[{"data":1,"prerenderedAt":3766},["ShallowReactive",2],{"application-flags":3,"navbar":7,"always-visible-banner":36,"navbar-about-highlight":100,"navbar-resource-highlight":174,"blog/browser-visibility-and-control-can-achieve-ai-compliance":220},[4],{"enabled":5,"name":6},false,"maintenanceMode",[8],{"createdDate":9,"id":10,"name":11,"modelId":12,"published":13,"query":14,"data":15,"variations":20,"lastUpdated":21,"firstPublished":22,"testRatio":23,"createdBy":24,"lastUpdatedBy":25,"folders":26,"meta":27,"rev":35},1742208588866,"1c7a4e423bf54ac1a328bb4063459ef2","Banner","1c6207a5f24948ab82d4a0b17f251193","published",[],{"type":16,"url":17,"text":18,"link":19},"web-banner","https://pushsecurity.com/resources/browser-attacks-report","Get our latest report analyzing browser attack techniques in 2026",{},{},1774258294825,1742208637545,1,"CydmZnOWU1XuAaLhEDCoYNM4Z8W2","jKjF9r5jcvXU8tzZEfFQm31Iyvr2",[],{"kind":28,"lastPreviewUrl":29,"breakpoints":30,"hasAutosaves":34},"data","",{"xsmall":31,"small":32,"medium":33},320,640,768,true,"ca8h566li",{"createdDate":37,"id":38,"name":39,"modelId":40,"published":13,"stageModifiedSincePublish":5,"query":41,"data":42,"variations":89,"lastUpdated":90,"firstPublished":91,"testRatio":23,"createdBy":92,"lastUpdatedBy":93,"folders":94,"meta":95,"rev":99},1774965361051,"fd266d0172cc47429be7ad10f48c99ad","always visible banner","0678d178ec8b41efb8a23c09dba7874d",[],{"url":29,"ctaText":43,"text":44,"blocks":45,"state":85},"ewrererw","testrfesssssssssss",[46,73],{"@type":47,"@version":48,"id":49,"component":50,"responsiveStyles":63},"@builder.io/sdk:Element",2,"builder-ca12c06a52de41d7b8743da53118cd38",{"name":51,"tag":51,"options":52,"isRSC":62},"TopBannerContent",{"text":53,"ctaText":54,"url":55,"mainText":56,"cta":59},"New Webinar Series: Join John Hammond, Troy Hunt, and Matt Johansen for the State of Browser Attacks","Save Your Spot","https://pushsecurity.com/webinar/state-of-browser-security",{"content":57,"fontSize":58},"\u003Cp>Is your stack covered? 51 browser & identity attacks, mapped.\u003C/p>","text-base",{"content":60,"fontSize":58,"url":61},"\u003Cp>\u003Cstrong style=\"font-weight:700;\">See the matrix →\u003C/strong>\u003C/p>\n","https://pushsecurity.com/resources/browser-identity-attacks-matrix/",null,{"large":64},{"display":65,"flexDirection":66,"position":67,"flexShrink":68,"boxSizing":69,"marginTop":70,"marginBottom":70,"fontSize":71,"fontWeight":72},"flex","column","relative","0","border-box",".56rem","1.125rem","700",{"id":74,"@type":47,"tagName":75,"properties":76,"responsiveStyles":80},"builder-pixel-zfysl1x0pme","img",{"src":77,"aria-hidden":78,"alt":29,"role":79,"width":68,"height":68},"https://cdn.builder.io/api/v1/pixel?apiKey=f3a1111ff5be48cdbb123cd9f5795a05","true","presentation",{"large":81},{"height":68,"width":68,"display":82,"opacity":68,"overflow":83,"pointerEvents":84},"block","hidden","none",{"deviceSize":86,"location":87},"large",{"path":29,"query":88},{},{},1778612252607,1774968080803,"ST0tXQM8slWpFrmioqKHmENB2qe2","ax7YYfD0OCeqT1Vxxv1G4FUbqVr1",[],{"kind":96,"hasLinks":5,"breakpoints":97,"lastPreviewUrl":98,"hasAutosaves":34,"hasErrors":5},"component",{"xsmall":31,"small":32,"medium":33},"https://pushsecurity.com/?builder.space=f3a1111ff5be48cdbb123cd9f5795a05&builder.user.permissions=read%2Ccreate%2Cpublish%2CeditCode%2CeditDesigns%2CeditLayouts%2CeditLayers%2CeditContentPriority%2CeditFolders%2CeditProjects%2CmodifyMcpServers%2CmodifyWorkflowIntegrations%2CmodifyProjectSettings%2CconnectCodeRepository%2CcreateProjects%2CindexDesignSystems%2CsendPullRequests%2CmergePullRequests&builder.user.role.name=Developer&builder.user.role.id=developer&builder.cachebust=true&builder.preview=always-visible-banner&builder.noCache=true&builder.allowTextEdit=true&__builder_editing__=true&builder.overrides.always-visible-banner=fd266d0172cc47429be7ad10f48c99ad&builder.overrides.fd266d0172cc47429be7ad10f48c99ad=fd266d0172cc47429be7ad10f48c99ad&builder.options.locale=Default","c0rfnv3td1l",[101,137],{"createdDate":102,"id":103,"name":104,"modelId":105,"published":13,"stageModifiedSincePublish":5,"query":106,"data":107,"variations":130,"lastUpdated":131,"firstPublished":132,"testRatio":23,"createdBy":24,"lastUpdatedBy":24,"folders":133,"meta":134,"rev":136},1776247359804,"9136a8f18b3b4a6ba29b8653a99372b1","testimonial-inductive-automation","20d9eaa352304613b3d1a794b400703d",[],{"link":108,"type":109,"testimonialLink":110,"testimonial":111},{},"testimonial","/customer-stories/inductive-automation",{"@type":112,"id":113,"model":109,"value":114},"@builder.io/core:Reference","f028f2b685bb47cd8bf9e82a26dd5a79",{"query":115,"folders":116,"createdDate":117,"id":113,"name":118,"modelId":119,"published":13,"data":120,"variations":124,"lastUpdated":125,"firstPublished":126,"testRatio":23,"createdBy":92,"lastUpdatedBy":92,"meta":127,"rev":129},[],[],1735823466309,"We found Push to be more accurate when compared to competitors and the browser agent offered features that others couldn’t match.","42035571a56940ac98bff4544aa79aa5",{"author":121,"jobTitle":122,"quote":118,"image":123},"Jason Waits","\u003Cp>CISO at Inductive Automation\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Ff04c0c0689ce4a89ac0f0708d78c0a07",{},1735910703862,1735823501152,{"kind":28,"lastPreviewUrl":29,"breakpoints":128,"hasAutosaves":34},{"small":32,"medium":33},"5j2fj32efaq",{},1776247404986,1776247404973,[],{"breakpoints":135,"kind":28,"lastPreviewUrl":29,"hasAutosaves":5},{"xsmall":31,"small":32,"medium":33},"5pd59nhynjv",{"createdDate":138,"id":139,"name":140,"modelId":105,"published":13,"meta":141,"stageModifiedSincePublish":5,"query":143,"data":144,"variations":170,"lastUpdated":171,"firstPublished":172,"testRatio":23,"createdBy":24,"lastUpdatedBy":24,"folders":173,"rev":136},1776255761419,"05a9322735fc427db12e2740e4302300","Report: 2026 Browser Attack Techniques",{"breakpoints":142,"kind":28,"lastPreviewUrl":29,"hasAutosaves":5},{"xsmall":31,"small":32,"medium":33},[],{"testimonial":145,"link":164,"type":167,"title":140,"description":168,"image":169},{"@type":112,"id":146,"model":109,"value":147},"192acbb1f9ca4cac918c0ec435a8bae3",{"query":148,"folders":149,"createdDate":150,"id":146,"name":151,"modelId":119,"published":13,"data":152,"variations":158,"lastUpdated":159,"firstPublished":160,"testRatio":23,"createdBy":92,"lastUpdatedBy":24,"meta":161,"rev":163},[],[],1728981467463,"Push does for identity what CrowdStrike did for the endpoint",{"video":153,"jobTitle":154,"author":155,"qoute":29,"quote":156,"image":157},"https://cdn.builder.io/o/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F8b30e8ca50064058bbaef0f3c6164575%2Fcompressed?apiKey=f3a1111ff5be48cdbb123cd9f5795a05&token=8b30e8ca50064058bbaef0f3c6164575&alt=media&optimized=true","\u003Cp>Deputy CISO at Microsoft\u003C/p>\u003Cp>Former LinkedIn, Slack, Palantir\u003C/p>","Geoff Belknap","Push does for identity what CrowdStrike did for the endpoint.","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F748f0ad0a5064a00a13f4721fcc8dea1",{},1742902158597,1728981782923,{"kind":28,"lastPreviewUrl":29,"breakpoints":162,"hasAutosaves":34},{"small":32,"medium":33},"jfdvq82yblb",{"text":165,"url":166},"Download now","/resources/browser-attacks-report","resource","Learn about the latest techniques being used in the wild.","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F7b4a5ebf81d64e8c9d7fc35f6c96c4a9",{},1776255810913,1776255810900,[],[175,198],{"createdDate":176,"id":177,"name":140,"modelId":178,"published":13,"meta":179,"stageModifiedSincePublish":5,"query":181,"data":182,"variations":193,"lastUpdated":194,"firstPublished":195,"testRatio":23,"createdBy":24,"lastUpdatedBy":24,"folders":196,"rev":197},1776256900280,"1f429607996e4e5fae8fe3f9b9610e55","4829faa81e7c4ee8bd2d000e160e8d3c",{"breakpoints":180,"kind":28,"lastPreviewUrl":29,"hasAutosaves":5},{"xsmall":31,"small":32,"medium":33},[],{"testimonial":183,"link":192,"type":167,"title":140,"description":168,"image":169},{"@type":112,"id":146,"model":109,"value":184},{"query":185,"folders":186,"createdDate":150,"id":146,"name":151,"modelId":119,"published":13,"data":187,"variations":188,"lastUpdated":159,"firstPublished":160,"testRatio":23,"createdBy":92,"lastUpdatedBy":24,"meta":189,"rev":191},[],[],{"video":153,"jobTitle":154,"author":155,"qoute":29,"quote":156,"image":157},{},{"kind":28,"lastPreviewUrl":29,"breakpoints":190,"hasAutosaves":34},{"small":32,"medium":33},"osi4k0msc8d",{"text":165,"url":166},{},1776256937553,1776256937540,[],"oe369sjda6o",{"createdDate":199,"id":200,"name":201,"modelId":178,"published":13,"stageModifiedSincePublish":5,"query":202,"data":203,"variations":214,"lastUpdated":215,"firstPublished":216,"testRatio":23,"createdBy":24,"lastUpdatedBy":24,"folders":217,"meta":218,"rev":197},1776256949234,"ce043785b71b4ece98eac811ecf4ba10","inductive-automation",[],{"link":204,"type":109,"testimonial":205,"testimonialLink":110},{},{"@type":112,"id":113,"model":109,"value":206},{"query":207,"folders":208,"createdDate":117,"id":113,"name":118,"modelId":119,"published":13,"data":209,"variations":210,"lastUpdated":125,"firstPublished":126,"testRatio":23,"createdBy":92,"lastUpdatedBy":92,"meta":211,"rev":213},[],[],{"author":121,"jobTitle":122,"quote":118,"image":123},{},{"kind":28,"lastPreviewUrl":29,"breakpoints":212,"hasAutosaves":34},{"small":32,"medium":33},"ux3tx5svjhq",{},1776256974140,1776256974130,[],{"breakpoints":219,"kind":28,"lastPreviewUrl":29,"hasAutosaves":5},{"xsmall":31,"small":32,"medium":33},{"id":221,"title":222,"authorsCollection":223,"content":231,"extension":1446,"featured":5,"hashTags":62,"meta":1447,"metaTitle":1448,"ogImage":62,"publishedDate":1449,"relatedBlogPostsCollection":1450,"slug":3742,"stem":3743,"subtitle":62,"summary":3744,"synopsis":3755,"sys":3756,"tagsCollection":3759,"__hash__":3765},"blog/blog/browser-visibility-and-control-can-achieve-ai-compliance.json","AI regulation is here: how browser visibility and control can achieve compliance",{"items":224},[225],{"fullName":226,"firstName":227,"jobTitle":228,"profilePicture":229},"John Creaton","John","Head of Legal",{"url":230},"https://images.ctfassets.net/y1cdw1ablpvd/ykgZqhGCFFxufznVsqTiM/6bd977c68dd504642f0064bdb90ebdee/1774636973277.jpeg",{"json":232,"links":1271},{"nodeType":233,"data":234,"content":235},"document",{},[236,247,255,263,844,853,860,867,871,879,886,895,902,908,914,922,938,946,953,961,968,974,982,989,995,998,1006,1025,1045,1064,1071,1074,1082,1089,1100,1107,1118,1125,1131,1142,1149,1160,1167,1174,1180,1191,1198,1201,1209,1216,1223,1230,1236,1239,1246,1253],{"nodeType":237,"data":238,"content":239},"heading-1",{},[240],{"nodeType":241,"value":242,"marks":243,"data":246},"text","The AI regulatory landscape is moving fast",[244],{"type":245},"bold",{},{"nodeType":248,"data":249,"content":250},"paragraph",{},[251],{"nodeType":241,"value":252,"marks":253,"data":254},"The regulatory landscape around AI has shifted from theoretical to operational faster than most compliance teams expected. Several regulations are already in force, presenting not just a legal but also significant operational challenge to organizations covered by these regulations. ",[],{},{"nodeType":248,"data":256,"content":257},{},[258],{"nodeType":241,"value":259,"marks":260,"data":262},"First, here's a summary of the key frameworks and what they require:",[261],{"type":245},{},{"nodeType":264,"data":265,"content":266},"table",{},[267,316,408,474,529,655,710,777],{"nodeType":268,"data":269,"content":270},"table-row",{},[271,283,294,305],{"nodeType":272,"data":273,"content":274},"table-cell",{},[275],{"nodeType":248,"data":276,"content":277},{},[278],{"nodeType":241,"value":279,"marks":280,"data":282},"Regulation",[281],{"type":245},{},{"nodeType":272,"data":284,"content":285},{},[286],{"nodeType":248,"data":287,"content":288},{},[289],{"nodeType":241,"value":290,"marks":291,"data":293},"Jurisdiction",[292],{"type":245},{},{"nodeType":272,"data":295,"content":296},{},[297],{"nodeType":248,"data":298,"content":299},{},[300],{"nodeType":241,"value":301,"marks":302,"data":304},"What it requires for AI",[303],{"type":245},{},{"nodeType":272,"data":306,"content":307},{},[308],{"nodeType":248,"data":309,"content":310},{},[311],{"nodeType":241,"value":312,"marks":313,"data":315},"Status",[314],{"type":245},{},{"nodeType":268,"data":317,"content":318},{},[319,343,353,387],{"nodeType":272,"data":320,"content":321},{},[322],{"nodeType":248,"data":323,"content":324},{},[325,328,340],{"nodeType":241,"value":29,"marks":326,"data":327},[],{},{"nodeType":329,"data":330,"content":332},"hyperlink",{"uri":331},"https://artificialintelligenceact.eu/",[333],{"nodeType":241,"value":334,"marks":335,"data":339},"EU AI Act",[336,338],{"type":337},"underline",{"type":245},{},{"nodeType":241,"value":29,"marks":341,"data":342},[],{},{"nodeType":272,"data":344,"content":345},{},[346],{"nodeType":248,"data":347,"content":348},{},[349],{"nodeType":241,"value":350,"marks":351,"data":352},"EU",[],{},{"nodeType":272,"data":354,"content":355},{},[356],{"nodeType":248,"data":357,"content":358},{},[359,363,371,375,383],{"nodeType":241,"value":360,"marks":361,"data":362},"AI system inventory and risk classification; ",[],{},{"nodeType":329,"data":364,"content":366},{"uri":365},"https://artificialintelligenceact.eu/article/4/",[367],{"nodeType":241,"value":368,"marks":369,"data":370},"AI literacy",[],{},{"nodeType":241,"value":372,"marks":373,"data":374}," for all staff; ",[],{},{"nodeType":329,"data":376,"content":378},{"uri":377},"https://artificialintelligenceact.eu/article/15/",[379],{"nodeType":241,"value":380,"marks":381,"data":382},"cybersecurity resilience",[],{},{"nodeType":241,"value":384,"marks":385,"data":386}," for high-risk AI; transparency and human oversight",[],{},{"nodeType":272,"data":388,"content":389},{},[390],{"nodeType":248,"data":391,"content":392},{},[393,396,404],{"nodeType":241,"value":29,"marks":394,"data":395},[],{},{"nodeType":329,"data":397,"content":398},{"uri":365},[399],{"nodeType":241,"value":400,"marks":401,"data":403},"Art. 4",[402],{"type":337},{},{"nodeType":241,"value":405,"marks":406,"data":407}," (literacy) in force Feb 2025; high-risk obligations Aug 2026",[],{},{"nodeType":268,"data":409,"content":410},{},[411,433,443,464],{"nodeType":272,"data":412,"content":413},{},[414],{"nodeType":248,"data":415,"content":416},{},[417,420,430],{"nodeType":241,"value":29,"marks":418,"data":419},[],{},{"nodeType":329,"data":421,"content":423},{"uri":422},"https://eur-lex.europa.eu/eli/reg/2022/2554/oj",[424],{"nodeType":241,"value":425,"marks":426,"data":429},"DORA",[427,428],{"type":337},{"type":245},{},{"nodeType":241,"value":29,"marks":431,"data":432},[],{},{"nodeType":272,"data":434,"content":435},{},[436],{"nodeType":248,"data":437,"content":438},{},[439],{"nodeType":241,"value":440,"marks":441,"data":442},"EU financial services",[],{},{"nodeType":272,"data":444,"content":445},{},[446],{"nodeType":248,"data":447,"content":448},{},[449,453,460],{"nodeType":241,"value":450,"marks":451,"data":452},"AI tools in ICT risk framework; AI providers in ",[],{},{"nodeType":329,"data":454,"content":455},{"uri":422},[456],{"nodeType":241,"value":457,"marks":458,"data":459},"third-party risk registers",[],{},{"nodeType":241,"value":461,"marks":462,"data":463},"; resilience testing covering AI-enhanced attacks",[],{},{"nodeType":272,"data":465,"content":466},{},[467],{"nodeType":248,"data":468,"content":469},{},[470],{"nodeType":241,"value":471,"marks":472,"data":473},"In force Jan 2025",[],{},{"nodeType":268,"data":475,"content":476},{},[477,499,509,519],{"nodeType":272,"data":478,"content":479},{},[480],{"nodeType":248,"data":481,"content":482},{},[483,486,496],{"nodeType":241,"value":29,"marks":484,"data":485},[],{},{"nodeType":329,"data":487,"content":489},{"uri":488},"https://eur-lex.europa.eu/eli/reg/2024/2847/oj",[490],{"nodeType":241,"value":491,"marks":492,"data":495},"EU Cyber Resilience Act",[493,494],{"type":337},{"type":245},{},{"nodeType":241,"value":29,"marks":497,"data":498},[],{},{"nodeType":272,"data":500,"content":501},{},[502],{"nodeType":248,"data":503,"content":504},{},[505],{"nodeType":241,"value":506,"marks":507,"data":508},"EU digital products",[],{},{"nodeType":272,"data":510,"content":511},{},[512],{"nodeType":248,"data":513,"content":514},{},[515],{"nodeType":241,"value":516,"marks":517,"data":518},"AI-enabled software must meet essential cybersecurity requirements; vulnerability management and incident reporting",[],{},{"nodeType":272,"data":520,"content":521},{},[522],{"nodeType":248,"data":523,"content":524},{},[525],{"nodeType":241,"value":526,"marks":527,"data":528},"Reporting Sep 2026; full compliance Dec 2027",[],{},{"nodeType":268,"data":530,"content":531},{},[532,554,564,614],{"nodeType":272,"data":533,"content":534},{},[535],{"nodeType":248,"data":536,"content":537},{},[538,541,551],{"nodeType":241,"value":29,"marks":539,"data":540},[],{},{"nodeType":329,"data":542,"content":544},{"uri":543},"https://www.dfs.ny.gov/industry_guidance/cybersecurity",[545],{"nodeType":241,"value":546,"marks":547,"data":550},"NYDFS 23 NYCRR 500",[548,549],{"type":337},{"type":245},{},{"nodeType":241,"value":29,"marks":552,"data":553},[],{},{"nodeType":272,"data":555,"content":556},{},[557],{"nodeType":248,"data":558,"content":559},{},[560],{"nodeType":241,"value":561,"marks":562,"data":563},"US (NY financial services)",[],{},{"nodeType":272,"data":565,"content":566},{},[567],{"nodeType":248,"data":568,"content":569},{},[570,573,582,586,594,598,611],{"nodeType":241,"value":29,"marks":571,"data":572},[],{},{"nodeType":329,"data":574,"content":576},{"uri":575},"https://www.dfs.ny.gov/industry-guidance/industry-letters/il20241016-cyber-risks-ai-and-strategies-combat-related-risks",[577],{"nodeType":241,"value":578,"marks":579,"data":581},"AI-resistant MFA",[580],{"type":337},{},{"nodeType":241,"value":583,"marks":584,"data":585},"; employee training on AI threats; ",[],{},{"nodeType":329,"data":587,"content":589},{"uri":588},"https://www.dfs.ny.gov/industry-guidance/industry-letters/il20251021-guidance-managing-risks-third-party",[590],{"nodeType":241,"value":591,"marks":592,"data":593},"third-party AI risk assessment",[],{},{"nodeType":241,"value":595,"marks":596,"data":597},";",[],{},{"nodeType":329,"data":599,"content":601},{"uri":600},"https://www.dfs.ny.gov/industry-guidance/industry-letters/20260521-heightened-cybersecurity-risks-assoc-with-frontier-ai-models",[602,606],{"nodeType":241,"value":603,"marks":604,"data":605}," ",[],{},{"nodeType":241,"value":607,"marks":608,"data":610},"frontier AI model defenses",[609],{"type":337},{},{"nodeType":241,"value":29,"marks":612,"data":613},[],{},{"nodeType":272,"data":615,"content":616},{},[617],{"nodeType":248,"data":618,"content":619},{},[620,624,631,635,642,645,652],{"nodeType":241,"value":621,"marks":622,"data":623},"Phased 2023–2025; AI-specific guidance issued ",[],{},{"nodeType":329,"data":625,"content":626},{"uri":575},[627],{"nodeType":241,"value":628,"marks":629,"data":630},"Oct 2024",[],{},{"nodeType":241,"value":632,"marks":633,"data":634},", ",[],{},{"nodeType":329,"data":636,"content":637},{"uri":588},[638],{"nodeType":241,"value":639,"marks":640,"data":641},"Oct 2025",[],{},{"nodeType":241,"value":632,"marks":643,"data":644},[],{},{"nodeType":329,"data":646,"content":647},{"uri":600},[648],{"nodeType":241,"value":649,"marks":650,"data":651},"May 2026",[],{},{"nodeType":241,"value":29,"marks":653,"data":654},[],{},{"nodeType":268,"data":656,"content":657},{},[658,680,690,700],{"nodeType":272,"data":659,"content":660},{},[661],{"nodeType":248,"data":662,"content":663},{},[664,667,677],{"nodeType":241,"value":29,"marks":665,"data":666},[],{},{"nodeType":329,"data":668,"content":670},{"uri":669},"https://www.ncsl.org/technology-and-communication/2025-state-privacy-legislation-tracker",[671],{"nodeType":241,"value":672,"marks":673,"data":676},"US State Privacy laws",[674,675],{"type":337},{"type":245},{},{"nodeType":241,"value":29,"marks":678,"data":679},[],{},{"nodeType":272,"data":681,"content":682},{},[683],{"nodeType":248,"data":684,"content":685},{},[686],{"nodeType":241,"value":687,"marks":688,"data":689},"US (20+ states)",[],{},{"nodeType":272,"data":691,"content":692},{},[693],{"nodeType":248,"data":694,"content":695},{},[696],{"nodeType":241,"value":697,"marks":698,"data":699},"Automated decision-making transparency, opt-out rights, and impact assessments; AI and children's data protections",[],{},{"nodeType":272,"data":701,"content":702},{},[703],{"nodeType":248,"data":704,"content":705},{},[706],{"nodeType":241,"value":707,"marks":708,"data":709},"Rolling 2024–2027 (CA, CO, CT leading)",[],{},{"nodeType":268,"data":711,"content":712},{},[713,735,745,755],{"nodeType":272,"data":714,"content":715},{},[716],{"nodeType":248,"data":717,"content":718},{},[719,722,732],{"nodeType":241,"value":29,"marks":720,"data":721},[],{},{"nodeType":329,"data":723,"content":725},{"uri":724},"https://www.hhs.gov/hipaa/for-professionals/security/hipaa-security-rule-nprm/index.html",[726],{"nodeType":241,"value":727,"marks":728,"data":731},"HIPAA Security Rule",[729,730],{"type":337},{"type":245},{},{"nodeType":241,"value":29,"marks":733,"data":734},[],{},{"nodeType":272,"data":736,"content":737},{},[738],{"nodeType":248,"data":739,"content":740},{},[741],{"nodeType":241,"value":742,"marks":743,"data":744},"US healthcare",[],{},{"nodeType":272,"data":746,"content":747},{},[748],{"nodeType":248,"data":749,"content":750},{},[751],{"nodeType":241,"value":752,"marks":753,"data":754},"AI tools in mandatory technology asset inventory; mandatory encryption covering AI; AI-enhanced attack preparedness",[],{},{"nodeType":272,"data":756,"content":757},{},[758],{"nodeType":248,"data":759,"content":760},{},[761,764,773],{"nodeType":241,"value":29,"marks":762,"data":763},[],{},{"nodeType":329,"data":765,"content":767},{"uri":766},"https://www.hhs.gov/hipaa/for-professionals/security/hipaa-security-rule-nprm/factsheet/index.html",[768],{"nodeType":241,"value":769,"marks":770,"data":772},"Final rule",[771],{"type":337},{},{"nodeType":241,"value":774,"marks":775,"data":776}," expected 2026",[],{},{"nodeType":268,"data":778,"content":779},{},[780,802,812,834],{"nodeType":272,"data":781,"content":782},{},[783],{"nodeType":248,"data":784,"content":785},{},[786,789,799],{"nodeType":241,"value":29,"marks":787,"data":788},[],{},{"nodeType":329,"data":790,"content":792},{"uri":791},"https://www.legislation.gov.uk/ukpga/2025/18",[793],{"nodeType":241,"value":794,"marks":795,"data":798},"UK Data (Use and Access) Act",[796,797],{"type":337},{"type":245},{},{"nodeType":241,"value":29,"marks":800,"data":801},[],{},{"nodeType":272,"data":803,"content":804},{},[805],{"nodeType":248,"data":806,"content":807},{},[808],{"nodeType":241,"value":809,"marks":810,"data":811},"UK",[],{},{"nodeType":272,"data":813,"content":814},{},[815],{"nodeType":248,"data":816,"content":817},{},[818,822,830],{"nodeType":241,"value":819,"marks":820,"data":821},"Reformed ",[],{},{"nodeType":329,"data":823,"content":825},{"uri":824},"https://www.legislation.gov.uk/ukpga/2025/18/section/80",[826],{"nodeType":241,"value":827,"marks":828,"data":829},"automated decision-making rules",[],{},{"nodeType":241,"value":831,"marks":832,"data":833}," (new Arts. 22A-22D UK GDPR): meaningful information about decisions, right to make representations, human intervention and contestation rights; stricter controls for special category data; new complaints-handling duty with 30-day response clock (from June 2026)",[],{},{"nodeType":272,"data":835,"content":836},{},[837],{"nodeType":248,"data":838,"content":839},{},[840],{"nodeType":241,"value":841,"marks":842,"data":843},"Main provisions Feb 2026; complaints duty June 2026",[],{},{"nodeType":845,"data":846,"content":852},"embedded-entry-block",{"target":847},{"sys":848},{"id":849,"type":850,"linkType":851},"1J7nJKJ5XDLLiicX9cD4H1","Link","Entry",[],{"nodeType":248,"data":854,"content":855},{},[856],{"nodeType":241,"value":857,"marks":858,"data":859},"Even if your organization isn't yet subject to these specific regulations, the direction of travel matters. The EU has a track record of setting global regulatory standards: GDPR reshaped data privacy practices worldwide, and the Digital Markets Act is influencing antitrust enforcement well beyond European borders.",[],{},{"nodeType":248,"data":861,"content":862},{},[863],{"nodeType":241,"value":864,"marks":865,"data":866},"The EU AI Act is the world's first comprehensive AI law, and the pattern of obligation categories it establishes is already visible in NYDFS guidance, US state privacy legislation, and the UK's reformed automated decision-making framework. Organizations that build the operational foundations to meet these obligations now will be ahead of whatever comes next, regardless of jurisdiction.",[],{},{"nodeType":868,"data":869,"content":870},"hr",{},[],{"nodeType":237,"data":872,"content":873},{},[874],{"nodeType":241,"value":875,"marks":876,"data":878},"Five obligation categories appear across frameworks",[877],{"type":245},{},{"nodeType":248,"data":880,"content":881},{},[882],{"nodeType":241,"value":883,"marks":884,"data":885},"Across these frameworks, the AI-specific obligations cluster into five categories. Individual regulations word them differently and scope them to different sectors, but the compliance actions they require are largely the same.",[],{},{"nodeType":887,"data":888,"content":889},"heading-2",{},[890],{"nodeType":241,"value":891,"marks":892,"data":894},"1. AI inventory and classification",[893],{"type":245},{},{"nodeType":248,"data":896,"content":897},{},[898],{"nodeType":241,"value":899,"marks":900,"data":901},"You can't classify AI systems by risk level if you don't know which ones your employees are using. Multiple regulations now require organizations to maintain a complete inventory of AI tools in their environment — whether as part of risk classification, asset management, or third-party risk registers.",[],{},{"nodeType":845,"data":903,"content":907},{"target":904},{"sys":905},{"id":906,"type":850,"linkType":851},"6MEapKaazFTulp7Ql0m7H1",[],{"nodeType":845,"data":909,"content":913},{"target":910},{"sys":911},{"id":912,"type":850,"linkType":851},"2hsKQ9DEspflhmtR0bE7QY",[],{"nodeType":887,"data":915,"content":916},{},[917],{"nodeType":241,"value":918,"marks":919,"data":921},"2. AI literacy and employee guidance",[920],{"type":245},{},{"nodeType":248,"data":923,"content":924},{},[925,929,934],{"nodeType":241,"value":926,"marks":927,"data":928},"Regulators increasingly expect organizations to demonstrate that employees understand the AI tools they use — not through annual training alone, but through continuous, contextual guidance at the point of interaction. Several frameworks now require auditable evidence that staff have been educated about AI risks and acceptable use policies. The common thread is the need for ",[],{},{"nodeType":241,"value":930,"marks":931,"data":933},"ongoing",[932],{"type":245},{},{"nodeType":241,"value":935,"marks":936,"data":937}," education, not as a one-off compliance exercise, but continuously at the point of interaction.",[],{},{"nodeType":887,"data":939,"content":940},{},[941],{"nodeType":241,"value":942,"marks":943,"data":945},"3. AI data governance and exposure control",[944],{"type":245},{},{"nodeType":248,"data":947,"content":948},{},[949],{"nodeType":241,"value":950,"marks":951,"data":952},"Regulations are converging on the requirement for controls over what data enters AI tools. This includes sensitive personal data, health data, and data subject to automated decision-making. Organizations need to know where personal data is being processed by AI and have mechanisms to prevent unauthorized exposure.",[],{},{"nodeType":887,"data":954,"content":955},{},[956],{"nodeType":241,"value":957,"marks":958,"data":960},"4. AI-resistant authentication and phishing defense",[959],{"type":245},{},{"nodeType":248,"data":962,"content":963},{},[964],{"nodeType":241,"value":965,"marks":966,"data":967},"AI is making phishing attacks more convincing and harder to detect through traditional means. Several frameworks now require authentication methods that can withstand AI-enhanced attacks, specifically naming phishing-resistant options like digital certificates and security keys over SMS or voice-based authentication. Beyond authentication, organizations need defenses against AI-powered phishing that bypasses the lure-quality signals users were trained to spot.",[],{},{"nodeType":845,"data":969,"content":973},{"target":970},{"sys":971},{"id":972,"type":850,"linkType":851},"6v3l0lGH6twfYi2JaM5fKt",[],{"nodeType":887,"data":975,"content":976},{},[977],{"nodeType":241,"value":978,"marks":979,"data":981},"5. Third-party AI risk and supply chain governance",[980],{"type":245},{},{"nodeType":248,"data":983,"content":984},{},[985],{"nodeType":241,"value":986,"marks":987,"data":988},"Employees adopt AI tools faster than procurement can track them, and each one that connects to corporate systems via OAuth creates a persistent trust relationship. Regulators now require organizations to know which third-party AI services they depend on, what permissions those services hold, and whether they introduce concentration risk. ",[],{},{"nodeType":845,"data":990,"content":994},{"target":991},{"sys":992},{"id":993,"type":850,"linkType":851},"7xx2yYRJXBY55qTqBTTZcp",[],{"nodeType":868,"data":996,"content":997},{},[],{"nodeType":237,"data":999,"content":1000},{},[1001],{"nodeType":241,"value":1002,"marks":1003,"data":1005},"How the regulations will be enforced",[1004],{"type":245},{},{"nodeType":248,"data":1007,"content":1008},{},[1009,1013,1021],{"nodeType":241,"value":1010,"marks":1011,"data":1012},"The consequences extend well beyond fines. EU AI Act penalties reach ",[],{},{"nodeType":329,"data":1014,"content":1016},{"uri":1015},"https://artificialintelligenceact.eu/article/99/",[1017],{"nodeType":241,"value":1018,"marks":1019,"data":1020},"€35 million or 7% of global turnover",[],{},{"nodeType":241,"value":1022,"marks":1023,"data":1024}," for prohibited practices, but the operational impact may bite harder: non-compliant AI systems cannot be placed on the EU market, and providers bear direct responsibility for conformity under Articles 16 and 26 — meaning the CISO who signed off on an AI deployment that turns out to be non-compliant has personal exposure, not just a budget line item.",[],{},{"nodeType":248,"data":1026,"content":1027},{},[1028,1032,1041],{"nodeType":241,"value":1029,"marks":1030,"data":1031},"Italy's implementation law (",[],{},{"nodeType":329,"data":1033,"content":1035},{"uri":1034},"https://www.nortonrosefulbright.com/en/knowledge/publications/9bfedfea/italy-enacts-law-no-132-2025-on-artificial-intelligence-sector-rules-and-next-steps",[1036],{"nodeType":241,"value":1037,"marks":1038,"data":1040},"Law No. 132/2025",[1039],{"type":337},{},{"nodeType":241,"value":1042,"marks":1043,"data":1044},") goes further, introducing criminal penalties including imprisonment for AI-related offenses like deepfake dissemination.",[],{},{"nodeType":248,"data":1046,"content":1047},{},[1048,1052,1060],{"nodeType":241,"value":1049,"marks":1050,"data":1051},"NYDFS penalties accumulate at $2,500 per day per violation, and the regulator has been aggressive: it levied ",[],{},{"nodeType":329,"data":1053,"content":1055},{"uri":1054},"https://pushsecurity.com/blog/what-the-expansion-of-nydfs-nycrr-part-500-means-for-mfa-compliance/",[1056],{"nodeType":241,"value":1057,"marks":1058,"data":1059},"$14 million in fines",[],{},{"nodeType":241,"value":1061,"marks":1062,"data":1063}," from companies with inadequate MFA. CISOs sign annual compliance certifications under §500.17 where false certification carries personal liability.",[],{},{"nodeType":248,"data":1065,"content":1066},{},[1067],{"nodeType":241,"value":1068,"marks":1069,"data":1070},"The UK's Data (Use and Access) Act preserves ICO enforcement powers with fines up to £17.5 million or 4% of global turnover, and introduces a new statutory right for individuals to complain directly to controllers about automated decisions, with a 30-day response clock.",[],{},{"nodeType":868,"data":1072,"content":1073},{},[],{"nodeType":237,"data":1075,"content":1076},{},[1077],{"nodeType":241,"value":1078,"marks":1079,"data":1081},"Where Push maps to these obligations",[1080],{"type":245},{},{"nodeType":248,"data":1083,"content":1084},{},[1085],{"nodeType":241,"value":1086,"marks":1087,"data":1088},"The five obligation categories above map to specific Push capabilities, some directly, others as supporting evidence. Push's relevance to AI regulation isn't a new product direction. The same capabilities that security teams already use for shadow SaaS discovery, phishing defense, and identity posture hardening are what compliance teams need to demonstrate AI governance.",[],{},{"nodeType":887,"data":1090,"content":1091},{},[1092,1097],{"nodeType":241,"value":1093,"marks":1094,"data":1096},"AI inventory and shadow AI discovery.",[1095],{"type":245},{},{"nodeType":241,"value":603,"marks":1098,"data":1099},[],{},{"nodeType":248,"data":1101,"content":1102},{},[1103],{"nodeType":241,"value":1104,"marks":1105,"data":1106},"Push identifies every AI app, AI browser extension, and AI OAuth integration in use across the organization, not from network traffic patterns or procurement records, but from actual observed usage in the browser.",[],{},{"nodeType":887,"data":1108,"content":1109},{},[1110,1115],{"nodeType":241,"value":1111,"marks":1112,"data":1114},"AI usage policy enforcement and literacy evidence.",[1113],{"type":245},{},{"nodeType":241,"value":603,"marks":1116,"data":1117},[],{},{"nodeType":248,"data":1119,"content":1120},{},[1121],{"nodeType":241,"value":1122,"marks":1123,"data":1124},"Push's custom app banners deliver contextual policy guidance the moment an employee accesses an AI tool: linking to approved usage policies, data handling guidelines, or approved alternatives. Banners are fully customizable: they can include specific instructions, link to AI policy documents or approved alternatives, and messages from the security team tailored to the tool or user group. ",[],{},{"nodeType":845,"data":1126,"content":1130},{"target":1127},{"sys":1128},{"id":1129,"type":850,"linkType":851},"4bt65QXDiyTi1eq7wnbHUh",[],{"nodeType":887,"data":1132,"content":1133},{},[1134,1139],{"nodeType":241,"value":1135,"marks":1136,"data":1138},"AI data exposure controls.",[1137],{"type":245},{},{"nodeType":241,"value":603,"marks":1140,"data":1141},[],{},{"nodeType":248,"data":1143,"content":1144},{},[1145],{"nodeType":241,"value":1146,"marks":1147,"data":1148},"Push observes what users type, paste, and upload into AI tools, and can apply real-time controls, warning or blocking when sensitive patterns are detected. This is browser-layer DLP scoped to the AI interaction surface: it won't replace a dedicated DLP platform, but it closes the specific gap that most DLP tools miss because they lack visibility into browser-based AI interactions. Push provides the detection and enforcement layer at the point where the data actually leaves the organization.",[],{},{"nodeType":887,"data":1150,"content":1151},{},[1152,1157],{"nodeType":241,"value":1153,"marks":1154,"data":1156},"MFA verification and phishing defense.",[1155],{"type":245},{},{"nodeType":241,"value":603,"marks":1158,"data":1159},[],{},{"nodeType":248,"data":1161,"content":1162},{},[1163],{"nodeType":241,"value":1164,"marks":1165,"data":1166},"Push detects where MFA is missing and identifies the type of MFA in use, directly supporting the push toward phishing-resistant authentication methods.",[],{},{"nodeType":248,"data":1168,"content":1169},{},[1170],{"nodeType":241,"value":1171,"marks":1172,"data":1173},"Push's behavioral phishing detection stops AiTM phishing, credential harvesting, device code phishing, and ClickFix attacks because Push detects malicious behavior in the browser, making it effective against even AI-powered phishing attacks, or those that are delivered over traditionally unmonitored channels such as search engines, social media, or even via phone call.",[],{},{"nodeType":845,"data":1175,"content":1179},{"target":1176},{"sys":1177},{"id":1178,"type":850,"linkType":851},"3hqv1nql8FvB8j7uRiddqB",[],{"nodeType":887,"data":1181,"content":1182},{},[1183,1188],{"nodeType":241,"value":1184,"marks":1185,"data":1187},"Third-party AI risk visibility.",[1186],{"type":245},{},{"nodeType":241,"value":603,"marks":1189,"data":1190},[],{},{"nodeType":248,"data":1192,"content":1193},{},[1194],{"nodeType":241,"value":1195,"marks":1196,"data":1197},"Push maps exactly which AI services employees have accessed and used, connected to other business apps via OAuth, what permissions those integrations hold, and who authorized them. This surfaces the AI providers that procurement never approved but employees adopted anyway, before they become a compliance finding or a breach vector.",[],{},{"nodeType":868,"data":1199,"content":1200},{},[],{"nodeType":237,"data":1202,"content":1203},{},[1204],{"nodeType":241,"value":1205,"marks":1206,"data":1208},"The compliance gap is an observability gap",[1207],{"type":245},{},{"nodeType":248,"data":1210,"content":1211},{},[1212],{"nodeType":241,"value":1213,"marks":1214,"data":1215},"The common failure mode across all five obligation categories is the same: the organization has a policy but can't demonstrate enforcement, because the tooling that would provide evidence operates at the wrong layer. IdP logs show managed authentication but not shadow AI logins. Network tools see traffic to AI domains but not the OAuth consent grants or the data in the clipboard. Annual training records exist but can't prove that an employee received guidance at the point of AI interaction.",[],{},{"nodeType":248,"data":1217,"content":1218},{},[1219],{"nodeType":241,"value":1220,"marks":1221,"data":1222},"Browser-layer telemetry closes each of these gaps because it's where the regulated activity actually happens, and where (with Push) you can observe and control it too.",[],{},{"nodeType":248,"data":1224,"content":1225},{},[1226],{"nodeType":241,"value":1227,"marks":1228,"data":1229},"The regulations covered here are the current landscape, but they aren't the final one. AI governance requirements are accelerating: NIST's AI cybersecurity framework profile is expected this summer, CISA's Five Eyes agentic AI guidance landed in May, and EU member states are still building out their national enforcement regimes.",[],{},{"nodeType":845,"data":1231,"content":1235},{"target":1232},{"sys":1233},{"id":1234,"type":850,"linkType":851},"OThPeKuFnpoo1e1FAGsFP",[],{"nodeType":868,"data":1237,"content":1238},{},[],{"nodeType":248,"data":1240,"content":1241},{},[1242],{"nodeType":241,"value":1243,"marks":1244,"data":1245},"Push Security is the most powerful AI-native security tool in the browser. Think EDR, but for the browser — high-fidelity telemetry and real-time control across every session, on every device, with no browser migration required.",[],{},{"nodeType":248,"data":1247,"content":1248},{},[1249],{"nodeType":241,"value":1250,"marks":1251,"data":1252},"Security teams use Push to detect and stop advanced browser-based attacks like AiTM phishing, ClickFix, and session hijacking; gain visibility and control over AI tool usage across their workforce; harden identities by surfacing credential reuse, SSO gaps, and shadow IT; and support data loss and insider investigations with browser-layer telemetry that other tools can't see.",[],{},{"nodeType":248,"data":1254,"content":1255},{},[1256,1259,1268],{"nodeType":241,"value":29,"marks":1257,"data":1258},[],{},{"nodeType":329,"data":1260,"content":1262},{"uri":1261},"https://pushsecurity.com/demo",[1263],{"nodeType":241,"value":1264,"marks":1265,"data":1267},"Book a live demo to learn more.",[1266],{"type":337},{},{"nodeType":241,"value":29,"marks":1269,"data":1270},[],{},{"entries":1272},{"hyperlink":1273,"inline":1274,"block":1275},[],[],[1276,1285,1312,1320,1347,1373,1387,1432],{"sys":1277,"__typename":1278,"title":1279,"caption":1280,"layoutMode":62,"file":1281},{"id":849},"Image","ai regulation matrix","Map of how different regulations map to AI control requirements.",{"url":1282,"width":1283,"height":1284},"https://images.ctfassets.net/y1cdw1ablpvd/3rfEWb5FXvXR07jdPdoht6/42f1c515e62fcc58aa0e270a424cfacc/ai_regulation_matrix_3x__4_.png",2550,1806,{"sys":1286,"__typename":1287,"content":1288,"name":1311,"title":62},{"id":906},"InsightTextBlockComponent",{"json":1289},{"nodeType":233,"data":1290,"content":1291},{},[1292],{"nodeType":248,"data":1293,"content":1294},{},[1295,1299,1307],{"nodeType":241,"value":1296,"marks":1297,"data":1298},"Most organizations are dealing with uncontrolled ",[],{},{"nodeType":329,"data":1300,"content":1302},{"uri":1301},"https://pushsecurity.com/blog/what-push-data-reveals-about-the-state-of-shadow-ai/",[1303],{"nodeType":241,"value":1304,"marks":1305,"data":1306},"Shadow AI sprawl",[],{},{"nodeType":241,"value":1308,"marks":1309,"data":1310},". We find that the average organization has 16 unique AI apps in active use, 17 unique AI browser extensions, and 17 unique AI OAuth integrations connected into just Google Workspace and Microsoft 365 — with some organizations reaching as high as 40 unique AI apps, 163 AI extensions, and 55 OAuth connections to AI apps respectively. At the other end, the smallest organization with the lowest adoption level is actively using two. ",[],{},"AI regulation IB1",{"sys":1313,"__typename":1278,"title":1314,"caption":1315,"layoutMode":62,"file":1316},{"id":912},"ai-sprawl-infographic","AI sprawl is worse than most organizations realize. ",{"url":1317,"width":1318,"height":1319},"https://images.ctfassets.net/y1cdw1ablpvd/7vCbQdyRkjLs5EmsjBBAQp/3bfb13e7ec19be76325cdc69297c48c3/ai-sprawl-infographic_2x__3_.png",1800,1192,{"sys":1321,"__typename":1287,"content":1322,"name":1346,"title":62},{"id":972},{"json":1323},{"data":1324,"content":1325,"nodeType":233},{},[1326],{"data":1327,"content":1328,"nodeType":248},{},[1329,1333,1342],{"data":1330,"marks":1331,"value":1332,"nodeType":241},{},[],"In the UK, ",{"data":1334,"content":1336,"nodeType":329},{"uri":1335},"https://ico.org.uk/about-the-ico/media-centre/news-and-blogs/2026/05/five-steps-to-protect-your-organisation-from-AI-powered-cyber-threats/",[1337],{"data":1338,"marks":1339,"value":1341,"nodeType":241},{},[1340],{"type":337},"the ICO's May 2026 blog",{"data":1343,"marks":1344,"value":1345,"nodeType":241},{},[]," names AI-generated phishing, deepfake social engineering, and credential stuffing as specific threats organisations must address under UK GDPR Article 32. It calls for multi-factor authentication on all remote access, admin accounts, and email, alongside layered defences that assume foundational controls alone are insufficient against AI-powered attacks.","ai regulation IB2",{"sys":1348,"__typename":1287,"content":1349,"name":1372,"title":62},{"id":993},{"json":1350},{"nodeType":233,"data":1351,"content":1352},{},[1353],{"nodeType":248,"data":1354,"content":1355},{},[1356,1360,1368],{"nodeType":241,"value":1357,"marks":1358,"data":1359},"In May 2026, ",[],{},{"nodeType":329,"data":1361,"content":1363},{"uri":1362},"https://www.cisa.gov/resources-tools/resources/careful-adoption-agentic-ai-services",[1364],{"nodeType":241,"value":1365,"marks":1366,"data":1367},"CISA and Five Eyes partners published the first multinational guidance on agentic AI adoption",[],{},{"nodeType":241,"value":1369,"marks":1370,"data":1371},", identifying privilege escalation and accountability gaps as core risks — a signal that AI agent governance will soon move from best practice to regulatory expectation. ",[],{},"ai regulation IB3",{"sys":1374,"__typename":1287,"content":1375,"name":1386,"title":62},{"id":1129},{"json":1376},{"nodeType":233,"data":1377,"content":1378},{},[1379],{"nodeType":248,"data":1380,"content":1381},{},[1382],{"nodeType":241,"value":1383,"marks":1384,"data":1385},"When an employee clicks through or acknowledges the banner, Push generates auditable telemetry, creating a documented, timestamped record that the employee received policy guidance at the exact point of AI interaction (not just in a training session six months prior).",[],{},"ai regulation ib6",{"sys":1388,"__typename":1287,"content":1389,"name":1431,"title":62},{"id":1178},{"json":1390},{"nodeType":233,"data":1391,"content":1392},{},[1393,1412],{"nodeType":248,"data":1394,"content":1395},{},[1396,1400,1408],{"nodeType":241,"value":1397,"marks":1398,"data":1399},"Attackers are ",[],{},{"nodeType":329,"data":1401,"content":1403},{"uri":1402},"https://pushsecurity.com/blog/the-pyramid-of-pain-in-the-ai-era/",[1404],{"nodeType":241,"value":1405,"marks":1406,"data":1407},"increasingly leveraging AI in their phishing campaigns",[],{},{"nodeType":241,"value":1409,"marks":1410,"data":1411},", creating new and derivative phishing kits, adding new capabilities, and finding ways to increase the speed and scale of their operations. But Push's vantage point in the browser means that regardless of the tooling or infrastructure used, Push intercepts the attack at the point of interaction. ",[],{},{"nodeType":248,"data":1413,"content":1414},{},[1415,1419,1427],{"nodeType":241,"value":1416,"marks":1417,"data":1418},"This even applies to AI-powered voice and video faking attacks: since ",[],{},{"nodeType":329,"data":1420,"content":1422},{"uri":1421},"https://pushsecurity.com/blog/analyzing-the-instructure-breach/",[1423],{"nodeType":241,"value":1424,"marks":1425,"data":1426},"most voice-based attacks still result in a user being directed to interact with a browser payload",[],{},{"nodeType":241,"value":1428,"marks":1429,"data":1430},", Push can still intercept them at the point that the caller is lured to a malicious web page or resource.",[],{},"ai regulation IB4",{"sys":1433,"__typename":1287,"content":1434,"name":1445,"title":62},{"id":1234},{"json":1435},{"data":1436,"content":1437,"nodeType":233},{},[1438],{"data":1439,"content":1440,"nodeType":248},{},[1441],{"data":1442,"marks":1443,"value":1444,"nodeType":241},{},[],"The five obligation categories we've identified aren't artifacts of any single regulation; they reflect a durable regulatory consensus about what responsible AI governance requires. Building the operational capability to meet them now — continuous AI inventory, demonstrable employee guidance, data exposure controls, phishing-resistant authentication, and third-party risk visibility — means you're prepared for future frameworks.","ai regulation ib5","json",{},"How browser visibility and control can achieve AI compliance","2026-06-02T00:00:00.000Z",{"items":1451},[1452,2083,3029],{"__typename":1453,"sys":1454,"publishedDate":1456,"content":1457,"title":2062,"synopsis":2063,"hashTags":62,"slug":2064,"tagsCollection":2065,"authorsCollection":2075},"BlogPosts",{"id":1455},"4NY2NbkAPucFOJY45yrrrE","2026-05-28T00:00:00.000Z",{"json":1458},{"nodeType":233,"data":1459,"content":1460},{},[1461,1468,1475,1482,1488,1529,1532,1540,1547,1555,1599,1605,1612,1617,1620,1628,1635,1643,1650,1657,1673,1681,1706,1713,1719,1726,1734,1749,1777,1783,1801,1807,1815,1822,1847,1854,1861,1868,1874,1877,1885,1892,1899,1918,1926,1933,1941,1964,1976,1979,1987,1994,2001,2008,2028,2031,2037,2043],{"nodeType":248,"data":1462,"content":1463},{},[1464],{"nodeType":241,"value":1465,"marks":1466,"data":1467},"Employees have been self-adopting apps, creating unmanaged accounts, and introducing third-party software dependencies into their organizations for years, and the core problem hasn't changed: unmanaged software expanding your attack surface without your knowledge.",[],{},{"nodeType":248,"data":1469,"content":1470},{},[1471],{"nodeType":241,"value":1472,"marks":1473,"data":1474},"But the rate at which employees are signing up for AI tools is unprecedented, and the depth of interconnectivity those tools demand is fundamentally different from traditional shadow SaaS. ",[],{},{"nodeType":248,"data":1476,"content":1477},{},[1478],{"nodeType":241,"value":1479,"marks":1480,"data":1481},"AI tools aren't just standalone apps that employees sign into — they're increasingly used as agents that drive other applications, pulling data from one platform, acting on another — they are becoming a core that other apps are integrating to, and that users are integrating with their wider SaaS stack. It’s becoming a focal integration point for app access and functionality in a way that's more comparable to an enterprise cloud platform than a typical SaaS tool. ",[],{},{"nodeType":845,"data":1483,"content":1487},{"target":1484},{"sys":1485},{"id":1486,"type":850,"linkType":851},"4jsomkKmK7Vjijo8UkCQkf",[],{"nodeType":248,"data":1489,"content":1490},{},[1491,1495,1503,1507,1512,1516,1525],{"nodeType":241,"value":1492,"marks":1493,"data":1494},"The industry data backs this up. The ",[],{},{"nodeType":329,"data":1496,"content":1498},{"uri":1497},"https://www.verizon.com/business/resources/reports/dbir/",[1499],{"nodeType":241,"value":1500,"marks":1501,"data":1502},"Verizon DBIR 2026",[],{},{"nodeType":241,"value":1504,"marks":1505,"data":1506}," reports that ",[],{},{"nodeType":241,"value":1508,"marks":1509,"data":1511},"45% of employees are now regular AI users on corporate devices",[1510],{"type":245},{},{"nodeType":241,"value":1513,"marks":1514,"data":1515},", up from 15% the year before. ",[],{},{"nodeType":329,"data":1517,"content":1519},{"uri":1518},"https://omdia.tech.informa.com/",[1520],{"nodeType":241,"value":1521,"marks":1522,"data":1524},"Omdia's 2026 browser security research",[1523],{"type":337},{},{"nodeType":241,"value":1526,"marks":1527,"data":1528}," presents a stronger picture, finding that 92% allow employees to use public GenAI applications. However, given that the typical company policy sanctions a small number of approved tools, this means everything else employees are using is unsanctioned by default. In other words: every organization in the survey had unsanctioned AI usage.",[],{},{"nodeType":868,"data":1530,"content":1531},{},[],{"nodeType":237,"data":1533,"content":1534},{},[1535],{"nodeType":241,"value":1536,"marks":1537,"data":1539},"The state of shadow AI, using Push data",[1538],{"type":245},{},{"nodeType":248,"data":1541,"content":1542},{},[1543],{"nodeType":241,"value":1544,"marks":1545,"data":1546},"We analyzed a snapshot of AI activity across Push customers during an average week in April 2026. We wanted to make sure it captured actual activity, not just historical data on apps that were added once and no longer used.",[],{},{"nodeType":248,"data":1548,"content":1549},{},[1550],{"nodeType":241,"value":1551,"marks":1552,"data":1554},"The numbers paint a picture that most security teams will find uncomfortable.",[1553],{"type":245},{},{"nodeType":248,"data":1556,"content":1557},{},[1558,1562,1567,1571,1576,1580,1585,1589,1595],{"nodeType":241,"value":1559,"marks":1560,"data":1561},"The average organization has ",[],{},{"nodeType":241,"value":1563,"marks":1564,"data":1566},"16 unique AI apps",[1565],{"type":245},{},{"nodeType":241,"value":1568,"marks":1569,"data":1570}," in active use, ",[],{},{"nodeType":241,"value":1572,"marks":1573,"data":1575},"17 unique AI browser extensions",[1574],{"type":245},{},{"nodeType":241,"value":1577,"marks":1578,"data":1579},", and ",[],{},{"nodeType":241,"value":1581,"marks":1582,"data":1584},"17 unique AI OAuth integrations",[1583],{"type":245},{},{"nodeType":241,"value":1586,"marks":1587,"data":1588}," connected into just Google Workspace and Microsoft 365 — with some organizations reaching as high as 40 unique AI apps, 163 AI extensions, and 55 OAuth connections to AI apps respectively. At the other end, the smallest organization with the ",[],{},{"nodeType":241,"value":1590,"marks":1591,"data":1594},"lowest",[1592],{"type":1593},"italic",{},{"nodeType":241,"value":1596,"marks":1597,"data":1598}," adoption level is actively using two. ",[],{},{"nodeType":845,"data":1600,"content":1604},{"target":1601},{"sys":1602},{"id":1603,"type":850,"linkType":851},"2AfeiHub5kyZN8wuf6CJch",[],{"nodeType":248,"data":1606,"content":1607},{},[1608],{"nodeType":241,"value":1609,"marks":1610,"data":1611},"If most organizations have sanctioned one or two core AI assistants/platforms for business use, the gap between what's approved and what's actually happening is significant.",[],{},{"nodeType":845,"data":1613,"content":1616},{"target":1614},{"sys":1615},{"id":912,"type":850,"linkType":851},[],{"nodeType":868,"data":1618,"content":1619},{},[],{"nodeType":237,"data":1621,"content":1622},{},[1623],{"nodeType":241,"value":1624,"marks":1625,"data":1627},"Understanding the four categories of shadow AI",[1626],{"type":245},{},{"nodeType":248,"data":1629,"content":1630},{},[1631],{"nodeType":241,"value":1632,"marks":1633,"data":1634},"Shadow SaaS has always been a problem, but in the context of AI apps there are four categories of shadow IT that security teams need to understand, because each one introduces a different kind of risk and requires a different approach to tackling it.",[],{},{"nodeType":887,"data":1636,"content":1637},{},[1638],{"nodeType":241,"value":1639,"marks":1640,"data":1642},"Shadow AI apps",[1641],{"type":245},{},{"nodeType":248,"data":1644,"content":1645},{},[1646],{"nodeType":241,"value":1647,"marks":1648,"data":1649},"Shadow apps are AI tools that employees have signed up to and are using for business purposes without approval. This is the most visible dimension of the problem, and the one most people think of when they hear \"shadow AI\" — an employee pastes sensitive internal documents into ChatGPT, uploads confidential files to an AI assistant, or uses an unapproved coding tool to generate production code.",[],{},{"nodeType":248,"data":1651,"content":1652},{},[1653],{"nodeType":241,"value":1654,"marks":1655,"data":1656},"All of that is sensitive data leaving the organization through channels the security team can't see - and often accessible using personal accounts that can be compromised on personal devices or workstations. ",[],{},{"nodeType":248,"data":1658,"content":1659},{},[1660,1664,1669],{"nodeType":241,"value":1661,"marks":1662,"data":1663},"The 2026 DBIR's data loss prevention analysis underscores the scale — shadow AI is now the ",[],{},{"nodeType":241,"value":1665,"marks":1666,"data":1668},"third most common non-malicious insider action",[1667],{"type":245},{},{"nodeType":241,"value":1670,"marks":1671,"data":1672}," in DLP data, a 4x increase year-over-year. Across 858,000+ DLP events targeting GenAI tools, the most common data types being submitted were source code (28%), images (16%), structured data (14%), documents (13%), and PDFs (10%). That's not employees asking ChatGPT to fix their grammar — it's core intellectual property, production code, and internal documentation flowing into platforms the security team has no visibility into. But shadow apps themselves are only the most obvious part of the problem.",[],{},{"nodeType":887,"data":1674,"content":1675},{},[1676],{"nodeType":241,"value":1677,"marks":1678,"data":1680},"Shadow tenants",[1679],{"type":245},{},{"nodeType":248,"data":1682,"content":1683},{},[1684,1688,1693,1697,1702],{"nodeType":241,"value":1685,"marks":1686,"data":1687},"Even when an organization has approved an AI tool — say, an enterprise ChatGPT deployment — employees frequently access the same app with personal accounts, creating shadow tenants that sit entirely outside organizational control. The DBIR found that ",[],{},{"nodeType":241,"value":1689,"marks":1690,"data":1692},"67% of GenAI users on corporate devices are using non-corporate accounts",[1691],{"type":245},{},{"nodeType":241,"value":1694,"marks":1695,"data":1696},", and our own data shows that ",[],{},{"nodeType":241,"value":1698,"marks":1699,"data":1701},"38% of file uploads to AI tools are made from shadow accounts",[1700],{"type":245},{},{"nodeType":241,"value":1703,"marks":1704,"data":1705}," rather than approved organizational ones.",[],{},{"nodeType":248,"data":1707,"content":1708},{},[1709],{"nodeType":241,"value":1710,"marks":1711,"data":1712},"When an organization approves Claude, ChatGPT, or another core AI platform, you typically also approve the OAuth integration and browser extension for core apps (e.g. M365, Google Workspace, and so on). When that integration is approved, it is approved for all tenants — not just your corporate tenant. ",[],{},{"nodeType":845,"data":1714,"content":1718},{"target":1715},{"sys":1716},{"id":1717,"type":850,"linkType":851},"3Rvw0n28AYIM3FQXtHyafD",[],{"nodeType":248,"data":1720,"content":1721},{},[1722],{"nodeType":241,"value":1723,"marks":1724,"data":1725},"This means that even if you've deployed enterprise controls around your sanctioned AI tools — DLP policies, retention settings, admin oversight — more than a third of the file uploads hitting AI tools are bypassing those controls entirely because they're happening through personal accounts on corporate devices.",[],{},{"nodeType":887,"data":1727,"content":1728},{},[1729],{"nodeType":241,"value":1730,"marks":1731,"data":1733},"Shadow extensions",[1732],{"type":245},{},{"nodeType":248,"data":1735,"content":1736},{},[1737,1741,1745],{"nodeType":241,"value":1738,"marks":1739,"data":1740},"Many AI tools come with a browser extension counterpart, and there's a large ecosystem of third-party AI extensions that offer everything from writing assistance to automated data extraction. The average organization in our dataset has ",[],{},{"nodeType":241,"value":1572,"marks":1742,"data":1744},[1743],{"type":245},{},{"nodeType":241,"value":1746,"marks":1747,"data":1748}," deployed across its workforce, with the highest we observed reaching 163 — and since each of those average 17 different extensions may be installed by multiple employees, the actual number of individual extension installs across the organization is much higher still.",[],{},{"nodeType":248,"data":1750,"content":1751},{},[1752,1756,1764,1768,1773],{"nodeType":241,"value":1753,"marks":1754,"data":1755},"The extension dimension is particularly concerning because most extensions operate with significant privilege inside the browser — they can read and modify page content, access cookies and session tokens, and interact with virtually every web application an employee uses. As we detailed in our recent analysis of ",[],{},{"nodeType":329,"data":1757,"content":1759},{"uri":1758},"https://pushsecurity.com/blog/why-browser-extension-risk-scoring-wont-predict-your-next-breach/",[1760],{"nodeType":241,"value":1761,"marks":1762,"data":1763},"browser extension risk scoring",[],{},{"nodeType":241,"value":1765,"marks":1766,"data":1767},", at least ",[],{},{"nodeType":241,"value":1769,"marks":1770,"data":1772},"46.76% of all extensions across Push customers have the permission combinations needed to perform account takeover with no user interaction",[1771],{"type":245},{},{"nodeType":241,"value":1774,"marks":1775,"data":1776},", and the extensions involved in every major supply chain breach of the past 18 months scored as normal or low-risk beforehand.",[],{},{"nodeType":845,"data":1778,"content":1782},{"target":1779},{"sys":1780},{"id":1781,"type":850,"linkType":851},"3z4JOMALI52xoOXZkzPHLD",[],{"nodeType":248,"data":1784,"content":1785},{},[1786,1790,1797],{"nodeType":241,"value":1787,"marks":1788,"data":1789},"AI extensions add a specific wrinkle to this problem: many are branded to look like official companions to well-known AI tools but are actually third-party creations with no affiliation to the original vendor. They're not necessarily malicious at the point of installation, but they're exactly the kind of extension that's likely to be ",[],{},{"nodeType":329,"data":1791,"content":1792},{"uri":1758},[1793],{"nodeType":241,"value":1794,"marks":1795,"data":1796},"acquired and weaponized",[],{},{"nodeType":241,"value":1798,"marks":1799,"data":1800}," down the line — and in the meantime, they're collecting data that their permissions entitle them to (which, in most cases, means everything the user can see in their browser).",[],{},{"nodeType":845,"data":1802,"content":1806},{"target":1803},{"sys":1804},{"id":1805,"type":850,"linkType":851},"6K3z67rohss6H3lCsSn12B",[],{"nodeType":887,"data":1808,"content":1809},{},[1810],{"nodeType":241,"value":1811,"marks":1812,"data":1814},"Shadow integrations",[1813],{"type":245},{},{"nodeType":248,"data":1816,"content":1817},{},[1818],{"nodeType":241,"value":1819,"marks":1820,"data":1821},"The fourth dimension — and arguably the most dangerous — is shadow integrations: OAuth connections between AI tools and core enterprise apps that aren't known or approved by the security team. Even if an organization has approved an AI tool for standalone use, plugging that tool directly into Google Workspace, Microsoft 365, Salesforce, or any other one of the dozen or so SaaS apps in a typical user’s work stack is a fundamentally different risk decision, because it creates a persistent, programmatic bridge between your environment and a third party.",[],{},{"nodeType":248,"data":1823,"content":1824},{},[1825,1829,1834,1838,1843],{"nodeType":241,"value":1826,"marks":1827,"data":1828},"On average, we see ",[],{},{"nodeType":241,"value":1830,"marks":1831,"data":1833},"17 unique AI app OAuth integrations per organization",[1832],{"type":245},{},{"nodeType":241,"value":1835,"marks":1836,"data":1837}," in ",[],{},{"nodeType":241,"value":1839,"marks":1840,"data":1842},"just",[1841],{"type":1593},{},{"nodeType":241,"value":1844,"marks":1845,"data":1846}," Google Workspace and Microsoft 365 (to be clear: this number excludes the dozens of downstream apps the AI assistants are integrated with as well), with the highest reaching 55. Each of those represents a unique AI product that has been granted OAuth access — the total number of individual consent grants across users is larger, because popular integrations get authorized by multiple employees independently.",[],{},{"nodeType":248,"data":1848,"content":1849},{},[1850],{"nodeType":241,"value":1851,"marks":1852,"data":1853},"The actual number of AI-related OAuth connections across the full SaaS estate is considerably higher again, because AI tools that automate workflows need to be connected to be useful — pulling data from one app, analyzing it in another, presenting results in a third.",[],{},{"nodeType":248,"data":1855,"content":1856},{},[1857],{"nodeType":241,"value":1858,"marks":1859,"data":1860},"MCP connections use OAuth to achieve this interconnectivity in the same way, and AI coding agents create a particularly concentrated version of the risk: a single agent configuration can hold OAuth tokens for Jira, Confluence, Salesforce, GitHub, and more, meaning that compromising one agent — whether through prompt injection, a malicious repository config, or a supply chain attack on an MCP server — yields persistent, broadly scoped tokens for every service it was connected to, tokens that survive session restarts and generate audit log entries indistinguishable from legitimate user activity.",[],{},{"nodeType":248,"data":1862,"content":1863},{},[1864],{"nodeType":241,"value":1865,"marks":1866,"data":1867},"It's also worth noting that OAuth blast radius is almost always larger than organizations expect. A single well-permissioned user can expose secrets, dashboards, and internal tooling without tenant-wide admin access. And every new AI tool an employee connects makes the web of abusable permissions a little wider.",[],{},{"nodeType":845,"data":1869,"content":1873},{"target":1870},{"sys":1871},{"id":1872,"type":850,"linkType":851},"4SnzJ9T93gHzFIUASx7Yb3",[],{"nodeType":868,"data":1875,"content":1876},{},[],{"nodeType":237,"data":1878,"content":1879},{},[1880],{"nodeType":241,"value":1881,"marks":1882,"data":1884},"Why shadow AI needs a different solution to shadow SaaS",[1883],{"type":245},{},{"nodeType":248,"data":1886,"content":1887},{},[1888],{"nodeType":241,"value":1889,"marks":1890,"data":1891},"The reason it's worth distinguishing between these four dimensions isn't academic. Each one requires a different control, and addressing one doesn't solve the others.",[],{},{"nodeType":248,"data":1893,"content":1894},{},[1895],{"nodeType":241,"value":1896,"marks":1897,"data":1898},"Blocking unsanctioned AI apps does nothing for the personal accounts accessing approved ones, and neither addresses the average 17 different AI extensions running with broad browser permissions, let alone the dozens of OAuth integrations that have already been granted persistent access to core enterprise apps — and even auditing OAuth in Google Workspace and Microsoft 365, where the controls are relatively mature, leaves the broader SaaS estate unaddressed, where admin tooling is inconsistent and visibility is limited.",[],{},{"nodeType":248,"data":1900,"content":1901},{},[1902,1906,1914],{"nodeType":241,"value":1903,"marks":1904,"data":1905},"The tooling gap compounds the policy gap. ",[],{},{"nodeType":329,"data":1907,"content":1909},{"uri":1908},"https://pushsecurity.com/blog/7-things-omdias-latest-report-tells-us-about-the-secure-enterprise-browser-market/",[1910],{"nodeType":241,"value":1911,"marks":1912,"data":1913},"Omdia found",[],{},{"nodeType":241,"value":1915,"marks":1916,"data":1917}," that 58% of organizations rely on secure web gateways to secure GenAI usage — but an SWG can tell you that a user visited ChatGPT, not whether they pasted your source code into the prompt. That link between knowing where data went and knowing what the user actually did is the fundamental visibility gap that makes GenAI policies unenforceable without browser-layer tooling.",[],{},{"nodeType":887,"data":1919,"content":1920},{},[1921],{"nodeType":241,"value":1922,"marks":1923,"data":1925},"Advice for security teams",[1924],{"type":245},{},{"nodeType":248,"data":1927,"content":1928},{},[1929],{"nodeType":241,"value":1930,"marks":1931,"data":1932},"The principles behind managing shadow AI are the same ones that have governed shadow SaaS and software supply chain management for years: default-deny where feasible, comprehensive inventory where it isn't, and continuous monitoring for changes that signal increased risk. But it's vital that teams act fast to stop the snowball.",[],{},{"nodeType":248,"data":1934,"content":1935},{},[1936],{"nodeType":241,"value":1937,"marks":1938,"data":1940},"That starts with visibility into which AI tools employees are actually using and which accounts they're using to access them — without that baseline, every other control is built on assumptions.",[1939],{"type":245},{},{"nodeType":248,"data":1942,"content":1943},{},[1944,1949,1953,1960],{"nodeType":241,"value":1945,"marks":1946,"data":1948},"Extensions",[1947],{"type":245},{},{"nodeType":241,"value":1950,"marks":1951,"data":1952}," need the same ",[],{},{"nodeType":329,"data":1954,"content":1955},{"uri":1758},[1956],{"nodeType":241,"value":1957,"marks":1958,"data":1959},"default-deny allowlisting approach",[],{},{"nodeType":241,"value":1961,"marks":1962,"data":1963}," that has been best practice for software management elsewhere: build a complete inventory, allowlist what's vetted, block everything else, and monitor the approved set for changes that precede weaponization.",[],{},{"nodeType":248,"data":1965,"content":1966},{},[1967,1972],{"nodeType":241,"value":1968,"marks":1969,"data":1971},"OAuth",[1970],{"type":245},{},{"nodeType":241,"value":1973,"marks":1974,"data":1975}," demands the most urgency, because each unmanaged integration is a persistent trust relationship that survives password resets and MFA changes — adopt default-deny for consent grants in your primary enterprise apps, routinely audit what's already connected, and critically extend that visibility beyond Google and Microsoft to the broader SaaS estate where the controls are weaker and the sprawl is harder to track.",[],{},{"nodeType":868,"data":1977,"content":1978},{},[],{"nodeType":237,"data":1980,"content":1981},{},[1982],{"nodeType":241,"value":1983,"marks":1984,"data":1986},"Browser visibility and control is key to de-risking AI adoption",[1985],{"type":245},{},{"nodeType":248,"data":1988,"content":1989},{},[1990],{"nodeType":241,"value":1991,"marks":1992,"data":1993},"AI usage is fundamentally browser-based activity — every LLM interaction, every prompt containing sensitive data, every AI agent authorization, every OAuth consent grant happens inside a browser session — which makes the browser the natural control point for AI governance across the workforce. ",[],{},{"nodeType":248,"data":1995,"content":1996},{},[1997],{"nodeType":241,"value":1998,"marks":1999,"data":2000},"Push tracks AI app usage and login security across the workforce, inventories and controls AI browser extensions, monitors and blocks OAuth consent flows across any app (not just the primary enterprise platforms), and gives security teams a single view of the full shadow AI picture across all four dimensions.",[],{},{"nodeType":248,"data":2002,"content":2003},{},[2004],{"nodeType":241,"value":2005,"marks":2006,"data":2007},"Shadow AI isn't a problem that will age well if ignored. Every week that passes without visibility adds more apps, more extensions, more integrations, and more potential breach paths into the environment — and as the Vercel breach demonstrated, it only takes one forgotten OAuth grant to turn an employee's idle curiosity into an organization-wide incident.",[],{},{"nodeType":248,"data":2009,"content":2010},{},[2011,2015,2024],{"nodeType":241,"value":2012,"marks":2013,"data":2014},"Learn more about how you can tackle ",[],{},{"nodeType":329,"data":2016,"content":2018},{"uri":2017},"https://pushsecurity.com/uc/shadow-ai",[2019],{"nodeType":241,"value":2020,"marks":2021,"data":2023},"Shadow AI",[2022],{"type":337},{},{"nodeType":241,"value":2025,"marks":2026,"data":2027}," with Push. ",[],{},{"nodeType":868,"data":2029,"content":2030},{},[],{"nodeType":248,"data":2032,"content":2033},{},[2034],{"nodeType":241,"value":1243,"marks":2035,"data":2036},[],{},{"nodeType":248,"data":2038,"content":2039},{},[2040],{"nodeType":241,"value":1250,"marks":2041,"data":2042},[],{},{"nodeType":248,"data":2044,"content":2045},{},[2046,2050,2058],{"nodeType":241,"value":2047,"marks":2048,"data":2049},"Book a ",[],{},{"nodeType":329,"data":2051,"content":2052},{"uri":1261},[2053],{"nodeType":241,"value":2054,"marks":2055,"data":2057},"live demo",[2056],{"type":337},{},{"nodeType":241,"value":2059,"marks":2060,"data":2061}," to learn more.",[],{},"What Push data reveals about the state of shadow AI","Shadow AI isn't a new category of risk, it's shadow SaaS with better marketing. But AI adoption has been a genuine force multiplier for the problem.","what-push-data-reveals-about-the-state-of-shadow-ai",{"items":2066},[2067,2071],{"sys":2068,"name":2070},{"id":2069},"1gZi8NrRy2v9OqPV7C4dwD","Risk management",{"sys":2072,"name":2074},{"id":2073},"3pjES4THCIfSAwhGdNwBcy","Browser security",{"items":2076},[2077],{"fullName":2078,"firstName":2079,"jobTitle":2080,"profilePicture":2081},"Dan Green","Dan","Threat Research",{"url":2082},"https://images.ctfassets.net/y1cdw1ablpvd/7jik1VhFgA3kgzXBXTm2Vw/fcd8c171da644903d0827eafcfbcaad0/Dan_Headshot_2025.png",{"__typename":1453,"sys":2084,"publishedDate":1449,"content":2086,"title":3012,"synopsis":3013,"hashTags":62,"slug":3014,"tagsCollection":3015,"authorsCollection":3021},{"id":2085},"I5SoVIYsYVgutpLIzZRpC",{"json":2087},{"nodeType":233,"data":2088,"content":2089},{},[2090,2097,2104,2125,2132,2139,2142,2150,2157,2164,2189,2196,2203,2209,2212,2220,2227,2233,2240,2248,2281,2300,2306,2314,2321,2327,2347,2355,2362,2394,2400,2416,2419,2427,2434,2439,2455,2462,2469,2481,2500,2507,2514,2522,2529,2549,2555,2562,2568,2574,2577,2585,2592,2599,2662,2669,2676,2683,2690,2706,2713,2720,2727,2734,2741,2748,2755,2762,2769,2776,2783,2790,2797,2800,2808,2815,2827,2834,2841,2848,2855,2979,2985,2991,2994],{"nodeType":248,"data":2091,"content":2092},{},[2093],{"nodeType":241,"value":2094,"marks":2095,"data":2096},"When is a fork not a fork? When it's a browser security platform built to solve both problems of the AI era.",[],{},{"nodeType":248,"data":2098,"content":2099},{},[2100],{"nodeType":241,"value":2101,"marks":2102,"data":2103},"Many security leaders are rightly worried about two big problems in the age of AI: AI-enabled attacks targeting their employees via the browser; and employees introducing the risk of data loss through their use of AI tools.",[],{},{"nodeType":248,"data":2105,"content":2106},{},[2107,2112,2116,2121],{"nodeType":241,"value":2108,"marks":2109,"data":2111},"For security teams researching browser-based solutions to these challenges, the decision at first looks like a fork in the road: ",[2110],{"type":245},{},{"nodeType":241,"value":2113,"marks":2114,"data":2115},"Choose a solution that's purpose-built to detect and respond to modern browser-based attacks like AI-enabled phish kits, ClickFix and other *Fix-style attacks, malicious browser extensions, device code phishing, and others; ",[],{},{"nodeType":241,"value":2117,"marks":2118,"data":2120},"or",[2119],{"type":1593},{},{"nodeType":241,"value":2122,"marks":2123,"data":2124}," select an AI governance tool to enforce sensible policies for sensitive data in the browser.",[],{},{"nodeType":248,"data":2126,"content":2127},{},[2128],{"nodeType":241,"value":2129,"marks":2130,"data":2131},"Push solves both of these problems. One platform, one SKU.",[],{},{"nodeType":248,"data":2133,"content":2134},{},[2135],{"nodeType":241,"value":2136,"marks":2137,"data":2138},"In this article, we'll take a look at the two big AI security and data governance problems that security teams are facing and outline how Push solves them in a single solution. We’ll cover what questions to ask as you evaluate browser security solutions, and describe Push's focus on providing foundational telemetry, detections, and controls that allow you to answer the question “What actually happened here?” not just “What policy was violated?”",[],{},{"nodeType":868,"data":2140,"content":2141},{},[],{"nodeType":237,"data":2143,"content":2144},{},[2145],{"nodeType":241,"value":2146,"marks":2147,"data":2149},"The AI risks every security team is now responsible for",[2148],{"type":245},{},{"nodeType":248,"data":2151,"content":2152},{},[2153],{"nodeType":241,"value":2154,"marks":2155,"data":2156},"AI is an amplifier, for adversaries and for your employees. Whatever they could do before, they can now do faster, more powerfully, and at scale.",[],{},{"nodeType":248,"data":2158,"content":2159},{},[2160],{"nodeType":241,"value":2161,"marks":2162,"data":2163},"The two risks that every security team now must manage: ",[],{},{"nodeType":2165,"data":2166,"content":2167},"unordered-list",{},[2168,2179],{"nodeType":2169,"data":2170,"content":2171},"list-item",{},[2172],{"nodeType":248,"data":2173,"content":2174},{},[2175],{"nodeType":241,"value":2176,"marks":2177,"data":2178},"AI is making browser-based attacks faster, cheaper, and harder to detect.",[],{},{"nodeType":2169,"data":2180,"content":2181},{},[2182],{"nodeType":248,"data":2183,"content":2184},{},[2185],{"nodeType":241,"value":2186,"marks":2187,"data":2188},"Employee AI adoption is creating data exposure faster than security teams can respond.",[],{},{"nodeType":248,"data":2190,"content":2191},{},[2192],{"nodeType":241,"value":2193,"marks":2194,"data":2195},"Both of these challenges intersect in the same place: The browser. It's the place where adversaries target employees with modern attacks designed to accomplish account takeover and data exfiltration. It's also the place where workers discover and use new AI-enabled apps and introduce risk into the business in the form of data loss, shadow apps, risky browser extensions, and shadow integrations.",[],{},{"nodeType":248,"data":2197,"content":2198},{},[2199],{"nodeType":241,"value":2200,"marks":2201,"data":2202},"To address both problems, security teams need visibility and control in the browser.",[],{},{"nodeType":845,"data":2204,"content":2208},{"target":2205},{"sys":2206},{"id":2207,"type":850,"linkType":851},"1U2Hmn4XrFpdcxyjxY3aCc",[],{"nodeType":868,"data":2210,"content":2211},{},[],{"nodeType":237,"data":2213,"content":2214},{},[2215],{"nodeType":241,"value":2216,"marks":2217,"data":2219},"How AI is transforming attacks",[2218],{"type":245},{},{"nodeType":248,"data":2221,"content":2222},{},[2223],{"nodeType":241,"value":2224,"marks":2225,"data":2226},"On the adversary side of the equation, adversaries are using AI tooling to rapidly iterate on new attack types or new iterations of existing browser-based TTPs that target employees to achieve account or endpoint compromise — usually with the end goal of harvesting valuable corporate identities in order to exfiltrate data or hold it for ransom.",[],{},{"nodeType":845,"data":2228,"content":2232},{"target":2229},{"sys":2230},{"id":2231,"type":850,"linkType":851},"G8xv1seFz1wJnY5HpfV6z",[],{"nodeType":248,"data":2234,"content":2235},{},[2236],{"nodeType":241,"value":2237,"marks":2238,"data":2239},"AI is changing attacks in three key ways.",[],{},{"nodeType":887,"data":2241,"content":2242},{},[2243],{"nodeType":241,"value":2244,"marks":2245,"data":2247},"AI has supercharged the iteration and evolution of adversary tools and techniques",[2246],{"type":245},{},{"nodeType":248,"data":2249,"content":2250},{},[2251,2255,2264,2268,2277],{"nodeType":241,"value":2252,"marks":2253,"data":2254},"Attackers are using the same AI capabilities as any other engineer who wants to multiply their output. That translates to an array of new attack techniques: multiple increasingly sophisticated variations of the ",[],{},{"nodeType":329,"data":2256,"content":2258},{"uri":2257},"https://pushsecurity.com/blog/consentfix-v3-analyzing-a-new-toolkit/",[2259],{"nodeType":241,"value":2260,"marks":2261,"data":2263},"ClickFix-style attacks",[2262],{"type":337},{},{"nodeType":241,"value":2265,"marks":2266,"data":2267}," that use social engineering techniques to get users to unknowingly install malware via malicious scripts; as well as creative ",[],{},{"nodeType":329,"data":2269,"content":2271},{"uri":2270},"https://pushsecurity.com/blog/device-code-phishing/",[2272],{"nodeType":241,"value":2273,"marks":2274,"data":2276},"exploitation of device codes",[2275],{"type":337},{},{"nodeType":241,"value":2278,"marks":2279,"data":2280},", a legitimate authentication mechanism, that allows attackers to phish access post-authentication.",[],{},{"nodeType":248,"data":2282,"content":2283},{},[2284,2288,2296],{"nodeType":241,"value":2285,"marks":2286,"data":2287},"Device code phishing in particular demonstrates the rapid growth of new techniques, with early documented appearances of the TTP occurring in 2024, and by early the next year, the method had been packaged as a PhaaS offering with GPT-enhanced spear-phishing and customized landing pages. The ",[],{},{"nodeType":329,"data":2289,"content":2291},{"uri":2290},"https://www.huntress.com/blog/device-code-phishing-ai-mfa-bypass",[2292],{"nodeType":241,"value":2293,"marks":2294,"data":2295},"campaign",[],{},{"nodeType":241,"value":2297,"marks":2298,"data":2299}," targeted more than 340 organizations across five countries in March 2026, using personalized AI-generated lures at a scale that would have been impractical to produce manually.",[],{},{"nodeType":845,"data":2301,"content":2305},{"target":2302},{"sys":2303},{"id":2304,"type":850,"linkType":851},"eNUpU2GtGOcXRrHBKHnLN",[],{"nodeType":887,"data":2307,"content":2308},{},[2309],{"nodeType":241,"value":2310,"marks":2311,"data":2313},"Infrastructure-based detections are increasingly degraded by AI-enabled approaches",[2312],{"type":245},{},{"nodeType":248,"data":2315,"content":2316},{},[2317],{"nodeType":241,"value":2318,"marks":2319,"data":2320},"AI has also collapsed the cost and time it takes to build convincing phishing infrastructure: Attackers can vibecode a convincing phishing page in minutes, burn the domain, and regenerate another one before any blocklist updates. ",[],{},{"nodeType":845,"data":2322,"content":2326},{"target":2323},{"sys":2324},{"id":2325,"type":850,"linkType":851},"2obvOhMWjy64h94tEIbx04",[],{"nodeType":248,"data":2328,"content":2329},{},[2330,2334,2343],{"nodeType":241,"value":2331,"marks":2332,"data":2333},"The impact on IOC-based detections that rely on infrastructure elements is severe: When elements constantly change, every phishing attack is essentially a zero-day. Complicating the picture further is the increasing use of legitimate cloud platforms like ",[],{},{"nodeType":329,"data":2335,"content":2337},{"uri":2336},"https://www.huntress.com/blog/railway-paas-m365-token-replay-campaign",[2338],{"nodeType":241,"value":2339,"marks":2340,"data":2342},"Railway",[2341],{"type":337},{},{"nodeType":241,"value":2344,"marks":2345,"data":2346},", Cloudflare Workers, and Vercel, which attackers use to host and dynamically rotate attack infrastructure.",[],{},{"nodeType":887,"data":2348,"content":2349},{},[2350],{"nodeType":241,"value":2351,"marks":2352,"data":2354},"AI is making it easier to build and run omni-channel campaigns",[2353],{"type":245},{},{"nodeType":248,"data":2356,"content":2357},{},[2358],{"nodeType":241,"value":2359,"marks":2360,"data":2361},"Push researchers have written extensively over the last year about malvertising campaigns that serve malicious pages to users via search engine results, enticing them to visit sites designed to steal credentials or deliver malware. ",[],{},{"nodeType":248,"data":2363,"content":2364},{},[2365,2369,2378,2382,2390],{"nodeType":241,"value":2366,"marks":2367,"data":2368},"We've tracked ",[],{},{"nodeType":329,"data":2370,"content":2372},{"uri":2371},"https://pushsecurity.com/blog/cyber-criminal-ecosystem-analysis/",[2373],{"nodeType":241,"value":2374,"marks":2375,"data":2377},"sustained campaigns",[2376],{"type":337},{},{"nodeType":241,"value":2379,"marks":2380,"data":2381}," impersonating Onfido, TradingView, Ahrefs, Semrush, and others. These campaigns are part of a self-reinforcing criminal ecosystem: Malvertising campaigns paid for by stolen ad accounts, with credential theft that funds the next round of credential theft. And the recent ",[],{},{"nodeType":329,"data":2383,"content":2385},{"uri":2384},"https://pushsecurity.com/blog/llmshare-malvertising-campaign/",[2386],{"nodeType":241,"value":2387,"marks":2388,"data":2389},"LLMShare",[],{},{"nodeType":241,"value":2391,"marks":2392,"data":2393}," campaign identified by Push shows how attackers are combining their abuse of AI tools of AI-assisted phishing page creation with malvertising, helping them to spin up lookalike pages quickly and cheaply to serve as convincing lures.",[],{},{"nodeType":845,"data":2395,"content":2399},{"target":2396},{"sys":2397},{"id":2398,"type":850,"linkType":851},"2Gwj25KBjClQ5u8uiEYuYR",[],{"nodeType":248,"data":2401,"content":2402},{},[2403,2407,2412],{"nodeType":241,"value":2404,"marks":2405,"data":2406},"These are just a few examples of how phishing has moved beyond the inbox, targeting users through malvertising, SEO poisoning, and social media DMs. Over the last year, Push researchers found that ",[],{},{"nodeType":241,"value":2408,"marks":2409,"data":2411},"1 in 3 payloads intercepted by the platform were sent outside of email",[2410],{"type":245},{},{"nodeType":241,"value":2413,"marks":2414,"data":2415},".",[],{},{"nodeType":868,"data":2417,"content":2418},{},[],{"nodeType":237,"data":2420,"content":2421},{},[2422],{"nodeType":241,"value":2423,"marks":2424,"data":2426},"How AI is creating risky employee behaviors ",[2425],{"type":245},{},{"nodeType":248,"data":2428,"content":2429},{},[2430],{"nodeType":241,"value":2431,"marks":2432,"data":2433},"Meanwhile, on the employee side of the equation, there are three other key concerns that security teams should be paying attention to when it comes to the risks associated with AI use.",[],{},{"nodeType":845,"data":2435,"content":2438},{"target":2436},{"sys":2437},{"id":912,"type":850,"linkType":851},[],{"nodeType":887,"data":2440,"content":2441},{},[2442,2447,2450],{"nodeType":241,"value":2443,"marks":2444,"data":2446},"Data leaving the business via shadow AI",[2445],{"type":245},{},{"nodeType":241,"value":603,"marks":2448,"data":2449},[],{},{"nodeType":241,"value":2451,"marks":2452,"data":2454},"and AI extensions",[2453],{"type":245},{},{"nodeType":248,"data":2456,"content":2457},{},[2458],{"nodeType":241,"value":2459,"marks":2460,"data":2461},"Employees are signing up to AI tools directly, beyond the bounds of procurement or security review. That means security teams can't see sensitive data going into LLMs — clipboard pastes of API keys, file uploads to coding assistants, customer data in uploaded spreadsheets, etc.",[],{},{"nodeType":248,"data":2463,"content":2464},{},[2465],{"nodeType":241,"value":2466,"marks":2467,"data":2468},"Most teams also don't have visibility of AI browser extensions, another avenue for data to leave the business. Extensions are also an attack surface in their own right, as previously benign extensions can be compromised by threat actors through account takeover of the extension developer.",[],{},{"nodeType":887,"data":2470,"content":2471},{},[2472,2477],{"nodeType":241,"value":2473,"marks":2474,"data":2476},"Employees using personal accounts on corporate AI app tenants",[2475],{"type":245},{},{"nodeType":241,"value":2478,"marks":2479,"data":2480}," ",[],{},{"nodeType":248,"data":2482,"content":2483},{},[2484,2488,2496],{"nodeType":241,"value":2485,"marks":2486,"data":2487},"The 2026 ",[],{},{"nodeType":329,"data":2489,"content":2490},{"uri":1497},[2491],{"nodeType":241,"value":2492,"marks":2493,"data":2495},"Verizon DBIR",[2494],{"type":337},{},{"nodeType":241,"value":2497,"marks":2498,"data":2499}," found that 67% of GenAI users on corporate devices are using non-corporate accounts, and our own data shows that 38% of file uploads to AI tools are made from shadow accounts rather than approved organizational ones.",[],{},{"nodeType":248,"data":2501,"content":2502},{},[2503],{"nodeType":241,"value":2504,"marks":2505,"data":2506},"That means a large number of employees in most organizations are using AI apps with personal accounts, outside of organizational data governance, retention policies, access controls, or basic security oversight. ",[],{},{"nodeType":248,"data":2508,"content":2509},{},[2510],{"nodeType":241,"value":2511,"marks":2512,"data":2513},"The compounding risk is that personal accounts are typically protected by weaker passwords, inconsistent MFA, and credential reuse from other personal services — meaning a compromise of the personal account could give an attacker access to corporate data and tools.",[],{},{"nodeType":887,"data":2515,"content":2516},{},[2517],{"nodeType":241,"value":2518,"marks":2519,"data":2521},"Shadow integrations between AI tools and corporate systems",[2520],{"type":245},{},{"nodeType":248,"data":2523,"content":2524},{},[2525],{"nodeType":241,"value":2526,"marks":2527,"data":2528},"App-to-app connections accomplished through OAuth are also proliferating faster than most teams can observe and review them. For the average organization, Push sees 17 unique AI app OAuth integrations connected just to Microsoft and Google corporate tenants.",[],{},{"nodeType":248,"data":2530,"content":2531},{},[2532,2536,2545],{"nodeType":241,"value":2533,"marks":2534,"data":2535},"The ",[],{},{"nodeType":329,"data":2537,"content":2539},{"uri":2538},"https://pushsecurity.com/blog/unpacking-the-vercel-breach/",[2540],{"nodeType":241,"value":2541,"marks":2542,"data":2544},"recent Vercel breach",[2543],{"type":337},{},{"nodeType":241,"value":2546,"marks":2547,"data":2548}," illustrates the risks of even a single OAuth connection from a compromised third-party AI SaaS provider. This isn't really a new AI threat so much as a shadow SaaS problem that's accelerating alongside AI adoption, given that AI apps are specifically designed to pull data from one system, analyze it in another, and present it in a third — with MCP connections now creating the same kind of persistent, permissioned access through an authentication protocol (OAuth) that most organizations have no process to review.",[],{},{"nodeType":845,"data":2550,"content":2554},{"target":2551},{"sys":2552},{"id":2553,"type":850,"linkType":851},"1t2jn4fLxMlH0adMyQqkXk",[],{"nodeType":248,"data":2556,"content":2557},{},[2558],{"nodeType":241,"value":2559,"marks":2560,"data":2561},"This is the same web of OAuth-connected apps that is being exposed at scale through AI tool integrations. For many organizations, AI tools are now the hub of modern activity that orchestrates and automates across the mesh of cloud apps, which adds a useful perspective on what's changed. ",[],{},{"nodeType":845,"data":2563,"content":2567},{"target":2564},{"sys":2565},{"id":2566,"type":850,"linkType":851},"6cRnPkGdwWXRWcct6LfMzo",[],{"nodeType":845,"data":2569,"content":2573},{"target":2570},{"sys":2571},{"id":2572,"type":850,"linkType":851},"5WQZNpnPETWeys1VqubVW",[],{"nodeType":868,"data":2575,"content":2576},{},[],{"nodeType":237,"data":2578,"content":2579},{},[2580],{"nodeType":241,"value":2581,"marks":2582,"data":2584},"What to ask when evaluating browser-based AI visibility and control solutions",[2583],{"type":245},{},{"nodeType":248,"data":2586,"content":2587},{},[2588],{"nodeType":241,"value":2589,"marks":2590,"data":2591},"When you're evaluating AI visibility and control platforms that operate in the browser, there are two lines of questioning that can be useful to unpack.",[],{},{"nodeType":248,"data":2593,"content":2594},{},[2595],{"nodeType":241,"value":2596,"marks":2597,"data":2598},"The first is the tactical basics: What use cases does the product cover, and how quickly will you see value? In this category, you'll likely be looking for:",[],{},{"nodeType":2165,"data":2600,"content":2601},{},[2602,2617,2632,2647],{"nodeType":2169,"data":2603,"content":2604},{},[2605],{"nodeType":248,"data":2606,"content":2607},{},[2608,2613],{"nodeType":241,"value":2609,"marks":2610,"data":2612},"Depth of visibility:",[2611],{"type":245},{},{"nodeType":241,"value":2614,"marks":2615,"data":2616}," Can the solution observe both corporate and personal account usage of AI apps? Does the solution work with all major browsers, including emerging AI browsers? Does the solution automatically classify AI apps and automatically discover shadow AI?",[],{},{"nodeType":2169,"data":2618,"content":2619},{},[2620],{"nodeType":248,"data":2621,"content":2622},{},[2623,2628],{"nodeType":241,"value":2624,"marks":2625,"data":2627},"Granularity of controls:",[2626],{"type":245},{},{"nodeType":241,"value":2629,"marks":2630,"data":2631}," Does the solution support visibility and control over clipboard interactions, allowing you to identify sensitive data strings like personal access tokens (PATs) or API keys? Does the solution allow you to set multiple enforcement modes (monitor, warn, block) and carve out exceptions for tools, teams and individuals where necessary? ",[],{},{"nodeType":2169,"data":2633,"content":2634},{},[2635],{"nodeType":248,"data":2636,"content":2637},{},[2638,2643],{"nodeType":241,"value":2639,"marks":2640,"data":2642},"Ease of deployment:",[2641],{"type":245},{},{"nodeType":241,"value":2644,"marks":2645,"data":2646}," How is the solution deployed? Browser extension-based solutions like Push can be deployed at scale in an hour. Solutions that require an endpoint agent or a complete browser replacement will be a heavier lift.",[],{},{"nodeType":2169,"data":2648,"content":2649},{},[2650],{"nodeType":248,"data":2651,"content":2652},{},[2653,2658],{"nodeType":241,"value":2654,"marks":2655,"data":2657},"Scope of coverage:",[2656],{"type":245},{},{"nodeType":241,"value":2659,"marks":2660,"data":2661}," Does the solution only enforce policy around AI usage, or does it also prevent AI-enabled attacks in the browser? ",[],{},{"nodeType":248,"data":2663,"content":2664},{},[2665],{"nodeType":241,"value":2666,"marks":2667,"data":2668},"The second set of questions is more about the underlying architectural choices a product has made, and how those translate into actionable intelligence for security teams — or where there may be blind spots. In this category, you will want to ask:",[],{},{"nodeType":887,"data":2670,"content":2671},{},[2672],{"nodeType":241,"value":2673,"marks":2674,"data":2675},"Does the tool capture AI interactions that didn’t trigger a policy violation — or only the ones it blocked?",[],{},{"nodeType":248,"data":2677,"content":2678},{},[2679],{"nodeType":241,"value":2680,"marks":2681,"data":2682},"This is the most useful diagnostic if you're focused on understanding the wider security meaning and impact of an AI interaction, not just whether it violated a policy. ",[],{},{"nodeType":248,"data":2684,"content":2685},{},[2686],{"nodeType":241,"value":2687,"marks":2688,"data":2689},"Enforcement-first tools record what they stopped: blocked uploads, attempted usage of unapproved apps, flagged file names, etc. ",[],{},{"nodeType":248,"data":2691,"content":2692},{},[2693,2697,2702],{"nodeType":241,"value":2694,"marks":2695,"data":2696},"That's useful for compliance reporting but incomplete for security investigation, because ",[],{},{"nodeType":241,"value":2698,"marks":2699,"data":2701},"the most significant events are often the ones that looked normal at the time",[2700],{"type":245},{},{"nodeType":241,"value":2703,"marks":2704,"data":2705},": A user whose behavior shifted gradually over weeks before a resignation. An approved AI browser extension that updates its permissions, putting it in risky territory. An OAuth consent grant that was technically permitted but shouldn't have been.",[],{},{"nodeType":248,"data":2707,"content":2708},{},[2709],{"nodeType":241,"value":2710,"marks":2711,"data":2712},"Ask whether the tool can collect user behavior telemetry, file upload and download activity, and AI usage logs for permitted events — not just policy violations — and whether that telemetry can be forwarded to your SIEM. ",[],{},{"nodeType":248,"data":2714,"content":2715},{},[2716],{"nodeType":241,"value":2717,"marks":2718,"data":2719},"One approach gives you an investigation tool. The other gives you compliance alerts without deeper context.",[],{},{"nodeType":887,"data":2721,"content":2722},{},[2723],{"nodeType":241,"value":2724,"marks":2725,"data":2726},"When an AI agent requests OAuth permissions to access your organization's data, does the tool capture the consent flow — what scopes were requested on which app, which user initiated the consent, and what was the outcome?",[],{},{"nodeType":248,"data":2728,"content":2729},{},[2730],{"nodeType":241,"value":2731,"marks":2732,"data":2733},"Most enforcement-first tools treat OAuth as a binary: approved app or blocked app. That was a reasonable model when OAuth grants were primarily app-to-app integrations managed by IT. It isn't sufficient for agentic AI.",[],{},{"nodeType":248,"data":2735,"content":2736},{},[2737],{"nodeType":241,"value":2738,"marks":2739,"data":2740},"AI agents request OAuth permissions to access organizational data on behalf of users. These are user-initiated consent grants that happen inside browser sessions, often with broad scopes, and frequently without security team awareness. The right tool needs to capture the consent event itself: what permissions were requested, what scopes were granted, who approved them, and what application received them. ",[],{},{"nodeType":248,"data":2742,"content":2743},{},[2744],{"nodeType":241,"value":2745,"marks":2746,"data":2747},"Ask whether the tool monitors OAuth consent flows across authorization servers, whether it can warn or block consent grants in real time based on policy, and whether that coverage extends to AI-enabled apps and MCP connections.",[],{},{"nodeType":887,"data":2749,"content":2750},{},[2751],{"nodeType":241,"value":2752,"marks":2753,"data":2754},"When a new browser attack technique emerges that no tool has a signature for, how long does it take the platform to detect it — and can you show a specific example?",[],{},{"nodeType":248,"data":2756,"content":2757},{},[2758],{"nodeType":241,"value":2759,"marks":2760,"data":2761},"Attackers are rotating infrastructure in hours and using AI to generate new lures and phishing pages at scale. A detection model built on blocklists, reputation feeds, and known-bad indicators is architecturally behind any novel technique because by the time the indicator appears on a feed, the attacker has already moved on.",[],{},{"nodeType":248,"data":2763,"content":2764},{},[2765],{"nodeType":241,"value":2766,"marks":2767,"data":2768},"Ask vendors to show you a specific detection that fired on a novel technique before the infrastructure appeared on any threat feed.",[],{},{"nodeType":887,"data":2770,"content":2771},{},[2772],{"nodeType":241,"value":2773,"marks":2774,"data":2775},"What browser telemetry reaches your SIEM — just alerts, or the underlying session data that makes those alerts investigable?",[],{},{"nodeType":248,"data":2777,"content":2778},{},[2779],{"nodeType":241,"value":2780,"marks":2781,"data":2782},"Ask to see a sample SIEM event from a real detection. Many browser security tools integrate with SIEMs, but the depth of what they forward varies a lot. ",[],{},{"nodeType":248,"data":2784,"content":2785},{},[2786],{"nodeType":241,"value":2787,"marks":2788,"data":2789},"Some send alert metadata that captures policy violations, timestamps, and involved users. Others forward a broader set of telemetry for deeper context — credential reuse, app logins, newly installed extensions, detected phishing kits, file uploads, clipboard activity, OAuth consent flows, file downloads, etc. ",[],{},{"nodeType":248,"data":2791,"content":2792},{},[2793],{"nodeType":241,"value":2794,"marks":2795,"data":2796},"The difference determines whether your SOC team can easily correlate signals from the browser-based tool with other layers of their stack and begin an investigation from the SIEM event itself — or whether they need to pivot back into the vendor's console for the actual evidence.",[],{},{"nodeType":868,"data":2798,"content":2799},{},[],{"nodeType":237,"data":2801,"content":2802},{},[2803],{"nodeType":241,"value":2804,"marks":2805,"data":2807},"AI visibility and control is a feature of the right browser security platform, not a separate purchase",[2806],{"type":245},{},{"nodeType":248,"data":2809,"content":2810},{},[2811],{"nodeType":241,"value":2812,"marks":2813,"data":2814},"Ultimately, the choice of browser platform for solving the two big problems of the AI era comes down to whether you need broader attack coverage and telemetry context in order to secure your organization, or whether a policy-based approach is enough. ",[],{},{"nodeType":248,"data":2816,"content":2817},{},[2818,2822],{"nodeType":241,"value":2819,"marks":2820,"data":2821},"Push treats the challenges of stopping AI-enabled attacks and providing visibility and control over AI usage as features that extend naturally from the platform's underlying architectural model: Rich browser-layer telemetry in ",[],{},{"nodeType":241,"value":2823,"marks":2824,"data":2826},"a single tool that helps security teams answer the question “What actually happened here?” not just “What policy was violated?”",[2825],{"type":245},{},{"nodeType":248,"data":2828,"content":2829},{},[2830],{"nodeType":241,"value":2831,"marks":2832,"data":2833},"This unified architecture matters because the AI control problem and the browser threat detection problem share a root cause: Security-relevant activity is happening inside browser sessions that most tools can't see. ",[],{},{"nodeType":248,"data":2835,"content":2836},{},[2837],{"nodeType":241,"value":2838,"marks":2839,"data":2840},"A standalone AI governance tool can tell you which AI apps are in use and whether employees violated a usage policy. It can't tell you whether the OAuth grant an AI agent just received was part of a broader pattern that includes credential entry on an unfamiliar domain, a clipboard paste from an internal document, and a login to a shadow SaaS app — all in the same session, all visible in the same telemetry stream. ",[],{},{"nodeType":248,"data":2842,"content":2843},{},[2844],{"nodeType":241,"value":2845,"marks":2846,"data":2847},"Separating AI governance from browser security means maintaining two tools that each only see half the picture. ",[],{},{"nodeType":887,"data":2849,"content":2850},{},[2851],{"nodeType":241,"value":2852,"marks":2853,"data":2854},"How Push can help",[],{},{"nodeType":2165,"data":2856,"content":2857},{},[2858,2881,2904,2926,2936,2946,2956],{"nodeType":2169,"data":2859,"content":2860},{},[2861],{"nodeType":248,"data":2862,"content":2863},{},[2864,2868,2877],{"nodeType":241,"value":2865,"marks":2866,"data":2867},"Block emerging ",[],{},{"nodeType":329,"data":2869,"content":2871},{"uri":2870},"https://pushsecurity.com/blog/introducing-the-browser-and-identity-attacks-matrix/",[2872],{"nodeType":241,"value":2873,"marks":2874,"data":2876},"browser-based attack techniques",[2875],{"type":337},{},{"nodeType":241,"value":2878,"marks":2879,"data":2880},", including AI-enabled phishing and quickly evolving *Fix-style attacks.",[],{},{"nodeType":2169,"data":2882,"content":2883},{},[2884],{"nodeType":248,"data":2885,"content":2886},{},[2887,2891,2900],{"nodeType":241,"value":2888,"marks":2889,"data":2890},"Benefit from Push's ",[],{},{"nodeType":329,"data":2892,"content":2894},{"uri":2893},"https://pushsecurity.com/blog/can-ai-replace-a-threat-researcher-what-we-learned-building-an-agentic-threat-hunting-pipeline/",[2895],{"nodeType":241,"value":2896,"marks":2897,"data":2899},"agentic detection pipeline",[2898],{"type":337},{},{"nodeType":241,"value":2901,"marks":2902,"data":2903},", which continuously hunts across customer environments to identify emerging threats and ship new detections.",[],{},{"nodeType":2169,"data":2905,"content":2906},{},[2907],{"nodeType":248,"data":2908,"content":2909},{},[2910,2913,2922],{"nodeType":241,"value":29,"marks":2911,"data":2912},[],{},{"nodeType":329,"data":2914,"content":2916},{"uri":2915},"https://pushsecurity.com/help/audience/engineering/rest-v1",[2917],{"nodeType":241,"value":2918,"marks":2919,"data":2921},"Stream telemetry",[2920],{"type":337},{},{"nodeType":241,"value":2923,"marks":2924,"data":2925}," to your SIEM for a wide variety of events, including attack detections; newly installed browser extensions or newly adopted apps; updates to extension permissions; file uploads and downloads; clipboard pastes; app logins; credential reuse; OAuth consents; and more.",[],{},{"nodeType":2169,"data":2927,"content":2928},{},[2929],{"nodeType":248,"data":2930,"content":2931},{},[2932],{"nodeType":241,"value":2933,"marks":2934,"data":2935},"Block file uploads and downloads.",[],{},{"nodeType":2169,"data":2937,"content":2938},{},[2939],{"nodeType":248,"data":2940,"content":2941},{},[2942],{"nodeType":241,"value":2943,"marks":2944,"data":2945},"Block clipboard pastes of sensitive data, with regex-based patterns you can define.",[],{},{"nodeType":2169,"data":2947,"content":2948},{},[2949],{"nodeType":248,"data":2950,"content":2951},{},[2952],{"nodeType":241,"value":2953,"marks":2954,"data":2955},"Monitor for or block unauthorized MCP connections.",[],{},{"nodeType":2169,"data":2957,"content":2958},{},[2959],{"nodeType":248,"data":2960,"content":2961},{},[2962,2966,2975],{"nodeType":241,"value":2963,"marks":2964,"data":2965},"Write your own ",[],{},{"nodeType":329,"data":2967,"content":2969},{"uri":2968},"https://pushsecurity.com/help/audience/engineering/resources/custom-detections",[2970],{"nodeType":241,"value":2971,"marks":2972,"data":2974},"custom YAML rules",[2973],{"type":337},{},{"nodeType":241,"value":2976,"marks":2977,"data":2978}," targeting specific elements of the page DOM, web requests and responses, HTTP headers such as cookies, and a lot more.",[],{},{"nodeType":248,"data":2980,"content":2981},{},[2982],{"nodeType":241,"value":29,"marks":2983,"data":2984},[],{},{"nodeType":845,"data":2986,"content":2990},{"target":2987},{"sys":2988},{"id":2989,"type":850,"linkType":851},"7AwQv7bLbARq6mdAgv7uGq",[],{"nodeType":868,"data":2992,"content":2993},{},[],{"nodeType":248,"data":2995,"content":2996},{},[2997,3001,3009],{"nodeType":241,"value":2998,"marks":2999,"data":3000},"If you'd like to learn more about Push, ",[],{},{"nodeType":329,"data":3002,"content":3003},{"uri":1261},[3004],{"nodeType":241,"value":3005,"marks":3006,"data":3008},"book a live demo",[3007],{"type":337},{},{"nodeType":241,"value":2413,"marks":3010,"data":3011},[],{},"Why you can't control AI without being in the browser","Why the right browser security tool makes a separate AI visibility and control purchase unnecessary — and how to decide what you actually need.","why-you-cant-control-ai-without-being-in-the-browser",{"items":3016},[3017,3019],{"sys":3018,"name":2074},{"id":2073},{"sys":3020,"name":2070},{"id":2069},{"items":3022},[3023],{"fullName":3024,"firstName":3025,"jobTitle":3026,"profilePicture":3027},"Kelly Davenport","Kelly","Product Team",{"url":3028},"https://images.ctfassets.net/y1cdw1ablpvd/1hi8bEuVfn5sF57LivAq6d/9a3b82426c697d765e2e450e33a18424/kelly_profile_pic.jpeg",{"__typename":1453,"sys":3030,"publishedDate":3032,"content":3033,"title":3726,"synopsis":3727,"hashTags":62,"slug":3728,"tagsCollection":3729,"authorsCollection":3735},{"id":3031},"1ThCW6Cx8Zcq2flramQdoj","2026-05-21T00:00:00.000Z",{"json":3034},{"nodeType":233,"data":3035,"content":3036},{},[3037,3044,3051,3074,3081,3088,3095,3098,3106,3113,3131,3138,3145,3193,3200,3208,3215,3222,3229,3232,3240,3247,3259,3266,3274,3294,3300,3340,3346,3353,3365,3371,3378,3396,3404,3411,3431,3437,3445,3452,3611,3614,3622,3629,3636,3639,3647,3654,3666,3678,3690,3702,3709],{"nodeType":248,"data":3038,"content":3039},{},[3040],{"nodeType":241,"value":3041,"marks":3042,"data":3043},"At first, it may seem like an obvious choice, partly because the category name \"Secure Enterprise Browser\" implies the answer is a full-stack browser. Plus, the most visible vendors in the space have spent the past few years marketing that exact choice as the only one. ",[],{},{"nodeType":248,"data":3045,"content":3046},{},[3047],{"nodeType":241,"value":3048,"marks":3049,"data":3050},"But the market tells a different story. The majority of vendors Gartner places in the SEB category are now extensions rather than full browsers, and Gartner explicitly notes that extensions have become the preferred option. ",[],{},{"nodeType":3052,"data":3053,"content":3054},"blockquote",{},[3055],{"nodeType":248,"data":3056,"content":3057},{},[3058,3062,3070],{"nodeType":241,"value":3059,"marks":3060,"data":3061},"The buyer-side data tells the same story: In ",[],{},{"nodeType":329,"data":3063,"content":3064},{"uri":1908},[3065],{"nodeType":241,"value":3066,"marks":3067,"data":3069},"Omdia's 2026 survey of 400 IT and security professionals",[3068],{"type":337},{},{"nodeType":241,"value":3071,"marks":3072,"data":3073},", 48% of organizations cited the ability to use their existing browsers as an important attribute in a secure browsing solution.",[],{},{"nodeType":248,"data":3075,"content":3076},{},[3077],{"nodeType":241,"value":3078,"marks":3079,"data":3080},"The truth is: Full-stack enterprise browsers and browser security extensions like Push aren’t competing products. They serve different needs for different teams, though they often get evaluated against each other.",[],{},{"nodeType":248,"data":3082,"content":3083},{},[3084],{"nodeType":241,"value":3085,"marks":3086,"data":3087},"Full-stack enterprise browsers serve the IT team's need to control the workspace. Browser security extensions like Push meet the security team's need to protect their users as they work in their browsers — a fundamentally different problem. ",[],{},{"nodeType":248,"data":3089,"content":3090},{},[3091],{"nodeType":241,"value":3092,"marks":3093,"data":3094},"In this article, we’ll cover why a feature-by-feature checklist is the wrong approach when selecting a secure browser platform, and what questions to consider instead. We’ll also discuss what each type of solution excels at, where Push fits in, and how to map your needs to the right solution.",[],{},{"nodeType":868,"data":3096,"content":3097},{},[],{"nodeType":237,"data":3099,"content":3100},{},[3101],{"nodeType":241,"value":3102,"marks":3103,"data":3105},"Full-stack enterprise browsers meet the IT team's need to control a workspace",[3104],{"type":245},{},{"nodeType":248,"data":3107,"content":3108},{},[3109],{"nodeType":241,"value":3110,"marks":3111,"data":3112},"Full-stack enterprise browsers like Island, Prisma Browser, and SURF Security are best understood as managed workspace platforms rather than browsers in the conventional sense. ",[],{},{"nodeType":3052,"data":3114,"content":3115},{},[3116],{"nodeType":248,"data":3117,"content":3118},{},[3119,3123,3128],{"nodeType":241,"value":3120,"marks":3121,"data":3122},"Island's own CEO Mike Fey has described the company's strategy as transforming the browser into ",[],{},{"nodeType":241,"value":3124,"marks":3125,"data":3127},"\"a centralized, enterprise-grade platform, eliminating layers of legacy IT infrastructure by building more functionality in the browser.\"",[3126],{"type":1593},{},{"nodeType":241,"value":2478,"marks":3129,"data":3130},[],{},{"nodeType":248,"data":3132,"content":3133},{},[3134],{"nodeType":241,"value":3135,"marks":3136,"data":3137},"Chrome Enterprise and Edge for Business occupy a related space as productivity-suite browsers extended with native security controls, sold as part of the broader Google and Microsoft workplace stacks. Different products with different lineage, but all of them converge on the same owner: an IT organization solving for workspace control.",[],{},{"nodeType":248,"data":3139,"content":3140},{},[3141],{"nodeType":241,"value":3142,"marks":3143,"data":3144},"The IT team is trying to achieve workspace policy compliance and access governance. Their primary use case is typically reducing reliance on legacy IT tools like VDI, VPN, remote browser isolation, DaaS, web filtering, and CASBs. In this world, the use cases look like: ",[],{},{"nodeType":2165,"data":3146,"content":3147},{},[3148,3163,3178],{"nodeType":2169,"data":3149,"content":3150},{},[3151],{"nodeType":248,"data":3152,"content":3153},{},[3154,3159],{"nodeType":241,"value":3155,"marks":3156,"data":3158},"Securing third-party contractors or BYOD",[3157],{"type":245},{},{"nodeType":241,"value":3160,"marks":3161,"data":3162}," where the workspace itself is the access control. ",[],{},{"nodeType":2169,"data":3164,"content":3165},{},[3166],{"nodeType":248,"data":3167,"content":3168},{},[3169,3174],{"nodeType":241,"value":3170,"marks":3171,"data":3173},"Regulated populations",[3172],{"type":245},{},{"nodeType":241,"value":3175,"marks":3176,"data":3177}," like call centers, BPO workforces, finance teams handling sensitive material, where output controls like watermarking, screenshot restriction, and print blocking need to be enforced at the OS rendering layer. ",[],{},{"nodeType":2169,"data":3179,"content":3180},{},[3181],{"nodeType":248,"data":3182,"content":3183},{},[3184,3189],{"nodeType":241,"value":3185,"marks":3186,"data":3188},"Legacy app support",[3187],{"type":245},{},{"nodeType":241,"value":3190,"marks":3191,"data":3192}," including IE-mode rendering for applications that have never been modernized. ",[],{},{"nodeType":248,"data":3194,"content":3195},{},[3196],{"nodeType":241,"value":3197,"marks":3198,"data":3199},"For these use cases, the architecture is well-suited, and there are numerous full-stack SEB solutions that address them well. Where the full-stack approach runs into trouble is in getting users to migrate onto a new browser and in justifying the cost of doing so. Both problems scale with the size of the workforce. ",[],{},{"nodeType":887,"data":3201,"content":3202},{},[3203],{"nodeType":241,"value":3204,"marks":3205,"data":3207},"Cost of deployment is a significant blocker for full-stack browsers",[3206],{"type":245},{},{"nodeType":248,"data":3209,"content":3210},{},[3211],{"nodeType":241,"value":3212,"marks":3213,"data":3214},"The migration costs are easy to predict: deployment and configuration effort, help desk volume and — biggest of all — user resistance. But it’s the license cost that limits deployments in many organizations going from a free consumer browser to a paid replacement for the first time. ",[],{},{"nodeType":248,"data":3216,"content":3217},{},[3218],{"nodeType":241,"value":3219,"marks":3220,"data":3221},"In fact, Gartner notes that most buyers start with a single use case like covering contractors and rarely pursue organization-wide deployment for a full-stack enterprise browser. ",[],{},{"nodeType":248,"data":3223,"content":3224},{},[3225],{"nodeType":241,"value":3226,"marks":3227,"data":3228},"For organizations that do achieve a full-coverage deployment for these full-stack browsers, the need to manage drift in employee behavior over time gets harder. Agentic browsers like Comet, Atlas, and Dia are already starting to pull users toward AI-native workflows that consumer browsers don’t offer and full-stack enterprise browsers don’t currently match.",[],{},{"nodeType":868,"data":3230,"content":3231},{},[],{"nodeType":237,"data":3233,"content":3234},{},[3235],{"nodeType":241,"value":3236,"marks":3237,"data":3239},"What a browser security extension built for the security team looks like",[3238],{"type":245},{},{"nodeType":248,"data":3241,"content":3242},{},[3243],{"nodeType":241,"value":3244,"marks":3245,"data":3246},"Most browser security extensions on the market were built to address this migration hurdle. They attempt to take as many of the features of a full-stack browser as possible, but make it possible to deploy into users’ existing browsers, sidestepping a lot of the cost and rollout problems.",[],{},{"nodeType":248,"data":3248,"content":3249},{},[3250,3254],{"nodeType":241,"value":3251,"marks":3252,"data":3253},"LayerX, Seraphic, SquareX, and Keep Aware have all at some point echoed this approach in their product descriptions with the line ",[],{},{"nodeType":241,"value":3255,"marks":3256,"data":3258},"\"make any browser an enterprise browser.\"",[3257],{"type":1593},{},{"nodeType":248,"data":3260,"content":3261},{},[3262],{"nodeType":241,"value":3263,"marks":3264,"data":3265},"Ultimately, that approach is still aimed at solving problems for the IT team more than the security team.",[],{},{"nodeType":887,"data":3267,"content":3268},{},[3269],{"nodeType":241,"value":3270,"marks":3271,"data":3273},"Push is different — we built a browser extension to meet the security team's needs",[3272],{"type":245},{},{"nodeType":248,"data":3275,"content":3276},{},[3277,3281,3290],{"nodeType":241,"value":3278,"marks":3279,"data":3280},"Push set out to meet a different need. Our team's background has always been in defending organizations against advanced attacks. We spent our careers working in red and blue teams throughout the network and endpoint eras of cyber attacks. The mission we started with in 2022 was to defend organizations against the ",[],{},{"nodeType":329,"data":3282,"content":3284},{"uri":3283},"https://pushsecurity.com/thank-you/browser-attacks-report",[3285],{"nodeType":241,"value":3286,"marks":3287,"data":3289},"new era of damaging cyber attacks that originate in the browser",[3288],{"type":337},{},{"nodeType":241,"value":3291,"marks":3292,"data":3293},". ",[],{},{"nodeType":845,"data":3295,"content":3299},{"target":3296},{"sys":3297},{"id":3298,"type":850,"linkType":851},"6BwJl8ZkiMore2o1BKx2w6",[],{"nodeType":248,"data":3301,"content":3302},{},[3303,3307,3315,3319,3324,3328,3337],{"nodeType":241,"value":3304,"marks":3305,"data":3306},"We chose a browser extension as the approach for our solution, not because we wanted to build an easier-to-deploy enterprise browser, but so we could use it as a security agent to collect high-fidelity telemetry for TTP-based detections, and apply real-time controls to stop attacks at the earliest opportunity in the modern  — ",[],{},{"nodeType":329,"data":3308,"content":3309},{"uri":61},[3310],{"nodeType":241,"value":3311,"marks":3312,"data":3314},"browser and identity native",[3313],{"type":337},{},{"nodeType":241,"value":3316,"marks":3317,"data":3318},"  — kill chain. ",[],{},{"nodeType":241,"value":3320,"marks":3321,"data":3323},"In effect, we created EDR, but for the browser. ",[3322],{"type":245},{},{"nodeType":241,"value":3325,"marks":3326,"data":3327},"This is what gives Push the edge compared to other Secure Enterprise Browser solutions when it comes to tackling the highest priority threats in the browser — ",[],{},{"nodeType":329,"data":3329,"content":3331},{"uri":3330},"https://pushsecurity.com/blog/how-to-avoid-the-browser-security-buyers-trap/",[3332],{"nodeType":241,"value":3333,"marks":3334,"data":3336},"we’re optimized for this problem area",[3335],{"type":337},{},{"nodeType":241,"value":3291,"marks":3338,"data":3339},[],{},{"nodeType":845,"data":3341,"content":3345},{"target":3342},{"sys":3343},{"id":3344,"type":850,"linkType":851},"4nGzT9cNG0Yid93uUCCuTt",[],{"nodeType":248,"data":3347,"content":3348},{},[3349],{"nodeType":241,"value":3350,"marks":3351,"data":3352},"For a security team using Push’s extension, this means attacks get stopped at the earliest opportunity in the kill chain and before they cause harm. ",[],{},{"nodeType":248,"data":3354,"content":3355},{},[3356,3360],{"nodeType":241,"value":3357,"marks":3358,"data":3359},"When a user lands on a phishing page built to harvest their credentials, Push sees the page rendering and the JavaScript executing inside the DOM, and can block the credential submission before the form posts. When a user is being walked through a ClickFix or ConsentFix social engineering flow, Push sees the clipboard writes and the OAuth consent flow parameters being prepared, and can intervene before the user completes the action. When a session token is stolen and replayed against a different device, Push sees the session activity and surfaces the compromise. ",[],{},{"nodeType":241,"value":3361,"marks":3362,"data":3364},"Push does all of this from a browser extension, without needing to replace the user's browser. ",[3363],{"type":245},{},{"nodeType":845,"data":3366,"content":3370},{"target":3367},{"sys":3368},{"id":3369,"type":850,"linkType":851},"1FZEbn0K80d1jHRRTk7kL7",[],{"nodeType":248,"data":3372,"content":3373},{},[3374],{"nodeType":241,"value":3375,"marks":3376,"data":3377},"The same underlying technology also addresses other high-value security use cases: Visibility and control over AI usage; hardening identities and surfacing shadow IT; and supporting insider investigations and preventing data loss. ",[],{},{"nodeType":248,"data":3379,"content":3380},{},[3381,3384,3392],{"nodeType":241,"value":2533,"marks":3382,"data":3383},[],{},{"nodeType":329,"data":3385,"content":3387},{"uri":3386},"https://pushsecurity.com/blog/the-top-10-security-problems-you-can-solve-in-the-browser-ranked-by-value/",[3388],{"nodeType":241,"value":3389,"marks":3390,"data":3391},"highest-value use cases",[],{},{"nodeType":241,"value":3393,"marks":3394,"data":3395}," the browser can address are all powered by the same underlying technical capability, which is why Push's single extension can address four major security use cases rather than four separate tools needing four separate deployments. The success metric for security teams using Push is attacks averted or stopped, cyber risk reduced, and security posture and resilience strengthened — not workspace policy compliance.",[],{},{"nodeType":887,"data":3397,"content":3398},{},[3399],{"nodeType":241,"value":3400,"marks":3401,"data":3403},"Proven at scale: What security leaders are saying",[3402],{"type":245},{},{"nodeType":248,"data":3405,"content":3406},{},[3407],{"nodeType":241,"value":3408,"marks":3409,"data":3410},"Push launched its browser extension in 2022, making it one of the first and longest-running browser security extensions in the category, and it is now deployed across more than three million browsers worldwide.",[],{},{"nodeType":248,"data":3412,"content":3413},{},[3414,3418,3427],{"nodeType":241,"value":3415,"marks":3416,"data":3417},"Many ",[],{},{"nodeType":329,"data":3419,"content":3421},{"uri":3420},"https://pushsecurity.com/customer-stories",[3422],{"nodeType":241,"value":3423,"marks":3424,"data":3426},"Push customers",[3425],{"type":337},{},{"nodeType":241,"value":3428,"marks":3429,"data":3430}," were initially considering full-stack enterprise browsers, but found that Push provided all the visibility and control they needed without the migration headache.",[],{},{"nodeType":845,"data":3432,"content":3436},{"target":3433},{"sys":3434},{"id":3435,"type":850,"linkType":851},"4RDIOAuVN10mZCtjltJCB4",[],{"nodeType":887,"data":3438,"content":3439},{},[3440],{"nodeType":241,"value":3441,"marks":3442,"data":3444},"The extension matters, but it's what we built around it that really counts",[3443],{"type":245},{},{"nodeType":248,"data":3446,"content":3447},{},[3448],{"nodeType":241,"value":3449,"marks":3450,"data":3451},"The extension is the most visible part of the Push platform, but what Push has built around it makes the solution the most powerful security tool in the browser:",[],{},{"nodeType":2165,"data":3453,"content":3454},{},[3455,3505,3542,3581,3596],{"nodeType":2169,"data":3456,"content":3457},{},[3458],{"nodeType":248,"data":3459,"content":3460},{},[3461,3466,3470,3478,3482,3490,3494,3501],{"nodeType":241,"value":3462,"marks":3463,"data":3465},"In-house threat research that discovers attack techniques as they emerge.",[3464],{"type":245},{},{"nodeType":241,"value":3467,"marks":3468,"data":3469}," Push researchers track real-world adversary activity and discover new techniques as they appear, including ",[],{},{"nodeType":329,"data":3471,"content":3473},{"uri":3472},"https://pushsecurity.com/blog/consentfix/",[3474],{"nodeType":241,"value":3475,"marks":3476,"data":3477},"ConsentFix",[],{},{"nodeType":241,"value":3479,"marks":3480,"data":3481},",",[],{},{"nodeType":329,"data":3483,"content":3485},{"uri":3484},"https://pushsecurity.com/blog/installfix/",[3486],{"nodeType":241,"value":3487,"marks":3488,"data":3489}," InstallFix",[],{},{"nodeType":241,"value":3491,"marks":3492,"data":3493},", and creating the ",[],{},{"nodeType":329,"data":3495,"content":3496},{"uri":2870},[3497],{"nodeType":241,"value":3498,"marks":3499,"data":3500},"Browser & Identity Attacks Matrix",[],{},{"nodeType":241,"value":3502,"marks":3503,"data":3504},". Detection is only as good as the threat understanding behind it, and research is what keeps that understanding ahead of what attackers are doing in the wild.",[],{},{"nodeType":2169,"data":3506,"content":3507},{},[3508],{"nodeType":248,"data":3509,"content":3510},{},[3511,3516,3520,3526,3530,3538],{"nodeType":241,"value":3512,"marks":3513,"data":3515},"Agentic threat hunting and detection engineering at machine speed.",[3514],{"type":245},{},{"nodeType":241,"value":3517,"marks":3518,"data":3519}," Push's ",[],{},{"nodeType":329,"data":3521,"content":3522},{"uri":2893},[3523],{"nodeType":241,"value":2896,"marks":3524,"data":3525},[],{},{"nodeType":241,"value":3527,"marks":3528,"data":3529}," operationalizes the research, generating new behavioral detections in minutes rather than quarterly releases — covering the ",[],{},{"nodeType":329,"data":3531,"content":3533},{"uri":3532},"https://pushsecurity.com/blog/how-the-browser-became-the-main-cyber-battleground/",[3534],{"nodeType":241,"value":3535,"marks":3536,"data":3537},"techniques behind the Scattered Spider, Scattered Lapsus$ Hunters, and ShinyHunters breaches",[],{},{"nodeType":241,"value":3539,"marks":3540,"data":3541}," of the past three years. Attackers are using AI to accelerate the pace at which they generate new lures, kits, and infrastructure; Push keeps security teams in front by advancing the capability at machine speed and scale.",[],{},{"nodeType":2169,"data":3543,"content":3544},{},[3545],{"nodeType":248,"data":3546,"content":3547},{},[3548,3553,3557,3565,3569,3577],{"nodeType":241,"value":3549,"marks":3550,"data":3552},"Collecting the right telemetry to surface both attacker behavior and risky user action.",[3551],{"type":245},{},{"nodeType":241,"value":3554,"marks":3555,"data":3556}," Telemetry by itself is just data — the value comes from knowing what to collect, why it matters, and how to turn it into detections and controls. Push combines deep instrumentation of the browser with the expertise to use what we collect: the same browser-layer telemetry that detects AiTM kits, ClickFix and ConsentFix lures, and session token replay also surfaces what users are pasting into AI tools, which ",[],{},{"nodeType":329,"data":3558,"content":3560},{"uri":3559},"https://pushsecurity.com/blog/ghost-logins-when-forgotten-identities-come-back-to-haunt-you/",[3561],{"nodeType":241,"value":3562,"marks":3563,"data":3564},"SaaS apps they're logging into outside the IdP",[],{},{"nodeType":241,"value":3566,"marks":3567,"data":3568},", which OAuth grants are being made, and which ",[],{},{"nodeType":329,"data":3570,"content":3572},{"uri":3571},"https://pushsecurity.com/blog/browser-extension-management-guide/",[3573],{"nodeType":241,"value":3574,"marks":3575,"data":3576},"extensions are running in their browsers",[],{},{"nodeType":241,"value":3578,"marks":3579,"data":3580},". The threat detection and the identity, AI, and DLP use cases are not separate features — they are different applications of the same underlying telemetry, surfaced because Push knows what to look for.",[],{},{"nodeType":2169,"data":3582,"content":3583},{},[3584],{"nodeType":248,"data":3585,"content":3586},{},[3587,3592],{"nodeType":241,"value":3588,"marks":3589,"data":3591},"Enforcing the right controls at the right place at the right moment.",[3590],{"type":245},{},{"nodeType":241,"value":3593,"marks":3594,"data":3595}," Visibility without actionability is only half a solution. Push turns the browser into a strong control point for stopping attacks and risky user behaviors in real time — reusing passwords, intercepting credential submission to non-IdP domains, blocking ClickFix clipboard payloads before paste-execute, prompting MFA enrollment at the point of login, warning on weak or breached passwords at credential entry, and surfacing app banners that communicate policy at the moment of use. The same control surface that stops attackers stops the user's mistakes that lead to the next breach.",[],{},{"nodeType":2169,"data":3597,"content":3598},{},[3599],{"nodeType":248,"data":3600,"content":3601},{},[3602,3607],{"nodeType":241,"value":3603,"marks":3604,"data":3606},"Balancing security and privacy.",[3605],{"type":245},{},{"nodeType":241,"value":3608,"marks":3609,"data":3610}," Push is designed to give security teams the telemetry they need without monitoring personal browsing. By default, only logins to configured corporate domains are observed; personal browsing is not collected. (Though administrators have the option to observe personal account logins to work apps, and identify where browsers are being synced to personal accounts, which can result in password loss.) Plaintext passwords and form inputs are never transmitted — passwords are analyzed locally using salted partial hashes. Broader browser metadata is stored on the device and only transmitted when it matches a detection rule. Push does not train AI models on customer telemetry.",[],{},{"nodeType":868,"data":3612,"content":3613},{},[],{"nodeType":237,"data":3615,"content":3616},{},[3617],{"nodeType":241,"value":3618,"marks":3619,"data":3621},"Full-stack enterprise browsers and Push’s browser extension are not mutually exclusive",[3620],{"type":245},{},{"nodeType":248,"data":3623,"content":3624},{},[3625],{"nodeType":241,"value":3626,"marks":3627,"data":3628},"It’s worth pausing on a point that often gets lost in the way the market discusses this choice. Full-stack enterprise browsers and Push’s extension-based solution are not mutually exclusive. They do different things for different teams, and they run together. ",[],{},{"nodeType":248,"data":3630,"content":3631},{},[3632],{"nodeType":241,"value":3633,"marks":3634,"data":3635},"Push supports enterprise browsers like Island and Prisma Browser. Many of Push’s customers use a full-stack browser for the contractor population or regulated workload where the IT team needs workspace controls, and Push across the rest of the workforce to provide the deep security capabilities that the IT team is not measured on but the security team is. The right framing for many enterprises is not whether to choose full-stack or extension. It is full-stack for the IT use cases that need it, and Push everywhere else.",[],{},{"nodeType":868,"data":3637,"content":3638},{},[],{"nodeType":237,"data":3640,"content":3641},{},[3642],{"nodeType":241,"value":3643,"marks":3644,"data":3646},"Which one is right for your security team?",[3645],{"type":245},{},{"nodeType":248,"data":3648,"content":3649},{},[3650],{"nodeType":241,"value":3651,"marks":3652,"data":3653},"The answer follows from the need you are trying to meet. The scenarios below cover the most common real-world situations and the approach that fits each.",[],{},{"nodeType":248,"data":3655,"content":3656},{},[3657,3662],{"nodeType":241,"value":3658,"marks":3659,"data":3661},"Is your priority detecting and stopping attacks in the browser?",[3660],{"type":245},{},{"nodeType":241,"value":3663,"marks":3664,"data":3665}," Go with Push. Push detects and stops the threats actually breaching enterprises — AiTM phishing, ClickFix, OAuth abuse, malicious browser extensions. It also provides valuable additional insight during investigations to understand incidents better and decide how to respond to them. ",[],{},{"nodeType":248,"data":3667,"content":3668},{},[3669,3674],{"nodeType":241,"value":3670,"marks":3671,"data":3673},"Do you have a large contractor or third-party population needing locked-down workspace controls?",[3672],{"type":245},{},{"nodeType":241,"value":3675,"marks":3676,"data":3677}," Use a full-stack enterprise browser for that population and Push for everyone else. Watermarking, screenshot blocking and print restriction are OS-level controls that extensions cannot reliably replicate.",[],{},{"nodeType":248,"data":3679,"content":3680},{},[3681,3686],{"nodeType":241,"value":3682,"marks":3683,"data":3685},"Do you have a multi-browser estate including a mix of consumer and agentic browsers?",[3684],{"type":245},{},{"nodeType":241,"value":3687,"marks":3688,"data":3689}," Push will provide the coverage you need to secure users. The browser options are growing, and locking your workforce into a single corporate browser becomes harder every time a new productivity-shaping browser ships. Push regularly adds support for emerging browsers.",[],{},{"nodeType":248,"data":3691,"content":3692},{},[3693,3698],{"nodeType":241,"value":3694,"marks":3695,"data":3697},"Is significant BYOD or unmanaged-device coverage required.",[3696],{"type":245},{},{"nodeType":241,"value":3699,"marks":3700,"data":3701}," Push is a great option, particularly if you also have Chromebooks that fall outside of your EDR coverage. The extension can easily be installed via email or landing page self-enrollment, with options to enforce coverage through conditional access policies. This provides full threat detection and policy enforcement on devices the organization does not own.",[],{},{"nodeType":248,"data":3703,"content":3704},{},[3705],{"nodeType":241,"value":3706,"marks":3707,"data":3708},"In short, if you are solving for workspace control, the right tool is a full-stack enterprise browser. If you’re solving for protecting users as they work in their browsers, Push is the tool built specifically for that need — with the research depth, detection engineering, and operational scale to do the job.",[],{},{"nodeType":248,"data":3710,"content":3711},{},[3712,3715,3723],{"nodeType":241,"value":29,"marks":3713,"data":3714},[],{},{"nodeType":329,"data":3716,"content":3717},{"uri":1261},[3718],{"nodeType":241,"value":3719,"marks":3720,"data":3722},"Book a live demo to learn more",[3721],{"type":337},{},{"nodeType":241,"value":2413,"marks":3724,"data":3725},[],{},"Enterprise browser vs. browser extension: Which should your security team choose?","If you're building a shortlist of browser security vendors, do you need a full-stack enterprise browser, or browser security extension? ","enterprise-browser-vs-browser-extension-which-should-your-security-team-choose",{"items":3730},[3731,3733],{"sys":3732,"name":2074},{"id":2073},{"sys":3734,"name":2070},{"id":2069},{"items":3736},[3737],{"fullName":3738,"firstName":3739,"jobTitle":3026,"profilePicture":3740},"Alex Henshall","Alex",{"url":3741},"https://images.ctfassets.net/y1cdw1ablpvd/2rz3Pre3b1MexPIQ4hzPUe/0ef8a092b7e7df00fbce3f7d1ccb96d1/Alex_Henshall.jpeg","browser-visibility-and-control-can-achieve-ai-compliance","blog/browser-visibility-and-control-can-achieve-ai-compliance",{"json":3745},{"data":3746,"content":3747,"nodeType":233},{},[3748],{"data":3749,"content":3750,"nodeType":248},{},[3751],{"data":3752,"marks":3753,"value":3754,"nodeType":241},{},[],"AI regulations across the US, EU, and UK are converging on five categories of obligation that most organizations cannot meet without browser-layer visibility into how employees actually use AI tools.","AI regulations across the US, EU, and UK are converging on obligations that most organizations can't meet without browser visibility into AI tool use.",{"id":3757,"publishedAt":3758},"19QvRR4NcSe3PHQEhID42Q","2026-06-02T18:15:45.251Z",{"items":3760},[3761,3763],{"sys":3762,"name":2070},{"id":2069},{"sys":3764,"name":2074},{"id":2073},"AyIeha8RAUeCk5Z8StKAu8jh_pcKMNSnueow4m5Paaw",1780424527653]