Home Cyber Security LayerX’s Enterprise Browser Safety Extension

LayerX’s Enterprise Browser Safety Extension

LayerX’s Enterprise Browser Safety Extension


The browser has change into the principle work interface in fashionable enterprises. It is the place workers create and work together with information, and the way they entry organizational and exterior SaaS and net apps. Consequently, the browser is extensively focused by adversaries. They search to steal the information it shops and use it for malicious entry to organizational SaaS apps or the internet hosting machine. Moreover, unintentional information leakage through the browser has change into a vital concern for organizations as nicely.

Nonetheless, conventional endpoint, community, and information safety options fail to guard this vital useful resource in opposition to superior web-borne assaults that repeatedly rise in sophistication and quantity. This hole leaves organizations uncovered to phishing assaults, malicious browser extensions, information publicity, and information loss.

That is the problem LayerX is making an attempt to unravel. LayerX has developed a safe enterprise browser extension that may be mounted on any browser. The LayerX extension delivers complete visibility, steady monitoring, and granular coverage enforcement on each occasion throughout the shopping session. Utilizing proprietary Deep Session Evaluation know-how, LayerX can mitigate browser information loss dangers, stop credential theft by phishing websites, determine malicious extensions, and rather more.

On this platform evaluation, we’ll stroll you thru the complete LayerX person journey, from preliminary set up and configuration to visibility and safety. (to get a personalised demo of Layerx, go to their web site right here)

Preliminary Set up and Setup

LayerX is designed for straightforward set up on prime of the group’s current browser infrastructure. The person can distribute it via a gaggle coverage, any enterprise system administration platform, or the browser’s administration workspace. For the final possibility, LayerX isn’t put in on the internet hosting system. As an alternative, it’s delivered as a part of the browser’s profile, making it a pure selection for the safety of unmanaged units. The set up display screen enabled the person to decide on the browsers which are in use of their surroundings.

Determine 1: The LayerX set up display screen. Centralized distribution (left), browser administration sign-in (proper)

The LayerX Dashboard

As soon as the set up is full, the LayerX dashboard instantly turns into populated with pre-defined insurance policies, data on the browsers, customers, extensions, and net exercise. When the person configures insurance policies, the dashboard will present them as nicely, together with their standing, detected threat alerts, and different information aggregations.

Determine 2: LayerX dashboard

The dashboard gives high-level insights into the safety posture of the browser ecosystem. For drilling down into particular points, let’s transfer on to the Discovery web page.

Visibility and Discovery of Entities in Looking Classes

The Discovery web page gives the person with a wealth of details about 5 forms of entities:

  • Customers
  • Apps
  • Accounts
  • Extensions
  • Browsers

For instance:

  • The ‘Apps’ part exhibits customers all the online and SaaS functions the group’s workers are accessing via their browsers. This contains 100% of the apps in use, no matter whether or not they’re sanctioned or private.
  • The ‘Accounts’ part exhibits the energy of the account’s passwords or any utilization of non-corporate identities. The person can also uncover browsers which are operating outdated variations, implement updates, and acquire visibility into all of the completely different extensions which are put in on browsers within the ecosystem.
Determine 3: The LayerX Discovery display screen, Apps part

Proactively Detecting and Resolving Browser Points

The Discovery course of informs the person about numerous points, enabling the person to resolve them on the spot. For instance, reviewing the completely different extensions may reveal an extension that has vital permissions that would expose it to compromise. In such a case, the extension can merely be added to a block listing, eliminating the danger.

Furthermore, LayerX gives a devoted ‘Points’ tab that aggregates all of the findings that point out a possible safety weak spot for every entity sort. For accounts, it might be weak passwords or shared accounts. For functions, public app uploads or non-SSO company apps. And many others.

Determine 4: The LayerX Points display screen displaying Account and Utility points

It is necessary to notice that that is the primary time that a lot of the information displayed within the Discovery web page is offered for monitoring and evaluation. Present IT and safety merchandise weren’t capable of current it. As such, LayerX addresses a protracted acknowledged blind spot.

Detecting and Resolving Malicious Browser Extensions Threat

One of the vital vital and unaddressed dangers are malicious browser extensions. These extensions have the ability to compromise browser information, route workers to malicious net pages, seize session information, and perform many different malicious actions.

The ‘Extensions’ tab within the Discovery web page pinpoints all of the extensions that introduce a threat to the surroundings.

Determine 5: The LayerX Discovery display screen, Extensions tab

The ‘Points’ web page aggregates the dangerous extensions and gives a advice on how you can resolve it. This may be executed manually or with LayerX’s ‘Automated Resolve’ possibility.

Determine 6: The LayerX Points display screen displaying guide and automatic resolving choices

Following the invention and backbone of current dangerous extensions, the person can proactively mitigate this threat going ahead with a devoted coverage. Earlier than displaying how, let’s present perception into LayerX’s coverage configuration function.

LayerX Insurance policies – The way to Remedy Numerous Browser Safety Use Circumstances

LayerX insurance policies allow customers to proactively defend in opposition to a variety of web-borne dangers. Insurance policies are labeled into differing types (DLP, protected shopping, and so on.) primarily based on the danger sort they deal with.

The guts of the coverage is the ‘Circumstances’ part, through which the person determines the circumstances that set off a protecting motion. These circumstances can vary from easy guidelines to extraordinarily granular combos, enabling laser focus enforcement, decrease false positives and accuracy that can not be achieved by different product

Respectively, the ‘Motion’ half can also be extraordinarily granular, together with each easy ‘block entry’ or ‘stop add’ actions, in addition to the flexibility to surgically disable dangerous elements throughout the net web page or pop-up warnings to the shopping worker.

LayerX is shipped with a set of default insurance policies. Customers can use them as is, modify their circumstances and actions, or create new ones from scratch.

Determine 7: The LayerX Insurance policies display screen

Let’s study a couple of insurance policies for instance this functionality.

A Coverage for Stopping Dangerous Extension Set up

LayerX allows the person to create an inventory of permitted extensions. This listing can then be used as a situation parameter to repeatedly monitor and govern this former blind spot.

LayerX gives its customers with a variety of mitigations in opposition to malicious extensions. Customers can outline a blockallow lists to proactively management which extensions could be put in. As well as LayerX’s granular visibility into all the extensions’ elements allows customers to configure insurance policies that may block extensions primarily based on their requested permissions, identify, set up sort, net retailer and lots of others. it is a distinctive functionality that can not be present in any endpoint safety or IT administration instrument.

Determine 8: The LayerX Insurance policies display screen, dangerous extension coverage configuration

As soon as activated, any try to obtain an extension that is not included within the listing will set off a protecting motion. The worker will obtain a pop-up informing them that the extension violates the group’s coverage. Primarily based on the motion configured within the coverage, LayerX will both ask the worker to disable the extension or take motion to robotically deactivate it.

Determine 9: LayerX coverage motion, pop up upon dangerous extension set up

A Coverage for Stopping Knowledge Leakage through ChatGPT

Whereas ChatGPT is an incredible productiveness booster, it’s crucial to make sure that workers use it in a safe method and with out exposing delicate information.

The coverage under exhibits how this threat could be mitigated. Within the ‘Circumstances’ part, the person defines the goal web site and which kind of textual content triggers a protecting motion. These preliminary circumstances could be refined by including circumstances that relate to the system state (managedunmanaged), the browser sort, person identification, and extra.

Determine 10: The LayerX coverage display screen, setting a situation throughout coverage configuration

A coverage can set off numerous actions primarily based on the person’s wants. The screenshot under exhibits the completely different choices: monitoring, popping up an worker warning message, ‘stop with bypass’ that allows workers to finish their ChatGPT question pending they’ll justify it, and the ultimate possibility of full prevention.

Determine 11: The LayerX coverage display screen, setting an motion throughout coverage configuration

As soon as the coverage is configured and enabled, customers can nonetheless use ChatGPT freely, until delicate information is topic to leakage threat. Any violation of the circumstances outlined within the coverage will set off the configured safety, as nicely an alert that notifies the admin of the violation and its particulars:

Determine 12: LayerX coverage display screen, a single coverage web page

One other vital subject LayerX insurance policies allow resolving is Shadow Identification. This threat surfaces primarily inside sanctioned apps. Suppose the person’s group is utilizing Google Suite, with workers accessing it with a company identification. Nonetheless, additionally they have a private Google account that introduces an information leakage threat if an worker by chance uploads recordsdata with delicate information to their private drive or e-mail relatively than to the company one.

To unravel this problem, LayerX allows customers to configure insurance policies which are delicate to the worker’s identification and add the identification as a situation, along with file content material, labeling, and different conventional DLP attributes. As soon as enabled, the coverage prevents importing of company information to Google, until it is accessed by the person’s company account.

Hardening Safety Towards Account Takeover with LayerX as an Further authentication Issue

LayerX could be built-in with the surroundings’s cloud Identification Supplier (IdP). In that method, entry to the SaaS apps the IDP manages is feasible solely from a browser on which the extension is put in. For instance, when accessing a SaaS app through Okta with out LayerX on the browser, an alert message is triggered:

Determine 13: The LayerX entry restriction pop-up

LayerX serves right here as an MFA, however with out the intrusive person expertise of the push notification to the worker’s cellphone. This serves as extraordinarily efficient mitigation in opposition to malicious entry that exploits compromised credentials, since adversaries won’t ever get entry to SaaS and net assets primarily based on credentials alone.

Monitoring the Internet-borne Threats Panorama from the Alerts Display screen

The ultimate LayerX display screen on this overview is the Alerts display screen. Each triggered coverage registers an alert. The Alerts display screen classifies and aggregates the alert by severity (low, medium, excessive, vital) and kind (paste, protected shopping, and so on.), and exhibits the highest triggered insurance policies.

The person can use the varied filters to view solely alerts inside a sure timeframe, sort, motion sort, or threat degree.

Determine 14: The LayerX entry Alerts display screen with the Alert Sort dropdown

For instance, filtering for the ‘Add’ sort will present all of the insurance policies that have been triggered by workers who uploaded recordsdata in an insecure method. Clicking on ‘Examine’ reveals the staff’ shopping path and the precise level throughout the session that violated the coverage.

For instance, the next occasion journey for an information add coverage exhibits that the worker uploaded a file to their private Gmail after which switched again to their work account. Detecting and blocking such an occasion is a novel functionality that may’t be carried out by any CASB or different application-oriented safety instrument, since they lack the aptitude to distinguish between accounts for a similar app.

Determine 15: The occasion journey for a triggered DLP coverage


The LayerX safe browser extension consolidates safety measures for the complete vary of web-borne dangers. A few of these dangers are partially addressed by current options, whereas most have been an entire blind spot, till now.

For organizations that acknowledge the centrality of the browser of their operations, LayerX is a useful answer, offering a single pane of glass for all of the functionalities that mitigate each browser-based assaults and web-related information loss.

Go to the LayerX web site right here.

Discovered this text attention-grabbing? Observe us on Twitter and LinkedIn to learn extra unique content material we submit.



Please enter your comment!
Please enter your name here