SaaS Attack Matrix: Understand how modern attackers operate | Learn more →

Ready to help

How does the Push browser extension work?

The Push browser extension gives you visibility into which SaaS platforms your employees are accessing via their browser and how securely they are interacting with those apps. 

By collecting this data, you are able to see:

  • Which SaaS platforms your employees are logging into using usernames and passwords.

  • Whether they are using strong passwords.

  • Whether they are reusing passwords between SaaS accounts.

  • Whether employees are sharing account credentials.

  • Whether your employees are using passwords that have been exposed in a data breach, a feature powered by Have I Been Pwnd.

  • Whether employees are using a password manager.

  • Whether employees have registered for MFA on certain popular SaaS apps.

In addition, you can configure a list of custom terms to restrict from use in passwords, such as common company or team names that are easily guessable.

You can also use Push's in-browser prompts feature, currently available in early access as part of Push Labs, to nudge employees to change weak passwords at the moment of login.

Based on the information the Push browser extension collects, you can identify security issues that present a risk to your business and guide your employees to fix them using ChatOps.

What data is collected?

Once installed, the extension sits in the background of your employees’ browsers and collects information about the SaaS apps they log into with their work email account.

Learn more about the data that the Push extension collects in our documentation.

Privacy and security

The browser extension is configured to only monitor logins into work applications where your employees are using their work email address. Logins using personal email addresses are not monitored by the browser extension.

If your employees want to ensure even further privacy, they can create a separate work profile in their browser and install the extension there. This allows them to separate their browsing for work and personal use. The extension will never send their passwords anywhere.

For more details about how the Push extension securely tracks reused passwords, refer to this related help article.

Version updates

When new versions of the Push browser extension are released, it automatically updates without any action required of you or your employees.