h2>","\u003Cp>Push gives you structured, searchable data about every extension in your environment, so you’re not just seeing what’s there, but also understanding how it got there, what it can do, and who it affects. It’s the kind of granular insight that’s nearly impossible to get from traditional tools, and it lays the groundwork for better policy decisions and faster investigations.\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F0e5727ca99474f14b1b7916bf6bbb782",{"large":510},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"fontFamily":382,"paddingTop":383,"marginTop":384},{"@type":106,"@version":107,"id":512,"meta":513,"component":514,"responsiveStyles":519},"builder-83393acb12ee4fdd840839185b51edb4",{"previousId":386},{"name":373,"options":515,"isRSC":118},{"darkMode":6,"maxWidth":363,"imageMaxWidth":375,"textPaddingTop":389,"title":516,"description":517,"reverse":6,"image":518},"\u003Ch2>Spot risky or malicious extensions\u003C/h2>","\u003Cp>Push highlights extensions with dangerous permissions, broad access, or poor reputations. This includes AI extensions that request access far beyond what their stated purpose requires. You can quickly detect sideloaded, manually installed, or development-mode extensions that bypass normal controls. And because Push shows you who’s using them and where, you can respond precisely and effectively.\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fa104d58c8da34fbb8901f738fb21453b",{"large":520},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"paddingTop":395},{"@type":106,"@version":107,"layerName":373,"id":522,"meta":523,"component":524,"responsiveStyles":529},"builder-da98e3de949646d89c53a0d1c2784664",{"previousId":397},{"name":373,"options":525,"isRSC":118},{"darkMode":6,"maxWidth":363,"imageMaxWidth":375,"textPaddingTop":400,"title":526,"description":527,"reverse":41,"image":528},"\u003Ch2>Accelerate security reviews\u003C/h2>","\u003Cp>Most teams have extension policies, they just don’t have the data to enforce them. Push reveals how each extension entered your environment, whether it was installed manually, sideloaded, or deployed in dev mode. You’ll see which users are running what, and where, so you can surface violations, investigate quickly, and respond with confidence.\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F229f355be6f243b180f410d237a75bb3",{"large":530},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"paddingTop":406},{"@type":106,"@version":107,"id":532,"meta":533,"component":534,"responsiveStyles":536},"builder-1a689287d1a1418997d57db578a71105",{"previousId":408},{"name":354,"options":535,"isRSC":118},{"darkMode":6},{"large":537},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125},{"@type":106,"@version":107,"id":539,"component":540,"responsiveStyles":542},"builder-feb4e75029f84c10b6498ef1f8f79128",{"name":416,"tag":416,"options":541,"isRSC":118},{"sectionHeading":37,"customClass":418},{"large":543},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125},{"id":545,"@type":106,"tagName":131,"properties":546,"responsiveStyles":547},"builder-pixel-0edn39avfcei",{"src":133,"aria-hidden":134,"alt":37,"role":135,"width":124,"height":124},{"large":548},{"height":124,"width":124,"display":138,"opacity":124,"overflow":139,"pointerEvents":140},{"deviceSize":142,"location":550},{"path":37,"query":551},{},{},1776275365038,1757000441666,"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F8d496cf111644ee5afcc046b72d1ca5a",[],{"kind":438,"winningTest":118,"breakpoints":558,"lastPreviewUrl":559,"hasLinks":6,"originalContentId":259,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},"https://pushsecurity.com/uc/browser-extension-security?builder.space=f3a1111ff5be48cdbb123cd9f5795a05&builder.user.permissions=read%2Ccreate%2Cpublish%2CeditDesigns%2CeditLayouts%2CeditLayers%2CeditContentPriority%2CeditFolders%2CcreateProjects%2CsendPullRequests&builder.user.role.name=Designer&builder.user.role.id=creator&builder.cachebust=true&builder.preview=use-case-page&builder.noCache=true&builder.allowTextEdit=true&__builder_editing__=true&builder.overrides.use-case-page=54f8256648f54d439303734b1e69221b&builder.overrides.54f8256648f54d439303734b1e69221b=54f8256648f54d439303734b1e69221b&builder.overrides.use-case-page:/uc/browser-extension-security=54f8256648f54d439303734b1e69221b&builder.options.locale=Default",{"createdDate":561,"id":562,"name":563,"modelId":261,"published":13,"query":564,"data":567,"variations":670,"lastUpdated":671,"firstPublished":672,"testRatio":33,"screenshot":673,"createdBy":34,"lastUpdatedBy":674,"folders":675,"meta":676,"rev":440},1744923509705,"94bebb7bb99d48629ad157e80cf4d81d","Account takeover detection",[565],{"@type":264,"property":265,"operator":266,"value":566},"/uc/account-takeover-detection",{"title":563,"customFonts":568,"jsCode":37,"seoTitle":563,"seoDescription":573,"fontAwesomeIcon":574,"tsCode":37,"blocks":575,"url":566,"state":667},[569],{"kind":273,"category":295,"variants":570,"menu":296,"files":571,"family":272,"subsets":572,"version":274,"lastModified":275},[301,302,303,304,305,306,128,307,308,309,310,311,312,313,314,315,316,317],{"100":277,"200":278,"300":279,"500":280,"600":281,"700":282,"800":283,"900":284,"300italic":293,"500italic":292,"800italic":285,"700italic":287,"italic":289,"900italic":286,"600italic":294,"200italic":291,"regular":290,"100italic":288},[298,299],"Stop ATO with stolen credential and compromised token detection.","faUserSecret",[576,662],{"@type":106,"@version":107,"tagName":323,"id":577,"meta":578,"children":579},"builder-e7913a774cae44c5a23d6081c5c30a52",{"previousId":324},[580,596,603,610,619,629,639,649,656],{"@type":106,"@version":107,"id":581,"meta":582,"component":583,"responsiveStyles":594},"builder-f1f1ab1601bc4c0f8c2a8aafd173675d",{"previousId":328},{"name":327,"options":584,"isRSC":118},{"title":563,"description":585,"points":586,"video":593},"\u003Cp>Attackers don’t need to phish, they just need a password that works. Push monitors for signs of credential-based attacks in real time, directly in the browser, catching account takeover attempts before the damage spreads. From ghost logins to credential stuffing, Push cuts off the paths attackers use to quietly slip in the back door.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>",[587,589,591],{"item":588},"Identify credential-based ATO as it unfolds",{"item":590},"Surface hijacked sessions and token misuse",{"item":592},"Strengthen authentication where your IdP can’t","https://cdn.builder.io/o/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fb4dd9db24bc9495b8a686b1b4d492016%2Fcompressed?apiKey=f3a1111ff5be48cdbb123cd9f5795a05&token=b4dd9db24bc9495b8a686b1b4d492016&alt=media&optimized=true",{"large":595},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"backgroundColor":342},{"@type":106,"@version":107,"id":597,"meta":598,"component":599,"responsiveStyles":601},"builder-0bc0d1c78ece4994993c3a6427a4d533",{"previousId":344},{"name":346,"options":600,"isRSC":118},{"AllPartners":41,"backgroundTransparent":6},{"large":602},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"backgroundColor":350},{"@type":106,"@version":107,"id":604,"meta":605,"component":606,"responsiveStyles":608},"builder-e45de8f3768c4f16938dbf78e4e87524",{"previousId":352},{"name":354,"options":607,"isRSC":118},{"darkMode":41},{"large":609},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125},{"@type":106,"@version":107,"id":611,"component":612,"responsiveStyles":617},"builder-c98e8bfd341146c1b67c02d5698ff093",{"name":359,"tag":359,"options":613,"isRSC":118},{"darkMode":6,"maxWidth":363,"maxTextWidth":364,"title":614,"description":615,"image":616,"reverse":6},"\u003Ch2>Assume less. See more.\u003C/h2>","\u003Cp>Most account takeovers don’t start with a breach, they start with a login. Whether it’s a reused password, a local account, or an outdated login flow, Push shows you how accounts are actually accessed day to day, not just how policies say they should be. That means no more blind spots around ghost logins, bypassed SSO, or stale access paths that quietly persist.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>\u003Cbr>\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F18630ad2746d4eb7b7fcc0428b11a8f0",{"large":618},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125},{"@type":106,"@version":107,"id":620,"meta":621,"component":622,"responsiveStyles":627},"builder-55c1fc38ddc04fd1a0d6a8e2fb819e00",{"previousId":371},{"name":373,"options":623,"isRSC":118},{"darkMode":6,"maxWidth":363,"imageMaxWidth":375,"textPaddingTop":376,"title":624,"description":625,"reverse":41,"image":626},"\u003Ch2>Catch stolen credential use in real time\u003C/h2>","\u003Cp>Push monitors login activity directly in the browser to detect signs of credential-based attacks like leaked password use or suspicious login flows. By analyzing attacker TTPs instead of relying on known indicators, Push spots credential stuffing and account takeover attempts the moment they begin, not after they’ve succeeded.\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F52b0123cac2c4dfdb1dc0af6adf9d603",{"large":628},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"fontFamily":382,"paddingTop":384,"marginTop":384},{"@type":106,"@version":107,"id":630,"meta":631,"component":632,"responsiveStyles":637},"builder-dfb31737b30948c6b95323655d571a50",{"previousId":386},{"name":373,"options":633,"isRSC":118},{"darkMode":6,"maxWidth":363,"imageMaxWidth":375,"textPaddingTop":389,"title":634,"description":635,"reverse":6,"image":636},"\u003Ch2>Detect session hijacks and stealth access\u003C/h2>","\u003Cp>Attackers don’t always need a login screen, they often sidestep it entirely using stolen session tokens. Push detects when valid sessions are reused in unexpected ways, identifying hijacked sessions and stealth access attempts that traditional tools miss. Because we monitor directly in the browser, you see what’s happening inside active sessions in real time.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F94a6859a99e04d309ffe5841f3dbdf5c",{"large":638},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"paddingTop":395},{"@type":106,"@version":107,"layerName":373,"id":640,"meta":641,"component":642,"responsiveStyles":647},"builder-f7585b90eb974d03a7dc7eae5b58d227",{"previousId":397},{"name":373,"options":643,"isRSC":118},{"darkMode":6,"maxWidth":363,"imageMaxWidth":375,"textPaddingTop":400,"title":644,"description":645,"reverse":41,"image":646},"\u003Ch2>Harden accounts before they’re compromised\u003C/h2>","\u003Cp>Push goes beyond alerts. It identifies apps that still allow local logins, even when SSO is configured, so you can remove weak access paths. Push also flags users without MFA, reused work credentials, or weak passwords, and prompts users in-browser to fix risky behaviors before they’re exploited.\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F01c1b638f1b6497093a4f2b8ceddb5bb",{"large":648},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"paddingTop":406},{"@type":106,"@version":107,"id":650,"meta":651,"component":652,"responsiveStyles":654},"builder-ad81d1e3afec49a791214194eae09bdc",{"previousId":408},{"name":354,"options":653,"isRSC":118},{"darkMode":6},{"large":655},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125},{"@type":106,"@version":107,"id":657,"component":658,"responsiveStyles":660},"builder-8dac1aa4b9d148628d92252bd8eff822",{"name":416,"tag":416,"options":659,"isRSC":118},{"sectionHeading":37,"customClass":418},{"large":661},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125},{"id":663,"@type":106,"tagName":131,"properties":664,"responsiveStyles":665},"builder-pixel-s5u3wmvz7jq",{"src":133,"aria-hidden":134,"alt":37,"role":135,"width":124,"height":124},{"large":666},{"height":124,"width":124,"display":138,"opacity":124,"overflow":139,"pointerEvents":140},{"deviceSize":142,"location":668},{"path":37,"query":669},{},{},1770892814499,1745499162732,"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F58b660fa94aa4b30b0faeb9b663ae41a","SfUPqW5tkibIPby49keNFMdHFTr1",[],{"lastPreviewUrl":677,"hasLinks":6,"originalContentId":259,"breakpoints":678,"winningTest":118,"kind":438,"hasAutosaves":41},"https://pushsecurity.com/uc/account-takeover-detection?builder.space=f3a1111ff5be48cdbb123cd9f5795a05&builder.user.permissions=read%2Ccreate%2Cpublish%2CeditCode%2CeditDesigns%2CeditLayouts%2CeditLayers%2CeditContentPriority%2CeditFolders%2CeditProjects%2CmodifyMcpServers%2CmodifyWorkflowIntegrations%2CmodifyProjectSettings%2CconnectCodeRepository%2CcreateProjects%2CindexDesignSystems%2CsendPullRequests&builder.user.role.name=Developer&builder.user.role.id=developer&builder.cachebust=true&builder.preview=use-case-page&builder.noCache=true&builder.allowTextEdit=true&__builder_editing__=true&builder.overrides.use-case-page=94bebb7bb99d48629ad157e80cf4d81d&builder.overrides.94bebb7bb99d48629ad157e80cf4d81d=94bebb7bb99d48629ad157e80cf4d81d&builder.overrides.use-case-page:/uc/account-takeover-detection=94bebb7bb99d48629ad157e80cf4d81d&builder.options.includeRefs=true&builder.options.enrich=true&builder.options.locale=Default",{"xsmall":57,"small":39,"medium":40},{"createdDate":680,"id":681,"name":682,"modelId":261,"published":13,"query":683,"data":686,"variations":789,"lastUpdated":790,"firstPublished":791,"testRatio":33,"screenshot":792,"createdBy":34,"lastUpdatedBy":674,"folders":793,"meta":794,"rev":440},1745009370904,"23eb48fb56d3451cab77cb6ed140ee6d","Attack path hardening",[684],{"@type":264,"property":265,"operator":266,"value":685},"/uc/attack-path-hardening",{"tsCode":37,"seoDescription":687,"jsCode":37,"customFonts":688,"fontAwesomeIcon":693,"seoTitle":682,"title":682,"blocks":694,"url":685,"state":786},"Harden access paths with visibility,  detection, and guardrails.",[689],{"kind":273,"files":690,"version":274,"lastModified":275,"subsets":691,"menu":296,"category":295,"variants":692,"family":272},{"100":277,"200":278,"300":279,"500":280,"600":281,"700":282,"800":283,"900":284,"regular":290,"italic":289,"800italic":285,"500italic":292,"600italic":294,"200italic":291,"900italic":286,"700italic":287,"100italic":288,"300italic":293},[298,299],[301,302,303,304,305,306,128,307,308,309,310,311,312,313,314,315,316,317],"faRadar",[695,781],{"@type":106,"@version":107,"tagName":323,"id":696,"meta":697,"children":698},"builder-1d8553eddcaa44d7bba9e2f4ca13af2a",{"previousId":577},[699,715,722,729,738,748,758,768,775],{"@type":106,"@version":107,"id":700,"meta":701,"component":702,"responsiveStyles":713},"builder-84fe3d7c85a743cf8cef649aa974f1ef",{"previousId":581},{"name":327,"options":703,"isRSC":118},{"title":682,"description":704,"points":705,"video":712},"\u003Cp>Push continuously monitors your environment for exposed login paths, weak credentials, and missing protections like MFA. It detects the gaps attackers exploit and helps you close them before they’re used.\u003C/p>",[706,708,710],{"item":707},"Find weak spots like reused passwords, local logins, and missing MFA",{"item":709},"Monitor how users actually log in across apps, flows, and tools",{"item":711},"Enforce secure access with in-browser guardrails","https://cdn.builder.io/o/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fdbdcf52892034f1bbddded77f753a343%2Fcompressed?apiKey=f3a1111ff5be48cdbb123cd9f5795a05&token=dbdcf52892034f1bbddded77f753a343&alt=media&optimized=true",{"large":714},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"backgroundColor":342},{"@type":106,"@version":107,"id":716,"meta":717,"component":718,"responsiveStyles":720},"builder-b3f66f5b08054cc78a06fecfc3ae2337",{"previousId":597},{"name":346,"options":719,"isRSC":118},{"AllPartners":41,"backgroundTransparent":6},{"large":721},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"backgroundColor":350},{"@type":106,"@version":107,"id":723,"meta":724,"component":725,"responsiveStyles":727},"builder-4c73418b84be49ed85e6e13d2625c5a0",{"previousId":604},{"name":354,"options":726,"isRSC":118},{"darkMode":41},{"large":728},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125},{"@type":106,"@version":107,"id":730,"component":731,"responsiveStyles":736},"builder-dec0246085e1485c803f7152b1922a81",{"name":359,"tag":359,"options":732,"isRSC":118},{"darkMode":6,"maxWidth":363,"maxTextWidth":364,"title":733,"description":734,"image":735,"reverse":6},"\u003Ch2>Find the gaps that lead to compromise\u003C/h2>","\u003Cp>Misconfigurations don’t show up in your config files, they show up in how users actually access apps. Push monitors real login behavior in the browser, surfacing risky patterns like local login access, duplicate accounts, or missing protections that leave doors wide open.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>\u003Cbr>\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F309a59bba8d247a19476bb369397460e",{"large":737},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125},{"@type":106,"@version":107,"id":739,"meta":740,"component":741,"responsiveStyles":746},"builder-ebf049a645604a249550996a88f8f3b6",{"previousId":620},{"name":373,"options":742,"isRSC":118},{"darkMode":6,"maxWidth":363,"imageMaxWidth":375,"textPaddingTop":376,"title":743,"description":744,"reverse":41,"image":745},"\u003Ch2>See real login behavior\u003C/h2>","\u003Cp>Push watches authentication flows as they happen, giving you a live view of how users log in, which methods they choose, and where protections like MFA are missing. Plus, uncover every app and account in use, even shadow IT you didn’t know existed, without relying on stale config files or IdP assumptions. \u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fb51f6b0357cc451b87a7a5016d984e5e",{"large":747},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"fontFamily":382,"paddingTop":383,"marginTop":384},{"@type":106,"@version":107,"id":749,"meta":750,"component":751,"responsiveStyles":756},"builder-431d175c59004669b0b2776b07d71737",{"previousId":630},{"name":373,"options":752,"isRSC":118},{"darkMode":6,"maxWidth":363,"imageMaxWidth":375,"textPaddingTop":389,"title":753,"description":754,"reverse":6,"image":755},"\u003Ch2>Find and fix posture drift\u003C/h2>","\u003Cp>Security posture isn’t static. Push continuously monitors for issues like missing MFA or legacy login methods. When something falls out of policy, you know immediately with custom notifications so you can act before it turns into risk.\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F324e39127dfc41e592b1183dfb39892d",{"large":757},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"paddingTop":395},{"@type":106,"@version":107,"layerName":373,"id":759,"meta":760,"component":761,"responsiveStyles":766},"builder-3dffdcbe0a484e2ca4c03f019b6d40ee",{"previousId":640},{"name":373,"options":762,"isRSC":118},{"darkMode":6,"maxWidth":363,"imageMaxWidth":375,"textPaddingTop":400,"title":763,"description":764,"reverse":41,"image":765},"\u003Ch2>Guide users with in-browser guardrails\u003C/h2>","\u003Cp>Push doesn’t just surface problems, it helps you fix them. When users sign in without MFA, reuse a password, or use insecure credentials, Push prompts them directly in the browser to secure their access. It’s faster, more effective, and actually gets results.\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fee8b75d13e45488aba55434a8b49ebb0",{"large":767},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"paddingTop":406},{"@type":106,"@version":107,"id":769,"meta":770,"component":771,"responsiveStyles":773},"builder-976bc222cd7647ff905f1e01cfedc453",{"previousId":650},{"name":354,"options":772,"isRSC":118},{"darkMode":6},{"large":774},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125},{"@type":106,"@version":107,"id":776,"component":777,"responsiveStyles":779},"builder-8c47ec2fd0f74382bb3e6c870555632c",{"name":416,"tag":416,"options":778,"isRSC":118},{"sectionHeading":37,"customClass":418},{"large":780},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125},{"id":782,"@type":106,"tagName":131,"properties":783,"responsiveStyles":784},"builder-pixel-7akm7dayau8",{"src":133,"aria-hidden":134,"alt":37,"role":135,"width":124,"height":124},{"large":785},{"height":124,"width":124,"display":138,"opacity":124,"overflow":139,"pointerEvents":140},{"deviceSize":142,"location":787},{"path":37,"query":788},{},{},1770892844854,1745499166112,"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F6ca12bf728a045f1a31d40c0beb3bfe5",[],{"kind":438,"lastPreviewUrl":795,"breakpoints":796,"hasLinks":6,"originalContentId":562,"winningTest":118,"hasAutosaves":6},"https://pushsecurity.com/uc/attack-path-hardening?builder.space=f3a1111ff5be48cdbb123cd9f5795a05&builder.user.permissions=read%2Ccreate%2Cpublish%2CeditCode%2CeditDesigns%2CeditLayouts%2CeditLayers%2CeditContentPriority%2CeditFolders%2CeditProjects%2CmodifyMcpServers%2CmodifyWorkflowIntegrations%2CmodifyProjectSettings%2CconnectCodeRepository%2CcreateProjects%2CindexDesignSystems%2CsendPullRequests&builder.user.role.name=Developer&builder.user.role.id=developer&builder.cachebust=true&builder.preview=use-case-page&builder.noCache=true&builder.allowTextEdit=true&__builder_editing__=true&builder.overrides.use-case-page=23eb48fb56d3451cab77cb6ed140ee6d&builder.overrides.23eb48fb56d3451cab77cb6ed140ee6d=23eb48fb56d3451cab77cb6ed140ee6d&builder.overrides.use-case-page:/uc/attack-path-hardening=23eb48fb56d3451cab77cb6ed140ee6d&builder.options.includeRefs=true&builder.options.enrich=true&builder.options.locale=Default",{"xsmall":57,"small":39,"medium":40},{"createdDate":798,"id":799,"name":800,"modelId":261,"published":13,"query":801,"data":804,"variations":909,"lastUpdated":910,"firstPublished":911,"testRatio":33,"screenshot":912,"createdBy":34,"lastUpdatedBy":674,"folders":913,"meta":914,"rev":440},1761675020232,"ea4f309d2ffe46c5aa97ebf0fda4e2e3","ClickFix Protection",[802],{"@type":264,"property":265,"operator":266,"value":803},"/uc/clickfix-protection",{"seoDescription":805,"fontAwesomeIcon":806,"customFonts":807,"seoTitle":812,"jsCode":37,"tsCode":37,"title":812,"blocks":813,"url":803,"state":906},"Block attacks that trick users into running malicious code.","faLaptopCode",[808],{"files":809,"subsets":810,"menu":296,"version":274,"kind":273,"family":272,"lastModified":275,"variants":811,"category":295},{"100":277,"200":278,"300":279,"500":280,"600":281,"700":282,"800":283,"900":284,"200italic":291,"800italic":285,"700italic":287,"600italic":294,"100italic":288,"italic":289,"regular":290,"300italic":293,"500italic":292,"900italic":286},[298,299],[301,302,303,304,305,306,128,307,308,309,310,311,312,313,314,315,316,317],"ClickFix protection",[814,901],{"@type":106,"@version":107,"tagName":323,"id":815,"meta":816,"children":817},"builder-d7eefdde0f2a4b2b9de3dcb2978fd6cb",{"previousId":696},[818,834,841,848,858,868,878,888,895],{"@type":106,"@version":107,"id":819,"meta":820,"component":821,"responsiveStyles":832},"builder-56e2c54bcce040a4af8b92ae03706c12",{"previousId":700},{"name":327,"options":822,"isRSC":118},{"title":812,"description":823,"points":824,"image":831},"\u003Cp>ClickFix attacks are one of the fastest-growing threats, tricking users into copying malicious code from a webpage and running it locally. This technique bypasses traditional EDR, email gateways, and network filters, leading directly to ransomware and data theft. Push stops this attack at the source, in the browser, by detecting and blocking the malicious behavior before the user can ever paste the code.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>",[825,827,829],{"item":826},"Detect ClickFix, FileFix, and fake CAPTCHA in the browser",{"item":828},"Block malicious copy-and-paste actions before code is executed",{"item":830},"See full telemetry into which users were targeted and what they saw","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F7b74af62889847ebb3927364485b0546",{"large":833},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"backgroundColor":342},{"@type":106,"@version":107,"id":835,"meta":836,"component":837,"responsiveStyles":839},"builder-05f9614d4e3e4dc88b3ee8658f54e10e",{"previousId":716},{"name":346,"options":838,"isRSC":118},{"AllPartners":41,"backgroundTransparent":6},{"large":840},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"backgroundColor":350},{"@type":106,"@version":107,"id":842,"meta":843,"component":844,"responsiveStyles":846},"builder-c4fb5179366243c1b6c32d368675cf47",{"previousId":723},{"name":354,"options":845,"isRSC":118},{"darkMode":41},{"large":847},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125},{"@type":106,"@version":107,"id":849,"meta":850,"component":851,"responsiveStyles":856},"builder-261af50705fd445d8cca4a6ba20d5391",{"previousId":730},{"name":359,"tag":359,"options":852,"isRSC":118},{"darkMode":6,"maxWidth":363,"maxTextWidth":364,"title":853,"description":854,"reverse":6,"image":855},"\u003Ch2>Stop ClickFix-style attacks before they become a breach\u003C/h2>","\u003Cp>Traditional security tools are blind to malicious copy and paste attacks because the attack exploits a gap between the browser and the endpoint. EDR only sees the payload after it runs, and network tools see only part of the picture.\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F98b2f7e08dec4eafaf8e24937605b8cf",{"large":857},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125},{"@type":106,"@version":107,"id":859,"meta":860,"component":861,"responsiveStyles":866},"builder-7d21b8aab8064c40b1e5dd23c4749309",{"previousId":739},{"name":373,"options":862,"isRSC":118},{"darkMode":6,"maxWidth":363,"imageMaxWidth":375,"textPaddingTop":376,"title":863,"description":864,"reverse":41,"image":865},"\u003Ch2>Discover lures at the source\u003C/h2>","\u003Cp>Push inspects page behavior to identify ClickFix attacks as they happen. By inspecting the page, its structure, and how the user interacts with it, Push can detect and block these in-browser threats in real time. This deep, TTP-based inspection spots the trap even on novel pages that are built to bypass traditional web filters and blocklists.\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F665bf47e01544c75bf9ddafd3917927b",{"large":867},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"fontFamily":382,"paddingTop":383,"marginTop":384},{"@type":106,"@version":107,"id":869,"meta":870,"component":871,"responsiveStyles":876},"builder-fb91943adf6149259ed9e1e6566c9afe",{"previousId":749},{"name":373,"options":872,"isRSC":118},{"darkMode":6,"maxWidth":363,"imageMaxWidth":375,"textPaddingTop":389,"title":873,"description":874,"reverse":6,"image":875},"\u003Ch2>Block the malicious action\u003C/h2>","\u003Cp>When Push detects a malicious script, it intercepts the user's action and blocks the code from being copied to the clipboard. The user is protected, the attack is stopped, and no malicious code ever reaches the endpoint. Unlike broad DLP tools, this action is surgical, targeting only malicious behavior without disrupting normal work.\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F5ee68f81f1ac416685cbfe91298cf827",{"large":877},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"paddingTop":395},{"@type":106,"@version":107,"layerName":373,"id":879,"meta":880,"component":881,"responsiveStyles":886},"builder-bfac95fada864e5a8259b955b5b5f98b",{"previousId":759},{"name":373,"options":882,"isRSC":118},{"darkMode":6,"maxWidth":363,"imageMaxWidth":375,"textPaddingTop":400,"title":883,"description":884,"reverse":41,"image":885},"\u003Ch2>Accelerate ClickFix investigations\u003C/h2>","\u003Cp>When an attack happens, knowing what the user saw or did is critical. Push provides rich browser session data for rapid investigation and containment. Security teams get detailed telemetry on which users were targeted, what lure they were served, and when the block occurred. This enables defenders to reconstruct what happened and respond quickly, even when other tools miss the activity entirely.\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F6cdf2a8aeddc4e9a9023cbf974e40239",{"large":887},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"paddingTop":406},{"@type":106,"@version":107,"id":889,"meta":890,"component":891,"responsiveStyles":893},"builder-136892e831684a6987f87d3be67c33d1",{"previousId":769},{"name":354,"options":892,"isRSC":118},{"darkMode":6},{"large":894},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125},{"@type":106,"@version":107,"id":896,"component":897,"responsiveStyles":899},"builder-dec26b739f2f42beb5a73cfc6c675b60",{"name":416,"tag":416,"options":898,"isRSC":118},{"sectionHeading":37,"customClass":418},{"large":900},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125},{"id":902,"@type":106,"tagName":131,"properties":903,"responsiveStyles":904},"builder-pixel-zzjpxxgrc2l",{"src":133,"aria-hidden":134,"alt":37,"role":135,"width":124,"height":124},{"large":905},{"height":124,"width":124,"display":138,"opacity":124,"overflow":139,"pointerEvents":140},{"deviceSize":142,"location":907},{"path":37,"query":908},{},{},1770892881888,1761847585203,"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F375467b8bef34ed1a8a1cc5b8b67d75f",[],{"lastPreviewUrl":915,"originalContentId":681,"winningTest":118,"hasLinks":6,"kind":438,"breakpoints":916,"hasAutosaves":6},"https://pushsecurity.com/uc/clickfix-protection?builder.space=f3a1111ff5be48cdbb123cd9f5795a05&builder.user.permissions=read%2Ccreate%2Cpublish%2CeditCode%2CeditDesigns%2CeditLayouts%2CeditLayers%2CeditContentPriority%2CeditFolders%2CeditProjects%2CmodifyMcpServers%2CmodifyWorkflowIntegrations%2CmodifyProjectSettings%2CconnectCodeRepository%2CcreateProjects%2CindexDesignSystems%2CsendPullRequests&builder.user.role.name=Developer&builder.user.role.id=developer&builder.cachebust=true&builder.preview=use-case-page&builder.noCache=true&builder.allowTextEdit=true&__builder_editing__=true&builder.overrides.use-case-page=ea4f309d2ffe46c5aa97ebf0fda4e2e3&builder.overrides.ea4f309d2ffe46c5aa97ebf0fda4e2e3=ea4f309d2ffe46c5aa97ebf0fda4e2e3&builder.overrides.use-case-page:/uc/clickfix-protection=ea4f309d2ffe46c5aa97ebf0fda4e2e3&builder.options.includeRefs=true&builder.options.enrich=true&builder.options.locale=Default",{"xsmall":57,"small":39,"medium":40},{"createdDate":918,"id":919,"name":920,"modelId":261,"published":13,"query":921,"data":924,"variations":1029,"lastUpdated":1030,"firstPublished":1031,"testRatio":33,"screenshot":1032,"createdBy":34,"lastUpdatedBy":674,"folders":1033,"meta":1034,"rev":440},1745009743870,"a9d5556e77f84a37b5bd52310a7110c1","Incident response",[922],{"@type":264,"property":265,"operator":266,"value":923},"/uc/incident-response",{"seoDescription":925,"customFonts":926,"title":920,"jsCode":37,"fontAwesomeIcon":931,"seoTitle":932,"tsCode":37,"blocks":933,"url":923,"state":1026},"Investigate and respond faster with unique browser telemetry.",[927],{"kind":273,"subsets":928,"menu":296,"variants":929,"category":295,"family":272,"version":274,"lastModified":275,"files":930},[298,299],[301,302,303,304,305,306,128,307,308,309,310,311,312,313,314,315,316,317],{"100":277,"200":278,"300":279,"500":280,"600":281,"700":282,"800":283,"900":284,"900italic":286,"600italic":294,"200italic":291,"300italic":293,"100italic":288,"700italic":287,"800italic":285,"regular":290,"italic":289,"500italic":292},"faSatelliteDish","Browser based incident response",[934,1021],{"@type":106,"@version":107,"tagName":323,"id":935,"meta":936,"children":937},"builder-653c4aed737b4def88dc4cd2d695660a",{"previousId":696},[938,955,962,969,978,988,998,1008,1015],{"@type":106,"@version":107,"id":939,"meta":940,"component":941,"responsiveStyles":953},"builder-18190bd36518467d9154d27d7e945b9b",{"previousId":700},{"name":327,"options":942,"isRSC":118},{"title":943,"description":944,"points":945,"video":952},"Browser-based incident response","\u003Cp>Push gives you real-time visibility into what actually happened during a breach, right in the browser where the attack played out. From credential theft to session hijacking, Push captures high-fidelity telemetry so you can investigate quickly, contain confidently, and shut it down before it spreads.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>",[946,948,950],{"item":947},"Reconstruct what happened with real browser session context",{"item":949},"Investigate faster with real-world session context",{"item":951},"Trigger response actions automatically through your SIEM or SOAR","https://cdn.builder.io/o/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fd00e39d3b6e346c296261d875cf55652%2Fcompressed?apiKey=f3a1111ff5be48cdbb123cd9f5795a05&token=d00e39d3b6e346c296261d875cf55652&alt=media&optimized=true",{"large":954},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"backgroundColor":342},{"@type":106,"@version":107,"id":956,"meta":957,"component":958,"responsiveStyles":960},"builder-8a0a8ea63f5d48dd8a6726f2d49cf0ca",{"previousId":716},{"name":346,"options":959,"isRSC":118},{"AllPartners":41,"backgroundTransparent":6},{"large":961},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"backgroundColor":350},{"@type":106,"@version":107,"id":963,"meta":964,"component":965,"responsiveStyles":967},"builder-2df65c3f54334df2b26e7cb744886cdc",{"previousId":723},{"name":354,"options":966,"isRSC":118},{"darkMode":41},{"large":968},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125},{"@type":106,"@version":107,"id":970,"component":971,"responsiveStyles":976},"builder-2c32c869efc2423ab69ef06b150e9f97",{"name":359,"tag":359,"options":972,"isRSC":118},{"darkMode":6,"maxWidth":363,"maxTextWidth":364,"title":973,"description":974,"image":975,"reverse":6},"\u003Ch2>See attacks unfold, not just their aftermath\u003C/h2>","\u003Cp>Attacks happen in the browser, not in logs. Push captures what traditional tools miss: what users clicked, what loaded, what was entered, and how attackers moved. That gives you real-world evidence, not just assumptions, when every second matters.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>\u003Cbr>\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F36fc719bd1de4a38b916f4d25c81a26d",{"large":977},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125},{"@type":106,"@version":107,"id":979,"meta":980,"component":981,"responsiveStyles":986},"builder-370e53c6016e432db01e9193a2ce90f6",{"previousId":739},{"name":373,"options":982,"isRSC":118},{"darkMode":6,"maxWidth":363,"imageMaxWidth":375,"textPaddingTop":376,"title":983,"description":984,"reverse":41,"image":985},"\u003Ch2>Investigate faster with high-fidelity data\u003C/h2>","\u003Cp>Reconstructing an incident shouldn’t feel like guesswork. Push records detailed telemetry from inside the browser: page loads, credential inputs, DOM changes, session activity, user behavior. It’s structured, exportable, and ready to plug into your investigation workflows, so you can move fast without digging through proxy logs or relying on user reports.\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fa6adda040e684e67a8d68a55c5ce5f6d",{"large":987},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"fontFamily":382,"paddingTop":384,"marginTop":384},{"@type":106,"@version":107,"id":989,"meta":990,"component":991,"responsiveStyles":996},"builder-a7f3767a8d184bd08fb24520bf210e95",{"previousId":749},{"name":373,"options":992,"isRSC":118},{"darkMode":6,"maxWidth":363,"imageMaxWidth":375,"textPaddingTop":389,"title":993,"description":994,"reverse":6,"image":995},"\u003Ch2>Contain and respond in real time\u003C/h2>","\u003Cp>When something looks off, Push doesn’t just alert you, it gives you options. Guide users with in-browser prompts. Terminate sessions. Trigger SOAR workflows. Enrich SIEM alerts. Push gives you the context and control to stop spread before it starts.\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fb3dedeed5aba4847a2c2d22e10d0ec12",{"large":997},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"paddingTop":395},{"@type":106,"@version":107,"layerName":373,"id":999,"meta":1000,"component":1001,"responsiveStyles":1006},"builder-b92036ee0ece4b32acdbdcc7c377366b",{"previousId":759},{"name":373,"options":1002,"isRSC":118},{"darkMode":6,"maxWidth":363,"imageMaxWidth":375,"textPaddingTop":400,"title":1003,"description":1004,"reverse":41,"image":1005},"\u003Ch2>Prevent the next one\u003C/h2>","\u003Cp>Push helps you respond fast, but it also helps you fix what went wrong. It surfaces misconfigurations and risky behaviors that made the attack possible in the first place, then guides users in-browser to remediate. One tool. Full loop. No loose ends.\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fc1ecc2d5d3814b62b072fac01827ff96",{"large":1007},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"paddingTop":406},{"@type":106,"@version":107,"id":1009,"meta":1010,"component":1011,"responsiveStyles":1013},"builder-5e8ae39655274de89da32ab573a2525a",{"previousId":769},{"name":354,"options":1012,"isRSC":118},{"darkMode":6},{"large":1014},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125},{"@type":106,"@version":107,"id":1016,"component":1017,"responsiveStyles":1019},"builder-dfd6850cfb4741d2b8a0c16c2780f00a",{"name":416,"tag":416,"options":1018,"isRSC":118},{"sectionHeading":37,"customClass":418},{"large":1020},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125},{"id":1022,"@type":106,"tagName":131,"properties":1023,"responsiveStyles":1024},"builder-pixel-z197gdgcmu",{"src":133,"aria-hidden":134,"alt":37,"role":135,"width":124,"height":124},{"large":1025},{"height":124,"width":124,"display":138,"opacity":124,"overflow":139,"pointerEvents":140},{"deviceSize":142,"location":1027},{"path":37,"query":1028},{},{},1770892908052,1745427419274,"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fb07017bfd318431690a5bb35bda35b99",[],{"kind":438,"breakpoints":1035,"originalContentId":681,"winningTest":118,"lastPreviewUrl":1036,"hasLinks":6,"hasAutosaves":6},{"xsmall":57,"small":39,"medium":40},"https://pushsecurity.com/uc/incident-response?builder.space=f3a1111ff5be48cdbb123cd9f5795a05&builder.user.permissions=read%2Ccreate%2Cpublish%2CeditCode%2CeditDesigns%2CeditLayouts%2CeditLayers%2CeditContentPriority%2CeditFolders%2CeditProjects%2CmodifyMcpServers%2CmodifyWorkflowIntegrations%2CmodifyProjectSettings%2CconnectCodeRepository%2CcreateProjects%2CindexDesignSystems%2CsendPullRequests&builder.user.role.name=Developer&builder.user.role.id=developer&builder.cachebust=true&builder.preview=use-case-page&builder.noCache=true&builder.allowTextEdit=true&__builder_editing__=true&builder.overrides.use-case-page=a9d5556e77f84a37b5bd52310a7110c1&builder.overrides.a9d5556e77f84a37b5bd52310a7110c1=a9d5556e77f84a37b5bd52310a7110c1&builder.overrides.use-case-page:/uc/incident-response=a9d5556e77f84a37b5bd52310a7110c1&builder.options.includeRefs=true&builder.options.enrich=true&builder.options.locale=Default",{"createdDate":1038,"id":1039,"name":1040,"modelId":261,"published":13,"query":1041,"data":1044,"variations":1149,"lastUpdated":1150,"firstPublished":1151,"testRatio":33,"screenshot":1152,"createdBy":34,"lastUpdatedBy":674,"folders":1153,"meta":1154,"rev":440},1746122471259,"5f118e24433d46ceb79f5099987156d7","Shadow SaaS",[1042],{"@type":264,"property":265,"operator":266,"value":1043},"/uc/shadow-saas",{"seoTitle":1045,"seoDescription":1046,"customFonts":1047,"fontAwesomeIcon":1052,"title":1053,"jsCode":37,"tsCode":37,"blocks":1054,"url":1043,"state":1146},"Find and secure shadow SaaS","See and control shadow SaaS in the browser.",[1048],{"kind":273,"variants":1049,"files":1050,"family":272,"version":274,"subsets":1051,"lastModified":275,"category":295,"menu":296},[301,302,303,304,305,306,128,307,308,309,310,311,312,313,314,315,316,317],{"100":277,"200":278,"300":279,"500":280,"600":281,"700":282,"800":283,"900":284,"300italic":293,"500italic":292,"regular":290,"900italic":286,"italic":289,"100italic":288,"200italic":291,"600italic":294,"700italic":287,"800italic":285},[298,299],"faShieldCheck","Secure shadow SaaS",[1055,1141],{"@type":106,"@version":107,"tagName":323,"id":1056,"meta":1057,"children":1058},"builder-04da805c4cd34652a2db452fcda52e1d",{"previousId":935},[1059,1075,1082,1089,1098,1108,1118,1128,1135],{"@type":106,"@version":107,"id":1060,"meta":1061,"component":1062,"responsiveStyles":1073},"builder-830d414faeaf41439142f9157e8288c8",{"previousId":939},{"name":327,"options":1063,"isRSC":118},{"title":1045,"description":1064,"points":1065,"video":1072},"\u003Cp>SaaS sprawl is one of today’s fastest-growing security blind spots because most tools monitor around the edges. Push sees it at the source, in the browser, revealing every app users access, flagging risky tools, and helping you shut down exposure before it leads to a breach. No guesswork. No nasty surprises. Just real-time visibility and control.\u003C/p>",[1066,1068,1070],{"item":1067},"Discover every SaaS app users access, managed or not",{"item":1069},"Spot accounts with weak security postures like missing MFA, unmanaged access, and no SSO",{"item":1071},"Control usage with in-browser prompts, blocks, and security guardrails","https://cdn.builder.io/o/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F3e4eece318d04d6586e691d59d0741cf%2Fcompressed?apiKey=f3a1111ff5be48cdbb123cd9f5795a05&token=3e4eece318d04d6586e691d59d0741cf&alt=media&optimized=true",{"large":1074},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"backgroundColor":342},{"@type":106,"@version":107,"id":1076,"meta":1077,"component":1078,"responsiveStyles":1080},"builder-cd7833f966cb4c7e8adf0d6c979414a6",{"previousId":956},{"name":346,"options":1079,"isRSC":118},{"AllPartners":41,"backgroundTransparent":6},{"large":1081},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"backgroundColor":350},{"@type":106,"@version":107,"id":1083,"meta":1084,"component":1085,"responsiveStyles":1087},"builder-49d720b45430454e8b08c526f267c19f",{"previousId":963},{"name":354,"options":1086,"isRSC":118},{"darkMode":41},{"large":1088},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125},{"@type":106,"@version":107,"id":1090,"component":1091,"responsiveStyles":1096},"builder-3dde0bf6c8544e5e9ab41b18a9d68034",{"name":359,"tag":359,"options":1092,"isRSC":118},{"darkMode":6,"maxWidth":363,"maxTextWidth":364,"title":1093,"description":1094,"image":1095,"reverse":6},"\u003Ch2>Use your browser to curb Saas Sprawl\u003C/h2>","\u003Cp>Shadow SaaS isn’t hiding in your network, it’s in your browser. From AI tools to unsanctioned file-sharing sites, security risks live in the apps your users sign into every day. Push maps your organization's true SaaS footprint in real time, exposing apps and accounts with unmanaged access, poor authentication, or no security oversight.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>\u003Cbr>\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fb6811a214c7949b6bbe0b9a3bca62efd",{"large":1097},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125},{"@type":106,"@version":107,"id":1099,"meta":1100,"component":1101,"responsiveStyles":1106},"builder-e2420451ccdc4f088d0a4904cff45935",{"previousId":979},{"name":373,"options":1102,"isRSC":118},{"darkMode":6,"maxWidth":363,"imageMaxWidth":375,"textPaddingTop":376,"title":1103,"description":1104,"reverse":41,"image":1105},"\u003Ch2>Discover hidden SaaS usage\u003C/h2>","\u003Cp>Push captures live browser telemetry across every tab and session. Whether a user signs into a sanctioned app with a personal account or tries a new AI plugin, you’ll see it in real time, with no integrations or manual tagging.\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fe16e301f9af94665b95d98232a863d8a",{"large":1107},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"fontFamily":382,"paddingTop":384,"marginTop":384},{"@type":106,"@version":107,"id":1109,"meta":1110,"component":1111,"responsiveStyles":1116},"builder-b36de7fce7994beea9e58d94662e7166",{"previousId":989},{"name":373,"options":1112,"isRSC":118},{"darkMode":6,"maxWidth":363,"imageMaxWidth":375,"textPaddingTop":389,"title":1113,"description":1114,"reverse":6,"image":1115},"\u003Ch2>Spot risky access and unsafe usage\u003C/h2>","\u003Cp>Discovery is just the beginning. Push flags apps with risky traits, no MFA, no SSO, known vulnerabilities, or broad access scopes. You’ll know which tools introduce real risk, and which users are exposed so you can act with precision.\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F6585f3c242da4d70ae3cb7d02f481bef",{"large":1117},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"paddingTop":395},{"@type":106,"@version":107,"layerName":373,"id":1119,"meta":1120,"component":1121,"responsiveStyles":1126},"builder-dc366b5134684fe7a508edf8913103ea",{"previousId":999},{"name":373,"options":1122,"isRSC":118},{"darkMode":6,"maxWidth":363,"imageMaxWidth":375,"textPaddingTop":400,"title":1123,"description":1124,"reverse":41,"image":1125},"\u003Ch2>Close gaps before they grow\u003C/h2>","\u003Cp>Push turns insight into action. When risky SaaS use is detected, guide users to enable MFA, block high-risk apps, or apply in-browser guardrails automatically. All without deploying new infrastructure or managing dozens of integrations.\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fe6d60b6d91414819bc6258a318f00557",{"large":1127},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"paddingTop":406},{"@type":106,"@version":107,"id":1129,"meta":1130,"component":1131,"responsiveStyles":1133},"builder-8708f6f0d8da4b3f9e17bf16cda70219",{"previousId":1009},{"name":354,"options":1132,"isRSC":118},{"darkMode":6},{"large":1134},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125},{"@type":106,"@version":107,"id":1136,"component":1137,"responsiveStyles":1139},"builder-8ff4b38d60534cf28cb523ab0f754875",{"name":416,"tag":416,"options":1138,"isRSC":118},{"sectionHeading":37,"customClass":418},{"large":1140},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125},{"id":1142,"@type":106,"tagName":131,"properties":1143,"responsiveStyles":1144},"builder-pixel-d1ul2kmxbed",{"src":133,"aria-hidden":134,"alt":37,"role":135,"width":124,"height":124},{"large":1145},{"height":124,"width":124,"display":138,"opacity":124,"overflow":139,"pointerEvents":140},{"deviceSize":142,"location":1147},{"path":37,"query":1148},{},{},1770892936802,1746714967208,"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F01bfb2304521412fbd2e1a1180904d40",[],{"originalContentId":919,"winningTest":118,"lastPreviewUrl":1155,"breakpoints":1156,"kind":438,"hasLinks":6,"hasAutosaves":6},"https://pushsecurity.com/uc/shadow-saas?builder.space=f3a1111ff5be48cdbb123cd9f5795a05&builder.user.permissions=read%2Ccreate%2Cpublish%2CeditCode%2CeditDesigns%2CeditLayouts%2CeditLayers%2CeditContentPriority%2CeditFolders%2CeditProjects%2CmodifyMcpServers%2CmodifyWorkflowIntegrations%2CmodifyProjectSettings%2CconnectCodeRepository%2CcreateProjects%2CindexDesignSystems%2CsendPullRequests&builder.user.role.name=Developer&builder.user.role.id=developer&builder.cachebust=true&builder.preview=use-case-page&builder.noCache=true&builder.allowTextEdit=true&__builder_editing__=true&builder.overrides.use-case-page=5f118e24433d46ceb79f5099987156d7&builder.overrides.5f118e24433d46ceb79f5099987156d7=5f118e24433d46ceb79f5099987156d7&builder.overrides.use-case-page:/uc/shadow-saas=5f118e24433d46ceb79f5099987156d7&builder.options.includeRefs=true&builder.options.enrich=true&builder.options.locale=Default",{"xsmall":57,"small":39,"medium":40},{"createdDate":1158,"id":1159,"name":1160,"modelId":261,"published":13,"query":1161,"data":1164,"variations":1268,"lastUpdated":1269,"firstPublished":1270,"testRatio":33,"screenshot":1271,"createdBy":34,"lastUpdatedBy":674,"folders":1272,"meta":1273,"rev":440},1764707470172,"b62629ce2f3741158d961cd10fe74b31","Shadow AI",[1162],{"@type":264,"property":265,"operator":266,"value":1163},"/uc/shadow-ai",{"fontAwesomeIcon":1165,"seoTitle":1166,"jsCode":37,"customFonts":1167,"title":1172,"tsCode":37,"seoDescription":1173,"blocks":1174,"url":1163,"state":1265},"faBrainCircuit","Secure AI native and AI enhanced apps. ",[1168],{"variants":1169,"category":295,"files":1170,"subsets":1171,"family":272,"kind":273,"menu":296,"lastModified":275,"version":274},[301,302,303,304,305,306,128,307,308,309,310,311,312,313,314,315,316,317],{"100":277,"200":278,"300":279,"500":280,"600":281,"700":282,"800":283,"900":284,"800italic":285,"regular":290,"700italic":287,"200italic":291,"italic":289,"500italic":292,"600italic":294,"300italic":293,"100italic":288,"900italic":286},[298,299],"Secure shadow AI","See and control shadow AI apps in the browser.",[1175,1260],{"@type":106,"@version":107,"tagName":323,"id":1176,"meta":1177,"children":1178},"builder-a6e5717a2c914d5695058e4ee201a05d",{"previousId":1056},[1179,1195,1202,1209,1219,1228,1237,1247,1254],{"@type":106,"@version":107,"id":1180,"meta":1181,"component":1182,"responsiveStyles":1193},"builder-3e0ed678683f4a0eb7aa00253cf263b2",{"previousId":1060},{"name":327,"options":1183,"isRSC":118},{"title":1172,"description":1184,"points":1185,"image":1192},"\u003Cp>Your employees are adopting AI faster than you can track it. From native features in corporate apps to unapproved shadow tools, it’s all happening in the browser. Push detects every AI interaction in real time, letting you categorize apps and enforce acceptable use policies in the browser.\u003C/p>",[1186,1188,1190],{"item":1187},"Map every AI tool used across your workforce",{"item":1189},"Review and classify apps by sensitivity, purpose, and policy status",{"item":1191},"Enforce AI usage rules directly in the browser","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F33cf153d920f4e389f3650253577cff7",{"large":1194},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"backgroundColor":342},{"@type":106,"@version":107,"id":1196,"meta":1197,"component":1198,"responsiveStyles":1200},"builder-76968f8471d14893b8189d75b08fb426",{"previousId":1076},{"name":346,"options":1199,"isRSC":118},{"AllPartners":41,"backgroundTransparent":6},{"large":1201},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"backgroundColor":350},{"@type":106,"@version":107,"id":1203,"meta":1204,"component":1205,"responsiveStyles":1207},"builder-b55b9d4bc5a649d8839ce7f6c2043d95",{"previousId":1083},{"name":354,"options":1206,"isRSC":118},{"darkMode":41},{"large":1208},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125},{"@type":106,"@version":107,"id":1210,"meta":1211,"component":1212,"responsiveStyles":1217},"builder-c3f38ef4d75d4989a29b5903175ed8a1",{"previousId":1090},{"name":359,"tag":359,"options":1213,"isRSC":118},{"darkMode":6,"maxWidth":363,"maxTextWidth":364,"title":1214,"description":1215,"image":1216,"reverse":6},"\u003Ch2>Use your browser to govern AI \u003C/h2>","\u003Cp>The AI footprint inside your company is bigger than you think. From text generators to meeting assistants and design copilots, employees test, adopt, and connect new tools constantly. Push shows you those tools and which users are accessing them, without relying on network scans or API integrations.\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F30b43bda6f1644c19478fb1efa20050c",{"large":1218},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125},{"@type":106,"@version":107,"id":1220,"meta":1221,"component":1222,"responsiveStyles":1226},"builder-90ee9cb9afc44e7f885523715bf51a53",{"previousId":1099},{"name":373,"options":1223,"isRSC":118},{"darkMode":6,"maxWidth":363,"imageMaxWidth":375,"textPaddingTop":376,"title":1224,"description":1225,"reverse":41,"image":1115},"\u003Ch2>Discover every AI tool users touch\u003C/h2>","\u003Cp>Push captures live telemetry from the browser, identifying every AI-native and AI-enhanced application users access. You’ll know which corporate identities are connected, how data flows, and what new AI apps appear across your environment. \u003C/p>",{"large":1227},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"fontFamily":382,"paddingTop":384,"marginTop":384},{"@type":106,"@version":107,"id":1229,"meta":1230,"component":1231,"responsiveStyles":1235},"builder-9e44539fa53c4d8e87406036c921fc46",{"previousId":1109},{"name":373,"options":1232,"isRSC":118},{"darkMode":6,"maxWidth":363,"imageMaxWidth":375,"textPaddingTop":389,"title":1233,"description":1234,"reverse":6,"image":1125},"\u003Ch2>Classify and manage AI risk\u003C/h2>","\u003Cp>For apps you choose to allow, Push lets you apply custom in-browser banners. You can bulk-select categories of AI tools and require users to read and acknowledge your acceptable use policy before they proceed. This creates an auditable trail and moves policy from an easy to forget document to an active, in-workflow control.\u003C/p>",{"large":1236},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"paddingTop":395},{"@type":106,"@version":107,"layerName":373,"id":1238,"meta":1239,"component":1240,"responsiveStyles":1245},"builder-44c1a891926f4bdeaaa37e90721fe6ac",{"previousId":1119},{"name":373,"options":1241,"isRSC":118},{"darkMode":6,"maxWidth":363,"imageMaxWidth":375,"textPaddingTop":400,"title":1242,"description":1243,"reverse":41,"image":1244},"\u003Ch2>Enforce your AI policy in the browser\u003C/h2>","\u003Cp>When an AI tool is deemed non-compliant or too risky, Push blocks it at the source. The block happens directly in the browser, preventing the user from accessing the site or submitting data. This gives you an immediate, powerful lever to stop data exfiltration and enforce a hard line on unacceptable risk.\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fa359ac1805af4e15a8a7f84632b9bb55",{"large":1246},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125,"paddingTop":406},{"@type":106,"@version":107,"id":1248,"meta":1249,"component":1250,"responsiveStyles":1252},"builder-dcc906f9cbe54dc68b3c672668e7a38f",{"previousId":1129},{"name":354,"options":1251,"isRSC":118},{"darkMode":6},{"large":1253},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125},{"@type":106,"@version":107,"id":1255,"component":1256,"responsiveStyles":1258},"builder-d2d64780c31b4349bc75805b23a07e38",{"name":416,"tag":416,"options":1257,"isRSC":118},{"sectionHeading":37,"customClass":418},{"large":1259},{"display":121,"flexDirection":122,"position":123,"flexShrink":124,"boxSizing":125},{"id":1261,"@type":106,"tagName":131,"properties":1262,"responsiveStyles":1263},"builder-pixel-wxx9tk70r9p",{"src":133,"aria-hidden":134,"alt":37,"role":135,"width":124,"height":124},{"large":1264},{"height":124,"width":124,"display":138,"opacity":124,"overflow":139,"pointerEvents":140},{"deviceSize":142,"location":1266},{"path":37,"query":1267},{},{},1770892957225,1764950077593,"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fe558b8b069884037a8e6904f7ecc029c",[],{"winningTest":118,"breakpoints":1274,"originalContentId":1039,"kind":438,"lastPreviewUrl":1275,"hasLinks":6,"hasAutosaves":41},{"xsmall":57,"small":39,"medium":40},"https://pushsecurity.com/uc/shadow-ai?builder.space=f3a1111ff5be48cdbb123cd9f5795a05&builder.user.permissions=read%2Ccreate%2Cpublish%2CeditCode%2CeditDesigns%2CeditLayouts%2CeditLayers%2CeditContentPriority%2CeditFolders%2CeditProjects%2CmodifyMcpServers%2CmodifyWorkflowIntegrations%2CmodifyProjectSettings%2CconnectCodeRepository%2CcreateProjects%2CindexDesignSystems%2CsendPullRequests&builder.user.role.name=Developer&builder.user.role.id=developer&builder.cachebust=true&builder.preview=use-case-page&builder.noCache=true&builder.allowTextEdit=true&__builder_editing__=true&builder.overrides.use-case-page=b62629ce2f3741158d961cd10fe74b31&builder.overrides.b62629ce2f3741158d961cd10fe74b31=b62629ce2f3741158d961cd10fe74b31&builder.overrides.use-case-page:/uc/shadow-ai=b62629ce2f3741158d961cd10fe74b31&builder.options.includeRefs=true&builder.options.enrich=true&builder.options.locale=Default",{"_path":1277,"_dir":1278,"_draft":6,"_partial":6,"_locale":37,"sys":1279,"ogImage":118,"summary":1282,"title":1296,"subtitle":118,"metaTitle":1297,"synopsis":1298,"hashTags":118,"publishedDate":1299,"slug":1300,"tagsCollection":1301,"relatedBlogPostsCollection":1311,"authorsCollection":2274,"content":2278,"_id":2815,"_type":2816,"_source":2817,"_file":2818,"_stem":2819,"_extension":2816},"/blog/third-party-risk-management","blog",{"id":1280,"publishedAt":1281},"6fxxX6Ppu1FW2KARa1GloZ","2026-01-30T09:36:46.724Z",{"json":1283},{"data":1284,"content":1285,"nodeType":1295},{},[1286],{"data":1287,"content":1288,"nodeType":1294},{},[1289],{"data":1290,"marks":1291,"value":1292,"nodeType":1293},{},[],"Third-Party Risk Management (TPRM) is the process of identifying, assessing, and mitigating potential risks associated with third-party relationships, such as suppliers, vendors, service providers, or subcontractors. These external entities play integral roles in a company's operations, making it essential to manage the risks they may introduce.","text","paragraph","document","Understanding Third-Party Risk Management (TPRM): how to protect your organization","What is Third-Party Risk Management","In this article, we define third-party risk management and explore additional approaches that can help manage third-party risk.\n","2023-10-31T00:00:00.000Z","third-party-risk-management",{"items":1302},[1303,1307],{"sys":1304,"name":1306},{"id":1305},"3pjES4THCIfSAwhGdNwBcy","Identity security",{"sys":1308,"name":1310},{"id":1309},"1gZi8NrRy2v9OqPV7C4dwD","Risk management",{"items":1312},[1313,1738],{"__typename":1314,"sys":1315,"content":1317,"title":1720,"synopsis":1721,"hashTags":118,"publishedDate":1722,"slug":1723,"tagsCollection":1724,"authorsCollection":1730},"BlogPosts",{"id":1316},"6DXY81om8HSVmh3q7YRNfl",{"json":1318},{"nodeType":1295,"data":1319,"content":1320},{},[1321,1329,1336,1343,1350,1359,1366,1373,1380,1389,1396,1403,1411,1418,1424,1431,1438,1444,1451,1458,1465,1476,1483,1503,1558,1564,1571,1578,1584,1591,1598,1619,1625,1632,1655,1662,1668,1676,1683,1689,1701,1708,1714],{"nodeType":1322,"data":1323,"content":1324},"heading-1",{},[1325],{"nodeType":1293,"value":1326,"marks":1327,"data":1328},"Introduction",[],{},{"nodeType":1294,"data":1330,"content":1331},{},[1332],{"nodeType":1293,"value":1333,"marks":1334,"data":1335},"SaaS vendors have changed how software is adopted into a business. Now, the majority of SaaS vendors use a product-led growth model - which simply means they want users (your employees) to self-adopt their apps, start using them (with real data), and become a useful tool for the employee. ",[],{},{"nodeType":1294,"data":1337,"content":1338},{},[1339],{"nodeType":1293,"value":1340,"marks":1341,"data":1342},"Vendors want to bypass the security and IT software-onboarding processes we’d all gotten used to in the past. They know if they prove their tool is valuable with the user from the start, it’s much easier and quicker for them to gain traction and customers than it was waiting for security and IT teams to audit (and potentially refuse) their software.",[],{},{"nodeType":1294,"data":1344,"content":1345},{},[1346],{"nodeType":1293,"value":1347,"marks":1348,"data":1349},"The result of this...",[],{},{"nodeType":1294,"data":1351,"content":1352},{},[1353],{"nodeType":1293,"value":1354,"marks":1355,"data":1358},"Employees are self-adopting SaaS apps and creating new cloud identities on their own, without IT approval",[1356],{"type":1357},"bold",{},{"nodeType":1294,"data":1360,"content":1361},{},[1362],{"nodeType":1293,"value":1363,"marks":1364,"data":1365},"This self-adoption has turned the product-adoption process on its head - leaving security and IT teams blind to which apps sensitive company data is flowing into.",[],{},{"nodeType":1294,"data":1367,"content":1368},{},[1369],{"nodeType":1293,"value":1370,"marks":1371,"data":1372},"Now that IT and security have to not only find these accounts, identities and apps, but keep sensitive corporate data secure across all cloud services, where do you start? ",[],{},{"nodeType":1294,"data":1374,"content":1375},{},[1376],{"nodeType":1293,"value":1377,"marks":1378,"data":1379},"You could consider a solution like Push, which has built-in features to find and secure identities your employees have created and guide them to harden their accounts against attacks.",[],{},{"nodeType":1381,"data":1382,"content":1388},"embedded-entry-block",{"target":1383},{"sys":1384},{"id":1385,"type":1386,"linkType":1387},"6iKFd9Qys2SSuNqKVQB7ka","Link","Entry",[],{"nodeType":1322,"data":1390,"content":1391},{},[1392],{"nodeType":1293,"value":1393,"marks":1394,"data":1395},"Push gives you complete visibility, helps you identify risks, and works with employees to secure accounts ",[],{},{"nodeType":1294,"data":1397,"content":1398},{},[1399],{"nodeType":1293,"value":1400,"marks":1401,"data":1402},"It probably won’t come as a surprise to find out that we’ve designed Push so security teams can get a handle on employee-adopted SaaS apps without needing to block them.",[],{},{"nodeType":1404,"data":1405,"content":1406},"heading-2",{},[1407],{"nodeType":1293,"value":1408,"marks":1409,"data":1410},"1. Get visibility of shadow SaaS apps and shadow identities",[],{},{"nodeType":1294,"data":1412,"content":1413},{},[1414],{"nodeType":1293,"value":1415,"marks":1416,"data":1417},"If you’re going to get a handle on employee-adopted SaaS apps, you need to get visibility \nof them first. Push uses data from our browser extension to find SaaS apps that employees sign  into with usernames and passwords and SSO (OIDC). This gives you complete visibility of your SaaS environment, including shadow SaaS apps and cloud accounts that are not managed by IT. ",[],{},{"nodeType":1381,"data":1419,"content":1423},{"target":1420},{"sys":1421},{"id":1422,"type":1386,"linkType":1387},"64S2LPmlKfXD924iZaRMc6",[],{"nodeType":1404,"data":1425,"content":1426},{},[1427],{"nodeType":1293,"value":1428,"marks":1429,"data":1430},"2. Detect the new apps, integrations and identities in real time",[],{},{"nodeType":1294,"data":1432,"content":1433},{},[1434],{"nodeType":1293,"value":1435,"marks":1436,"data":1437},"Push detects employees signing up to new apps, or integrating third-party apps to your core work platforms in real-time. That allows you to step in at the earliest opportunity to check out the app and guide the employee through the appropriate app onboarding steps. ",[],{},{"nodeType":1381,"data":1439,"content":1443},{"target":1440},{"sys":1441},{"id":1442,"type":1386,"linkType":1387},"3XcJ9NQtRq7jUt5iAuxZMt",[],{"nodeType":1404,"data":1445,"content":1446},{},[1447],{"nodeType":1293,"value":1448,"marks":1449,"data":1450},"3. Avoid wasting time on false-positives",[],{},{"nodeType":1294,"data":1452,"content":1453},{},[1454],{"nodeType":1293,"value":1455,"marks":1456,"data":1457},"You need to trust your data if you want to take action to manage risks. Email and network data all infers SaaS usage from indicators such as emails from vendors and website visits. But as you can imagine, that won’t always point to usage, and so false positives are inevitable. Doing risk assessments or chasing employees about apps employees are not actually using wastes time and burns goodwill. ",[],{},{"nodeType":1294,"data":1459,"content":1460},{},[1461],{"nodeType":1293,"value":1462,"marks":1463,"data":1464},"Push uses a browser extension to accurately identify the SaaS apps employees are using and any security issues that attackers can exploit to compromise your data through common attacks like credential stuffing and brute forcing. ",[],{},{"nodeType":1466,"data":1467,"content":1468},"blockquote",{},[1469],{"nodeType":1294,"data":1470,"content":1471},{},[1472],{"nodeType":1293,"value":1473,"marks":1474,"data":1475},"Push is the only identity security solution that can directly observe all SaaS use and detect account vulnerabilities - completely automatically. No need for API support, no need for an admin account. It just works.",[],{},{"nodeType":1404,"data":1477,"content":1478},{},[1479],{"nodeType":1293,"value":1480,"marks":1481,"data":1482},"4. Identify account security risks and discover shadow SaaS at the same time",[],{},{"nodeType":1294,"data":1484,"content":1485},{},[1486,1490,1499],{"nodeType":1293,"value":1487,"marks":1488,"data":1489},"Supply chain risk is important, but we’d argue the risk of identity-based attacks are greater for most organizations. 49% of the incidents in the 2023 Verizon DBIR involved credentials, and Crowdstrike have reported that 80% of the attacks they detected ",[],{},{"nodeType":1491,"data":1492,"content":1494},"hyperlink",{"uri":1493},"https://www.crowdstrike.com/cybersecurity-101/identity-security/identity-based-attacks/",[1495],{"nodeType":1293,"value":1496,"marks":1497,"data":1498},"used identity-based attack techniques",[],{},{"nodeType":1293,"value":1500,"marks":1501,"data":1502},". Push can identify account security issues that make it possible for attackers to compromise your employees accounts using credential stuffing, brute forcing and consent phishing attacks. These include:",[],{},{"nodeType":1504,"data":1505,"content":1506},"unordered-list",{},[1507,1518,1528,1538,1548],{"nodeType":1508,"data":1509,"content":1510},"list-item",{},[1511],{"nodeType":1294,"data":1512,"content":1513},{},[1514],{"nodeType":1293,"value":1515,"marks":1516,"data":1517},"Compromised passwords",[],{},{"nodeType":1508,"data":1519,"content":1520},{},[1521],{"nodeType":1294,"data":1522,"content":1523},{},[1524],{"nodeType":1293,"value":1525,"marks":1526,"data":1527},"Guessable passwords (and not using a password manager for storing complex passwords)",[],{},{"nodeType":1508,"data":1529,"content":1530},{},[1531],{"nodeType":1294,"data":1532,"content":1533},{},[1534],{"nodeType":1293,"value":1535,"marks":1536,"data":1537},"Account-sharing between multiple employees",[],{},{"nodeType":1508,"data":1539,"content":1540},{},[1541],{"nodeType":1294,"data":1542,"content":1543},{},[1544],{"nodeType":1293,"value":1545,"marks":1546,"data":1547},"Reusing passwords across multiple accounts",[],{},{"nodeType":1508,"data":1549,"content":1550},{},[1551],{"nodeType":1294,"data":1552,"content":1553},{},[1554],{"nodeType":1293,"value":1555,"marks":1556,"data":1557},"Missing MFA",[],{},{"nodeType":1381,"data":1559,"content":1563},{"target":1560},{"sys":1561},{"id":1562,"type":1386,"linkType":1387},"3y9oXd2vV1IGL0ci97qXz1",[],{"nodeType":1294,"data":1565,"content":1566},{},[1567],{"nodeType":1293,"value":1568,"marks":1569,"data":1570},"We identify these issues at the same time we discover shadow SaaS apps, so you can tackle identity-based attack risks at the same time as supply chain risk to reduce your overall risk exposure faster.",[],{},{"nodeType":1294,"data":1572,"content":1573},{},[1574],{"nodeType":1293,"value":1575,"marks":1576,"data":1577},"Push can help you reduce these risks by engaging employees directly via Slack or MS Teams, explain the account security issue we’ve identified in a way they’ll understand, and guide them on how to fix it.",[],{},{"nodeType":1381,"data":1579,"content":1583},{"target":1580},{"sys":1581},{"id":1582,"type":1386,"linkType":1387},"2ff4hEKJ1CqKjPMaVPTxHp",[],{"nodeType":1404,"data":1585,"content":1586},{},[1587],{"nodeType":1293,"value":1588,"marks":1589,"data":1590},"5. Use Push to secure accounts that aren’t behind SSO",[],{},{"nodeType":1294,"data":1592,"content":1593},{},[1594],{"nodeType":1293,"value":1595,"marks":1596,"data":1597},"In an ideal world, you could stick all your SaaS apps and accounts behind your SSO solution. With SAML SSO, there’s just one identity, just one password, and you can centrally deprovision accounts when employees leave the organization. You’re probably already paying for a SAML IdP (Identity Provider) like Google Directory or Azure AD. Many others are using tools like Okta.",[],{},{"nodeType":1294,"data":1599,"content":1600},{},[1601,1605,1615],{"nodeType":1293,"value":1602,"marks":1603,"data":1604},"Unfortunately,  ",[],{},{"nodeType":1491,"data":1606,"content":1608},{"uri":1607},"https://pushsecurity.com/blog/what-is-credential-stuffing/",[1609],{"nodeType":1293,"value":1610,"marks":1611,"data":1614},"SSO is only available on around 31% of work apps we explored",[1612],{"type":1613},"underline",{},{"nodeType":1293,"value":1616,"marks":1617,"data":1618},". ",[],{},{"nodeType":1381,"data":1620,"content":1624},{"target":1621},{"sys":1622},{"id":1623,"type":1386,"linkType":1387},"73E93otbLKilAM2U48WRho",[],{"nodeType":1294,"data":1626,"content":1627},{},[1628],{"nodeType":1293,"value":1629,"marks":1630,"data":1631},"So, with SSO unavailable for most apps, you can rely on Push to ensure strong access controls on non-SSO accounts, things like: ",[],{},{"nodeType":1504,"data":1633,"content":1634},{},[1635,1645],{"nodeType":1508,"data":1636,"content":1637},{},[1638],{"nodeType":1294,"data":1639,"content":1640},{},[1641],{"nodeType":1293,"value":1642,"marks":1643,"data":1644},"using strong, unique passwords, and",[],{},{"nodeType":1508,"data":1646,"content":1647},{},[1648],{"nodeType":1294,"data":1649,"content":1650},{},[1651],{"nodeType":1293,"value":1652,"marks":1653,"data":1654},"utilizing multi factor authentication (MFA). ",[],{},{"nodeType":1294,"data":1656,"content":1657},{},[1658],{"nodeType":1293,"value":1659,"marks":1660,"data":1661},"These authentication controls, when used in conjunction with one another,  are very effective in protecting SaaS accounts from identity-based attack techniques. When Push detects that these controls are not in place, we automatically engage users via Slack or Teams and guide them to fix the issues.",[],{},{"nodeType":1381,"data":1663,"content":1667},{"target":1664},{"sys":1665},{"id":1666,"type":1386,"linkType":1387},"6b8N3UOfciGnDBu78I1I2i",[],{"nodeType":1294,"data":1669,"content":1670},{},[1671],{"nodeType":1293,"value":1672,"marks":1673,"data":1675},"Prevent new identity vulnerabilities being created",[1674],{"type":1357},{},{"nodeType":1294,"data":1677,"content":1678},{},[1679],{"nodeType":1293,"value":1680,"marks":1681,"data":1682},"Once you’ve been able to fix the security issues on all your existing cloud accounts, you want to make sure that new vulnerabilities don’t creep back in.. When Push detects an employee creating a new account in their browser, we’ll guide them \nto set up strong access controls on their account. ",[],{},{"nodeType":1381,"data":1684,"content":1688},{"target":1685},{"sys":1686},{"id":1687,"type":1386,"linkType":1387},"PUluIhvb6a498j1lD5W6N",[],{"nodeType":1404,"data":1690,"content":1691},{},[1692,1696],{"nodeType":1293,"value":1693,"marks":1694,"data":1695},"\n6. Get a handle on employee-adopted apps ",[],{},{"nodeType":1293,"value":1697,"marks":1698,"data":1700},"without being a blocker",[1699],{"type":312},{},{"nodeType":1294,"data":1702,"content":1703},{},[1704],{"nodeType":1293,"value":1705,"marks":1706,"data":1707},"By using Push, you gain complete visibility of all SaaS apps in your environment, including those adopted by employees without the oversight of IT and Security. We’ll automatically find the security issues that put your data at risk and guide employees to fix them. This allows you to embrace app self-adoption and adopt a default allow approach that enables your business while scaling security so you don’t lose control of SaaS security risks.  ",[],{},{"nodeType":1381,"data":1709,"content":1713},{"target":1710},{"sys":1711},{"id":1712,"type":1386,"linkType":1387},"2y0INxqAi594O7rCAVKhTI",[],{"nodeType":1294,"data":1715,"content":1716},{},[1717],{"nodeType":1293,"value":37,"marks":1718,"data":1719},[],{},"6 ways to manage third-party access to your data with Push","Employees are self-adopting SaaS apps and creating new cloud identities without IT approval. Learn how to manage which third parties have access to your data.\n","2023-10-11T00:00:00.000Z","manage-third-party-data-access",{"items":1725},[1726,1728],{"sys":1727,"name":1306},{"id":1305},{"sys":1729,"name":1310},{"id":1309},{"items":1731},[1732],{"fullName":1733,"firstName":1734,"jobTitle":1735,"profilePicture":1736},"Sally Soulliere","Sally","Head of Brand & Content",{"url":1737},"https://images.ctfassets.net/y1cdw1ablpvd/7Gh4SbbEj6Zsbd6OzGto8Q/885041a4ddeccc5ef3045c0e22975ef4/T016S22KZ96-U036FPETQRH-330f87708d26-192.jpeg",{"__typename":1314,"sys":1739,"content":1741,"title":2254,"synopsis":2255,"hashTags":118,"publishedDate":2256,"slug":2257,"tagsCollection":2258,"authorsCollection":2266},{"id":1740},"1I9skXuLjbdjnc6rAVkaS3",{"json":1742},{"nodeType":1295,"data":1743,"content":1744},{},[1745,1751,1758,1765,1772,1779,1804,1816,1839,1846,1853,1869,1876,1883,1890,1897,1904,1911,1917,1924,2002,2009,2015,2022,2029,2050,2057,2064,2087,2109,2116,2123,2156,2162,2169,2190,2197,2204,2226,2233,2240,2247],{"nodeType":1322,"data":1746,"content":1747},{},[1748],{"nodeType":1293,"value":1326,"marks":1749,"data":1750},[],{},{"nodeType":1294,"data":1752,"content":1753},{},[1754],{"nodeType":1293,"value":1755,"marks":1756,"data":1757},"Employees are signing up to cloud apps on their own every day in their organizations. When they sign up with a password, they have created a new account and a new identity on that app. ",[],{},{"nodeType":1294,"data":1759,"content":1760},{},[1761],{"nodeType":1293,"value":1762,"marks":1763,"data":1764},"Why both? If they had instead clicked on “Signup with Google,” they would have created a new account, but would have been using their Google identity that already exists. ",[],{},{"nodeType":1404,"data":1766,"content":1767},{},[1768],{"nodeType":1293,"value":1769,"marks":1770,"data":1771},"Types of identities",[],{},{"nodeType":1294,"data":1773,"content":1774},{},[1775],{"nodeType":1293,"value":1776,"marks":1777,"data":1778},"This informally introduces the concept of an identity provider - a place that stores primary identity information (including email address, password and other profile information).",[],{},{"nodeType":1294,"data":1780,"content":1781},{},[1782,1786,1791,1795,1800],{"nodeType":1293,"value":1783,"marks":1784,"data":1785},"When someone creates a new account with a password, a new ",[],{},{"nodeType":1293,"value":1787,"marks":1788,"data":1790},"local identity",[1789],{"type":312},{},{"nodeType":1293,"value":1792,"marks":1793,"data":1794}," has been created. In contrast, they probably use a ",[],{},{"nodeType":1293,"value":1796,"marks":1797,"data":1799},"centralized identity",[1798],{"type":312},{},{"nodeType":1293,"value":1801,"marks":1802,"data":1803}," to access business email and other core business apps. This means that the number of accounts and number of identities that an employee has are probably different.",[],{},{"nodeType":1294,"data":1805,"content":1806},{},[1807,1812],{"nodeType":1293,"value":1808,"marks":1809,"data":1811},"Local identities",[1810],{"type":312},{},{"nodeType":1293,"value":1813,"marks":1814,"data":1815}," are often unknown by security/IT teams as there are no easy observation points for them. These local identities, which employees create to sign up for new tools that help them with their job, can also open the door to potential breaches if not secured properly. ",[],{},{"nodeType":1294,"data":1817,"content":1818},{},[1819,1823,1835],{"nodeType":1293,"value":1820,"marks":1821,"data":1822},"In the ",[],{},{"nodeType":1824,"data":1825,"content":1829},"entry-hyperlink",{"target":1826},{"sys":1827},{"id":1828,"type":1386,"linkType":1387},"3eCWNBg1avThJNsZSwaq1y",[1830],{"nodeType":1293,"value":1831,"marks":1832,"data":1834},"shared responsibility model",[1833],{"type":1613},{},{"nodeType":1293,"value":1836,"marks":1837,"data":1838}," of cloud security, most apps only require that organizations secure user accounts and the vendor takes care of the rest. But how do security teams secure identities that they don’t even know about? ",[],{},{"nodeType":1294,"data":1840,"content":1841},{},[1842],{"nodeType":1293,"value":1843,"marks":1844,"data":1845},"In this blog post, we'll delve into the world of shadow identities and how security teams can find and secure them.",[],{},{"nodeType":1322,"data":1847,"content":1848},{},[1849],{"nodeType":1293,"value":1850,"marks":1851,"data":1852},"What is a shadow identity? ",[],{},{"nodeType":1294,"data":1854,"content":1855},{},[1856,1860,1865],{"nodeType":1293,"value":1857,"marks":1858,"data":1859},"A shadow identity",[],{},{"nodeType":1293,"value":1861,"marks":1862,"data":1864}," ",[1863],{"type":1357},{},{"nodeType":1293,"value":1866,"marks":1867,"data":1868},"is an identity a security/IT team is not aware of. Most often (but not exclusively) these exist outside IT-managed identity providers as local accounts on SaaS apps. ",[],{},{"nodeType":1294,"data":1870,"content":1871},{},[1872],{"nodeType":1293,"value":1873,"marks":1874,"data":1875},"These shadow identities introduce risk to the organization. However, once an organization’s security/IT function has visibility of an identity on an ongoing basis it is no-longer a \"shadow identity,\" and becomes just a normal identity - even if it’s on a third-party app.",[],{},{"nodeType":1404,"data":1877,"content":1878},{},[1879],{"nodeType":1293,"value":1880,"marks":1881,"data":1882},"Where do centralized identities fit in? ",[],{},{"nodeType":1294,"data":1884,"content":1885},{},[1886],{"nodeType":1293,"value":1887,"marks":1888,"data":1889},"Most organizations have a central identity provider (e.g. AzureAD/Google Directory/Okta) that stores login credentials and profile information for each employee. Most organizations strive to connect their identity provider (IdP) to all the apps they use. ",[],{},{"nodeType":1294,"data":1891,"content":1892},{},[1893],{"nodeType":1293,"value":1894,"marks":1895,"data":1896},"It’s a noble goal because it allows efforts to be focused on securing only a single set of credentials and MFA per employee. However, the reality is that this isn’t practical and there are many reasons why each employee only having only a single identity is only a dream (it’s a good one though!). More on this later.",[],{},{"nodeType":1322,"data":1898,"content":1899},{},[1900],{"nodeType":1293,"value":1901,"marks":1902,"data":1903},"Understanding shadow identity security risks",[],{},{"nodeType":1294,"data":1905,"content":1906},{},[1907],{"nodeType":1293,"value":1908,"marks":1909,"data":1910},"Since shadow identities (or shadow cloud identities) cannot get the same level of security attention as IT-managed identities because they’re unknown, they’re usually not as tightly secured as other identities in the business. ",[],{},{"nodeType":1381,"data":1912,"content":1916},{"target":1913},{"sys":1914},{"id":1915,"type":1386,"linkType":1387},"35WMjPHXP2v0qtEaUMIBAS",[],{"nodeType":1294,"data":1918,"content":1919},{},[1920],{"nodeType":1293,"value":1921,"marks":1922,"data":1923},"Common security risks in shadow identities:",[],{},{"nodeType":1504,"data":1925,"content":1926},{},[1927,1942,1957,1972,1987],{"nodeType":1508,"data":1928,"content":1929},{},[1930],{"nodeType":1294,"data":1931,"content":1932},{},[1933,1938],{"nodeType":1293,"value":1934,"marks":1935,"data":1937},"Weak password",[1936],{"type":1357},{},{"nodeType":1293,"value":1939,"marks":1940,"data":1941}," - they could be using a really basic password like the person’s name or some other dictionary word (or some combination that gets accepted by the complexity checks on the app e.g. Password1!).",[],{},{"nodeType":1508,"data":1943,"content":1944},{},[1945],{"nodeType":1294,"data":1946,"content":1947},{},[1948,1953],{"nodeType":1293,"value":1949,"marks":1950,"data":1952},"Leaked password",[1951],{"type":1357},{},{"nodeType":1293,"value":1954,"marks":1955,"data":1956}," - the password used has been leaked in a public data breach. Attackers often attempt to gain access to accounts using leaked passwords. This attack is called “credential stuffing.”",[],{},{"nodeType":1508,"data":1958,"content":1959},{},[1960],{"nodeType":1294,"data":1961,"content":1962},{},[1963,1968],{"nodeType":1293,"value":1964,"marks":1965,"data":1967},"Reused passwords",[1966],{"type":1357},{},{"nodeType":1293,"value":1969,"marks":1970,"data":1971}," - the password set is used across other identities. This means that if an attacker got access to one password (via phishing or other means), they would be able to access more than one identity or app.",[],{},{"nodeType":1508,"data":1973,"content":1974},{},[1975],{"nodeType":1294,"data":1976,"content":1977},{},[1978,1983],{"nodeType":1293,"value":1979,"marks":1980,"data":1982},"No MFA",[1981],{"type":1357},{},{"nodeType":1293,"value":1984,"marks":1985,"data":1986}," - no multifactor authentication is enabled on the account. This means that any of the above problems could lead to a direct compromise without any additional hindrances.",[],{},{"nodeType":1508,"data":1988,"content":1989},{},[1990],{"nodeType":1294,"data":1991,"content":1992},{},[1993,1998],{"nodeType":1293,"value":1994,"marks":1995,"data":1997},"No authentication logs ",[1996],{"type":1357},{},{"nodeType":1293,"value":1999,"marks":2000,"data":2001},"- on centralized identities, it’s possible to see the app an identity was used on, the geographical location of the user and even the device. Contextual information like this would obviously not be available to the security/IT team for a shadow identity, so detecting compromises from unusual or suspicious activity is not possible.",[],{},{"nodeType":1322,"data":2003,"content":2004},{},[2005],{"nodeType":1293,"value":2006,"marks":2007,"data":2008},"Managing shadow identity and shadow cloud identity risk ",[],{},{"nodeType":1381,"data":2010,"content":2014},{"target":2011},{"sys":2012},{"id":2013,"type":1386,"linkType":1387},"34SORjKga52MSgBaZddxGJ",[],{"nodeType":1404,"data":2016,"content":2017},{},[2018],{"nodeType":1293,"value":2019,"marks":2020,"data":2021},"Get visibility to bring identities out of the shadows",[],{},{"nodeType":1294,"data":2023,"content":2024},{},[2025],{"nodeType":1293,"value":2026,"marks":2027,"data":2028},"This goes for existing identities or new ones being created. Having visibility is the first step - nothing can be secured if neither security nor IT can see them. Visibility allows organizations to start managing the risks these identities introduce.",[],{},{"nodeType":1294,"data":2030,"content":2031},{},[2032,2036,2046],{"nodeType":1293,"value":2033,"marks":2034,"data":2035},"We think the best source of discovering identities is a browser extension. Read ",[],{},{"nodeType":1824,"data":2037,"content":2041},{"target":2038},{"sys":2039},{"id":2040,"type":1386,"linkType":1387},"19dT3oWX2H3EYtZIT3J5UO",[2042],{"nodeType":1293,"value":2043,"marks":2044,"data":2045},"our post ",[],{},{"nodeType":1293,"value":2047,"marks":2048,"data":2049},"on the pros and cons of this approach. ",[],{},{"nodeType":1404,"data":2051,"content":2052},{},[2053],{"nodeType":1293,"value":2054,"marks":2055,"data":2056},"Centralize identities as far as possible",[],{},{"nodeType":1294,"data":2058,"content":2059},{},[2060],{"nodeType":1293,"value":2061,"marks":2062,"data":2063},"The ideal number of identities per employee is 1. However, there are quite a few reasons why this will not be possible. Here’s just a few:",[],{},{"nodeType":1504,"data":2065,"content":2066},{},[2067,2077],{"nodeType":1508,"data":2068,"content":2069},{},[2070],{"nodeType":1294,"data":2071,"content":2072},{},[2073],{"nodeType":1293,"value":2074,"marks":2075,"data":2076},"SSO tax - a practice where vendors put SSO support as part of their “Enterprise” tiers which are a lot more expensive (and usually bundled with unneeded features)",[],{},{"nodeType":1508,"data":2078,"content":2079},{},[2080],{"nodeType":1294,"data":2081,"content":2082},{},[2083],{"nodeType":1293,"value":2084,"marks":2085,"data":2086},"Lack of support - our research shows that 69% of the top 500 apps don’t even offer SAML SSO support at any license tier.",[],{},{"nodeType":1294,"data":2088,"content":2089},{},[2090,2094,2105],{"nodeType":1293,"value":2091,"marks":2092,"data":2093},"On apps where SAML SSO support is not possible, we encourage organizations to make use of OIDC logins (“Login with Google” for Google Workspace customers). This lacks some of the manageability of SAML, but still makes use of the company’s Google identity - which is MUCH better than creating a new local identity using a password. We’ve written about this in more detail ",[],{},{"nodeType":1824,"data":2095,"content":2099},{"target":2096},{"sys":2097},{"id":2098,"type":1386,"linkType":1387},"1pbtctbbJRqLuz8dOsecOt",[2100],{"nodeType":1293,"value":2101,"marks":2102,"data":2104},"here",[2103],{"type":1613},{},{"nodeType":1293,"value":2106,"marks":2107,"data":2108},". Centralizing identities is an essential part of a good IAM governance and compliance initiative.",[],{},{"nodeType":1404,"data":2110,"content":2111},{},[2112],{"nodeType":1293,"value":2113,"marks":2114,"data":2115},"If centralizing isn’t an option, secure them",[],{},{"nodeType":1294,"data":2117,"content":2118},{},[2119],{"nodeType":1293,"value":2120,"marks":2121,"data":2122},"If security teams can’t use a centralized identity for whatever reason, ensure the newly created one is secured to reduce risk. To do this:",[],{},{"nodeType":1504,"data":2124,"content":2125},{},[2126,2136,2146],{"nodeType":1508,"data":2127,"content":2128},{},[2129],{"nodeType":1294,"data":2130,"content":2131},{},[2132],{"nodeType":1293,"value":2133,"marks":2134,"data":2135},"Use a strong, unique password stored in a password manager",[],{},{"nodeType":1508,"data":2137,"content":2138},{},[2139],{"nodeType":1294,"data":2140,"content":2141},{},[2142],{"nodeType":1293,"value":2143,"marks":2144,"data":2145},"Enable MFA. Bonus points for a strong method like WebAuthn (if you have a Mac, look at that lovely fingerprint reader). TOTP is still totally fine.",[],{},{"nodeType":1508,"data":2147,"content":2148},{},[2149],{"nodeType":1294,"data":2150,"content":2151},{},[2152],{"nodeType":1293,"value":2153,"marks":2154,"data":2155},"Engage directly with employees to help them do the above. We recommend that this process be automated to make it manageable for security and IT teams. For example:",[],{},{"nodeType":1381,"data":2157,"content":2161},{"target":2158},{"sys":2159},{"id":2160,"type":1386,"linkType":1387},"6LlNqtWam4jtXbxMcEbabB",[],{"nodeType":1404,"data":2163,"content":2164},{},[2165],{"nodeType":1293,"value":2166,"marks":2167,"data":2168},"Keep authentication logs centrally",[],{},{"nodeType":1294,"data":2170,"content":2171},{},[2172,2176,2186],{"nodeType":1293,"value":2173,"marks":2174,"data":2175},"The ability to see what app a user has logged into, from which device and location is invaluable during an incident. Identity providers allow security teams to stream logs to their favorite security analytics tools, but identities outside of it will not be possible to monitor. Unless Security have a separate data source that allows them to see authentication activity (I’m looking at you, ",[],{},{"nodeType":1824,"data":2177,"content":2180},{"target":2178},{"sys":2179},{"id":2040,"type":1386,"linkType":1387},[2181],{"nodeType":1293,"value":2182,"marks":2183,"data":2185},"browser extension",[2184],{"type":1613},{},{"nodeType":1293,"value":2187,"marks":2188,"data":2189},"). ",[],{},{"nodeType":1294,"data":2191,"content":2192},{},[2193],{"nodeType":1293,"value":2194,"marks":2195,"data":2196},"Expanding coverage to shadow identities will allow organizations to expand their monitoring use cases and better cover risks on apps that can’t be hooked into SSO. This will also go a long way in helping with compliance and IAM governance, so it’s a win-win.",[],{},{"nodeType":1404,"data":2198,"content":2199},{},[2200],{"nodeType":1293,"value":2201,"marks":2202,"data":2203},"Have an incident response plan ",[],{},{"nodeType":1294,"data":2205,"content":2206},{},[2207,2211,2222],{"nodeType":1293,"value":2208,"marks":2209,"data":2210},"Develop a comprehensive incident response (IR) plan that outlines steps to take if a shadow identity has been compromised. This will help Security respond swiftly and mitigate damage. Here’s ",[],{},{"nodeType":1824,"data":2212,"content":2216},{"target":2213},{"sys":2214},{"id":2215,"type":1386,"linkType":1387},"14NiRrBrLFVkR8h05RCD7F",[2217],{"nodeType":1293,"value":2218,"marks":2219,"data":2221},"some guidance",[2220],{"type":1613},{},{"nodeType":1293,"value":2223,"marks":2224,"data":2225}," on how to create one for SaaS accounts. ",[],{},{"nodeType":1322,"data":2227,"content":2228},{},[2229],{"nodeType":1293,"value":2230,"marks":2231,"data":2232},"Conclusion",[],{},{"nodeType":1294,"data":2234,"content":2235},{},[2236],{"nodeType":1293,"value":2237,"marks":2238,"data":2239},"Shadow identities and shadow cloud identities are a risk to the business simply because they’re unknown to the security/IT team. If these groups lack visibility on identities outside of their main identity provider, their impact on the company’s overall security posture is unknown. ",[],{},{"nodeType":1294,"data":2241,"content":2242},{},[2243],{"nodeType":1293,"value":2244,"marks":2245,"data":2246},"However, once spotted using the right data source, identities and accounts that were previously unknown can be monitored just like any other asset.",[],{},{"nodeType":1294,"data":2248,"content":2249},{},[2250],{"nodeType":1293,"value":2251,"marks":2252,"data":2253},"By understanding what shadow identities are and implementing proactive security measures, security teams can minimize the risks they pose to their organizations and customers.",[],{},"Get out of the dark: Manage the risk of shadow identities","Employees sign up to cloud apps on their own every day. Each time, they create a new account and a new identity on that app. How do you find and secure them?","2023-09-19T00:00:00.000Z","what-are-shadow-identities",{"items":2259},[2260,2264],{"sys":2261,"name":2263},{"id":2262},"3SA5H01UkKauuiTdt0KC6q","Shadow IT",{"sys":2265,"name":1310},{"id":1309},{"items":2267},[2268],{"fullName":2269,"firstName":2270,"jobTitle":2271,"profilePicture":2272},"Tyrone Erasmus","Tyrone","Co-founder / CTO",{"url":2273},"https://images.ctfassets.net/y1cdw1ablpvd/5rkMblymL7lG4pZBiYzWo6/26f0da21be8fc252b13b62aacc22d19d/Push_Founders_at_Cahoots_October_28_2022_by_Doug_Coombe-22.jpg",{"items":2275},[2276],{"fullName":1733,"firstName":1734,"jobTitle":1735,"profilePicture":2277},{"url":1737},{"json":2279,"links":2773},{"nodeType":1295,"data":2280,"content":2281},{},[2282,2288,2295,2302,2309,2315,2322,2414,2419,2426,2534,2541,2548,2555,2562,2569,2576,2583,2590,2597,2604,2611,2618,2625,2630,2637,2643,2649,2656,2663,2711,2716,2722,2729,2734,2741,2748,2755],{"nodeType":1322,"data":2283,"content":2284},{},[2285],{"nodeType":1293,"value":1326,"marks":2286,"data":2287},[],{},{"nodeType":1294,"data":2289,"content":2290},{},[2291],{"nodeType":1293,"value":2292,"marks":2293,"data":2294},"Companies often rely on third-party relationships to improve their operational efficiency and expand their capabilities. While these partnerships can bring numerous benefits, they also introduce a critical element of risk. Organizations often employ a strategic approach known as \"Third-Party Risk Management\"(TPRM) to try to manage third-party risk. In this article, we'll delve into the concept of third-party risk management at a high level, highlighting its importance and key components.",[],{},{"nodeType":1294,"data":2296,"content":2297},{},[2298],{"nodeType":1293,"value":2299,"marks":2300,"data":2301},"We’ll also explore alternative approaches that can help manage third-party risk, which may not yet be on your radar.",[],{},{"nodeType":1322,"data":2303,"content":2304},{},[2305],{"nodeType":1293,"value":2306,"marks":2307,"data":2308},"What is Third-Party Risk Management?",[],{},{"nodeType":1294,"data":2310,"content":2311},{},[2312],{"nodeType":1293,"value":1292,"marks":2313,"data":2314},[],{},{"nodeType":1322,"data":2316,"content":2317},{},[2318],{"nodeType":1293,"value":2319,"marks":2320,"data":2321},"Why is TPRM Important?",[],{},{"nodeType":1504,"data":2323,"content":2324},{},[2325,2340,2355,2370,2380,2399],{"nodeType":1508,"data":2326,"content":2327},{},[2328],{"nodeType":1294,"data":2329,"content":2330},{},[2331,2336],{"nodeType":1293,"value":2332,"marks":2333,"data":2335},"Protecting Reputation",[2334],{"type":1357},{},{"nodeType":1293,"value":2337,"marks":2338,"data":2339},": A third-party's failure to protect your data and meet agreed-upon standards can tarnish your company image and brand, potentially leading to a loss of trust among customers, stakeholders, and the public.",[],{},{"nodeType":1508,"data":2341,"content":2342},{},[2343],{"nodeType":1294,"data":2344,"content":2345},{},[2346,2351],{"nodeType":1293,"value":2347,"marks":2348,"data":2350},"Compliance",[2349],{"type":1357},{},{"nodeType":1293,"value":2352,"marks":2353,"data":2354},": Regulatory bodies worldwide have heightened their scrutiny of third-party relationships. If both parties don’t comply with these regulations, they may have to pay hefty fines and face legal consequences. TPRM is meant to ensure adherence to these legal requirements.",[],{},{"nodeType":1508,"data":2356,"content":2357},{},[2358],{"nodeType":1294,"data":2359,"content":2360},{},[2361,2366],{"nodeType":1293,"value":2362,"marks":2363,"data":2365},"Data Security",[2364],{"type":1357},{},{"nodeType":1293,"value":2367,"marks":2368,"data":2369},": Third-party partners, applications, and services often have access to sensitive data, so it’s crucial that they follow standard security measures and adhere to data compliance regulations. ",[],{},{"nodeType":1508,"data":2371,"content":2372},{},[2373],{"nodeType":1294,"data":2374,"content":2375},{},[2376],{"nodeType":1293,"value":2377,"marks":2378,"data":2379},"In the case of third-party applications, even if they don’t have direct access to company data, they may have access to it depending on what permissions were granted to the app upon sign up. ",[],{},{"nodeType":1508,"data":2381,"content":2382},{},[2383],{"nodeType":1294,"data":2384,"content":2385},{},[2386,2390,2395],{"nodeType":1293,"value":2387,"marks":2388,"data":2389},"You may not also realize that even if an application doesn’t contain data you consider ",[],{},{"nodeType":1293,"value":2391,"marks":2392,"data":2394},"sensitive",[2393],{"type":312},{},{"nodeType":1293,"value":2396,"marks":2397,"data":2398}," or high-risk, the app itself can be used by an attacker to gain access to that sensitive data stored elsewhere in your systems.",[],{},{"nodeType":1508,"data":2400,"content":2401},{},[2402],{"nodeType":1294,"data":2403,"content":2404},{},[2405,2410],{"nodeType":1293,"value":2406,"marks":2407,"data":2409},"Operational Resilience",[2408],{"type":1357},{},{"nodeType":1293,"value":2411,"marks":2412,"data":2413},": If a critical third-party vendor experiences disruptions, your whole business can be disrupted. TPRM helps mitigate this risk by identifying potential vulnerabilities and developing contingency plans.",[],{},{"nodeType":1381,"data":2415,"content":2418},{"target":2416},{"sys":2417},{"id":1385,"type":1386,"linkType":1387},[],{"nodeType":1322,"data":2420,"content":2421},{},[2422],{"nodeType":1293,"value":2423,"marks":2424,"data":2425},"Key Components of Third-Party Risk Management",[],{},{"nodeType":1504,"data":2427,"content":2428},{},[2429,2444,2459,2474,2489,2504,2519],{"nodeType":1508,"data":2430,"content":2431},{},[2432],{"nodeType":1294,"data":2433,"content":2434},{},[2435,2440],{"nodeType":1293,"value":2436,"marks":2437,"data":2439},"Identification",[2438],{"type":1357},{},{"nodeType":1293,"value":2441,"marks":2442,"data":2443},": The first step in TPRM is identifying all third-party relationships within the organization. This includes both existing and potential partnerships.",[],{},{"nodeType":1508,"data":2445,"content":2446},{},[2447],{"nodeType":1294,"data":2448,"content":2449},{},[2450,2455],{"nodeType":1293,"value":2451,"marks":2452,"data":2454},"Risk Assessment",[2453],{"type":1357},{},{"nodeType":1293,"value":2456,"marks":2457,"data":2458},": Each third-party is assessed for various risks, including financial, operational, compliance, and reputational risks. This process helps prioritize risk mitigation efforts.",[],{},{"nodeType":1508,"data":2460,"content":2461},{},[2462],{"nodeType":1294,"data":2463,"content":2464},{},[2465,2470],{"nodeType":1293,"value":2466,"marks":2467,"data":2469},"Due Diligence",[2468],{"type":1357},{},{"nodeType":1293,"value":2471,"marks":2472,"data":2473},": Due diligence involves conducting background checks, audits, and reviews to gather information about a third-party's history, financial stability, and adherence to industry standards.",[],{},{"nodeType":1508,"data":2475,"content":2476},{},[2477],{"nodeType":1294,"data":2478,"content":2479},{},[2480,2485],{"nodeType":1293,"value":2481,"marks":2482,"data":2484},"Contractual Agreements",[2483],{"type":1357},{},{"nodeType":1293,"value":2486,"marks":2487,"data":2488},": Contracts with third parties should clearly define roles, responsibilities, and expectations, including risk-sharing agreements and penalties for non-compliance.",[],{},{"nodeType":1508,"data":2490,"content":2491},{},[2492],{"nodeType":1294,"data":2493,"content":2494},{},[2495,2500],{"nodeType":1293,"value":2496,"marks":2497,"data":2499},"Monitoring and Reporting",[2498],{"type":1357},{},{"nodeType":1293,"value":2501,"marks":2502,"data":2503},": Continuous monitoring of third-party activities is essential. Any deviations from agreed-upon standards or indicators of potential risks should be reported promptly.",[],{},{"nodeType":1508,"data":2505,"content":2506},{},[2507],{"nodeType":1294,"data":2508,"content":2509},{},[2510,2515],{"nodeType":1293,"value":2511,"marks":2512,"data":2514},"Risk Mitigation Strategies",[2513],{"type":1357},{},{"nodeType":1293,"value":2516,"marks":2517,"data":2518},": Based on risk assessments, organizations should develop mitigation strategies that may include risk transfer, contingency plans, or risk-sharing mechanisms.",[],{},{"nodeType":1508,"data":2520,"content":2521},{},[2522],{"nodeType":1294,"data":2523,"content":2524},{},[2525,2530],{"nodeType":1293,"value":2526,"marks":2527,"data":2529},"Exit Strategy",[2528],{"type":1357},{},{"nodeType":1293,"value":2531,"marks":2532,"data":2533},": You need to plan for the termination of a third-party relationship, which should include data retrieval, transitioning responsibilities, and ensuring minimal disruption to operations.",[],{},{"nodeType":1294,"data":2535,"content":2536},{},[2537],{"nodeType":1293,"value":2538,"marks":2539,"data":2540},"You can see why these TPRM strategies are so important! Since they’re so critical from an IT and Security perspective, a good TPRM strategy will also benefit from treating each third-party commodity separately. ",[],{},{"nodeType":1294,"data":2542,"content":2543},{},[2544],{"nodeType":1293,"value":2545,"marks":2546,"data":2547},"Take, for example, a third-party technology partner. You may have a TPRM strategy specifically for this group, which focuses on all those elements listed above. \n\nBut one specific third-party “group” to consider focusing on as party of your TPRM plan is SaaS and identity security. ",[],{},{"nodeType":1322,"data":2549,"content":2550},{},[2551],{"nodeType":1293,"value":2552,"marks":2553,"data":2554},"Ensure your TPRM strategy can keep up with the explosion of third-party cloud services",[],{},{"nodeType":1294,"data":2556,"content":2557},{},[2558],{"nodeType":1293,"value":2559,"marks":2560,"data":2561},"Now that most companies are reliant on third-party cloud and SaaS applications to operate efficiently, TPRM strategies must include solutions that focus on reducing the risk of those third-party apps and identities. So, in addition to the governance risk and compliance (GRC) tools you’re using as part of your TPRM strategy, you should strongly consider how this fits into your overall cloud security strategy. \n\nTo manage third-party cloud services, you’ll likely first encounter solutions lumped into a few categories, including cloud access security brokers (CASBs), SaaS security posture management (SSPMs), and cloud security posture management (CSPMs). ",[],{},{"nodeType":1294,"data":2563,"content":2564},{},[2565],{"nodeType":1293,"value":2566,"marks":2567,"data":2568},"In this section, we’ll be discussing third-party risk specifically when it comes to SaaS and the integrations that are added to core SaaS platforms. Note that some call these SaaS integrations “fourth-party risk,” but we think the risk can be managed similarly across both types of SaaS apps, so we’re going to talk about both. ",[],{},{"nodeType":1404,"data":2570,"content":2571},{},[2572],{"nodeType":1293,"value":2573,"marks":2574,"data":2575},"What is SaaS third-party risk? ",[],{},{"nodeType":1294,"data":2577,"content":2578},{},[2579],{"nodeType":1293,"value":2580,"marks":2581,"data":2582},"SaaS third-party risk refers to the potential dangers and vulnerabilities associated with using third-party SaaS providers for software and services in terms of security, compliance, and operational continuity.",[],{},{"nodeType":1404,"data":2584,"content":2585},{},[2586],{"nodeType":1293,"value":2587,"marks":2588,"data":2589},"Why does it deserve special attention in your TPRM program?",[],{},{"nodeType":1294,"data":2591,"content":2592},{},[2593],{"nodeType":1293,"value":2594,"marks":2595,"data":2596},"Due to the scale and expansion of how many SaaS apps are used within a business. SaaS has exploded, with new apps hitting the market every day, and employees continue to self-adopt SaaS apps that have the features and functionality they need to do their jobs and make things easier. The trouble is that in order to work, most SaaS apps require access to other business apps, company data, or employee/user data to work. ",[],{},{"nodeType":1294,"data":2598,"content":2599},{},[2600],{"nodeType":1293,"value":2601,"marks":2602,"data":2603},"With employees self-adopting apps for work all the time, IT and Security are left trying to manage the risk without even having visibility into what apps and identities are being created.",[],{},{"nodeType":1294,"data":2605,"content":2606},{},[2607],{"nodeType":1293,"value":2608,"marks":2609,"data":2610},"So, the first step is getting that visibility so you know which third-parties to focus on, what data they have access to, and if they’re doing anything that might indicate that they’re malicious or simply too high risk for the company.",[],{},{"nodeType":1322,"data":2612,"content":2613},{},[2614],{"nodeType":1293,"value":2615,"marks":2616,"data":2617},"Push provides visibility into all third-party cloud services employees are using and creating",[],{},{"nodeType":1294,"data":2619,"content":2620},{},[2621],{"nodeType":1293,"value":2622,"marks":2623,"data":2624},"Push uses data from our browser extension to find SaaS apps that employees sign  \ninto with usernames and passwords and SSO (OIDC). This gives you complete visibility of \nyour SaaS environment, including shadow SaaS apps and cloud accounts that aren’t \nmanaged by IT. ",[],{},{"nodeType":1381,"data":2626,"content":2629},{"target":2627},{"sys":2628},{"id":1422,"type":1386,"linkType":1387},[],{"nodeType":1404,"data":2631,"content":2632},{},[2633],{"nodeType":1293,"value":2634,"marks":2635,"data":2636},"Detect the new apps, integrations and identities in real time",[],{},{"nodeType":1294,"data":2638,"content":2639},{},[2640],{"nodeType":1293,"value":1435,"marks":2641,"data":2642},[],{},{"nodeType":1381,"data":2644,"content":2648},{"target":2645},{"sys":2646},{"id":2647,"type":1386,"linkType":1387},"1hqMZl60NhvhHIfnO7FttV",[],{"nodeType":1404,"data":2650,"content":2651},{},[2652],{"nodeType":1293,"value":2653,"marks":2654,"data":2655},"Identify account security risks and discover shadow SaaS at the same time",[],{},{"nodeType":1294,"data":2657,"content":2658},{},[2659],{"nodeType":1293,"value":2660,"marks":2661,"data":2662},"Supply chain risk is important, but we’d argue the risk of identity-based attacks are greater for most organizations. 49% of the incidents in the 2023 Verizon DBIR involved credentials, and Crowdstrike have reported that 80% of the attacks they detected used identity-based attack techniques. Push can identify account security issues that make it possible for attackers to compromise your employees accounts using credential stuffing, brute forcing and consent phishing attacks. These include:",[],{},{"nodeType":1504,"data":2664,"content":2665},{},[2666,2675,2684,2693,2702],{"nodeType":1508,"data":2667,"content":2668},{},[2669],{"nodeType":1294,"data":2670,"content":2671},{},[2672],{"nodeType":1293,"value":1515,"marks":2673,"data":2674},[],{},{"nodeType":1508,"data":2676,"content":2677},{},[2678],{"nodeType":1294,"data":2679,"content":2680},{},[2681],{"nodeType":1293,"value":1525,"marks":2682,"data":2683},[],{},{"nodeType":1508,"data":2685,"content":2686},{},[2687],{"nodeType":1294,"data":2688,"content":2689},{},[2690],{"nodeType":1293,"value":1535,"marks":2691,"data":2692},[],{},{"nodeType":1508,"data":2694,"content":2695},{},[2696],{"nodeType":1294,"data":2697,"content":2698},{},[2699],{"nodeType":1293,"value":1545,"marks":2700,"data":2701},[],{},{"nodeType":1508,"data":2703,"content":2704},{},[2705],{"nodeType":1294,"data":2706,"content":2707},{},[2708],{"nodeType":1293,"value":1555,"marks":2709,"data":2710},[],{},{"nodeType":1381,"data":2712,"content":2715},{"target":2713},{"sys":2714},{"id":1562,"type":1386,"linkType":1387},[],{"nodeType":1294,"data":2717,"content":2718},{},[2719],{"nodeType":1293,"value":1568,"marks":2720,"data":2721},[],{},{"nodeType":1294,"data":2723,"content":2724},{},[2725],{"nodeType":1293,"value":2726,"marks":2727,"data":2728},"We engage employees directly via Slack or MS Teams, explain the account security issue we’ve identified in a way they’ll understand, and guide them on how to fix it.",[],{},{"nodeType":1381,"data":2730,"content":2733},{"target":2731},{"sys":2732},{"id":1582,"type":1386,"linkType":1387},[],{"nodeType":1404,"data":2735,"content":2736},{},[2737],{"nodeType":1293,"value":2738,"marks":2739,"data":2740},"Regain control of all the third-party cloud services employees sign up for on their own",[],{},{"nodeType":1294,"data":2742,"content":2743},{},[2744],{"nodeType":1293,"value":2745,"marks":2746,"data":2747},"By using Push, you gain complete visibility of all SaaS apps in your environment, including those adopted by employees without the oversight of IT and Security. ",[],{},{"nodeType":1294,"data":2749,"content":2750},{},[2751],{"nodeType":1293,"value":2752,"marks":2753,"data":2754},"We’ll automatically find the security issues that put your data at risk and guide employees to fix them. This allows you to allow app self-adoption and adopt a default allow approach that enables your business while scaling security so you don’t lose control of SaaS security risks.  ",[],{},{"nodeType":1294,"data":2756,"content":2757},{},[2758,2761,2769],{"nodeType":1293,"value":37,"marks":2759,"data":2760},[],{},{"nodeType":1491,"data":2762,"content":2764},{"uri":2763},"https://pushsecurity.com/demo/",[2765],{"nodeType":1293,"value":2766,"marks":2767,"data":2768},"Book a demo",[],{},{"nodeType":1293,"value":2770,"marks":2771,"data":2772}," to find out more.",[],{},{"entries":2774},{"hyperlink":2775,"inline":2776,"block":2777},[],[],[2778,2785,2794,2801,2809],{"sys":2779,"__typename":2780,"type":2781,"ctaText":2782,"buttonLabel":2783,"buttonColour":2784,"buttonUrl":118},{"id":1385},"CtaWidget","Demo","Learn how Push can help you secure identities across your org","Book a demo!","sunny orange",{"sys":2786,"__typename":2787,"title":2788,"caption":2789,"layoutMode":118,"file":2790},{"id":1422},"Image","Apps dash_PLG blog","Push dashboard of applications in use",{"url":2791,"width":2792,"height":2793},"https://images.ctfassets.net/y1cdw1ablpvd/725D6oAs9P55D6ffUZQ943/ea8128093af916eea79c13d429755f6e/image3.png",1999,1034,{"sys":2795,"__typename":2787,"title":2796,"caption":2797,"layoutMode":2798,"file":2799},{"id":2647},"Slack message new app alert for Security team","Channel message to security team via Slack about new app ","Centre aligned",{"url":2800,"width":2792,"height":2793},"https://images.ctfassets.net/y1cdw1ablpvd/6CKhrva6Jh3jpHfnt0Maq5/edeeac0b00f1109e8601016f5a6e0c63/image17.png",{"sys":2802,"__typename":2787,"title":2803,"caption":2804,"layoutMode":118,"file":2805},{"id":1562},"Employee identities dashboard ","Employee identities dashboard showing the security status for each account/identity",{"url":2806,"width":2807,"height":2808},"https://images.ctfassets.net/y1cdw1ablpvd/3TFVCYgvSaiUlWFamaHhCd/3a845d4c7bd69058a4fa27099dd4cc2d/image2.png",1580,945,{"sys":2810,"__typename":2787,"title":2811,"caption":2812,"layoutMode":118,"file":2813},{"id":1582},"MFA ChatOps message ","A chat message to guide an employee to turn on MFA",{"url":2814,"width":2792,"height":2793},"https://images.ctfassets.net/y1cdw1ablpvd/3C4b1X7FvwlfGnSonGC0aT/2c14caaadc2252cde79be9db059acaf2/image6.png","content:blog:third-party-risk-management.json","json","content","blog/third-party-risk-management.json","blog/third-party-risk-management",1776359990351]