2025-04-26 –, Track 2
Organizations used to believe that threats stopped at the firewall. As we’ve become more remote and connected, we know that is far from true. Web browsers are now the primary interface allowing for interaction with your most sensitive data from anywhere. Are extensions a hidden threat to your users?
Thesis / Takeaway: Organizations overlook the impact browser extensions can have on their security posture, but this risk doesn't have to stay at the bottom of the list.
Detailed Description: Browser extensions present a real threat to organizations. Only a couple clicks to install by anyone, they can have permission to interact with your most sensitive data. From stealing session tokens to reading webpages to capturing screenshots of pages you visit there isn't a possibility that doesn't make an administrator uneasy.
Outline:
10 min - What are browser extensions and how do permissions work.
10 min - Current ownership responsibilities across browser developers and IT teams
10 min - How threat groups are utilizing extensions to successfully attack users
5 min - Malicious extension demo
5 min - Progress (or lack thereof) of Manifest V3 standard
10 min - How teams can manage and analyze extensions in their organizations
Intended Audience: IT administrators, security analysts, CISO/Director leadership, security engineers.
John has been a security practitioner that tries to solve the hardest problems for as many teams as possible. He has experience across many domains working at enterprise organizations and security vendors involving SIEM, SOAR, networking, and cloud. He recently founded Secure Annex to protect people and organizations from the risks posed by malicious browser extensions.