Getting started

Push Security helps you protect against identity-based attacks in the cloud by collecting contextual information from your identity provider, employee browsers, and employee work accounts to discover and assess the security of identities and apps used across your organization — even the accounts and apps you don't already know about.

Push uses this information to surface security risks, such as compromised, reused, or weak credentials on high-sensitivity apps; company data exposed via risky third-party OAuth integrations; and a lack of MFA adoption or password manager use across your workforce.

Use Push’s simple preconfigured chat workflows for Slack and Microsoft Teams to ask employees to improve their own security with just-in-time behavioral guidance automatically triggered by their account activity.

Push uses two points of integration to collect data on employee SaaS activity:

• A browser extension. The extension observes employee logins and signups to work accounts that use a username and password, and flags vulnerabilities such as compromised, shared, weak, or reused credentials.

• An API integration via OAuth with your identity provider, either Microsoft 365 or Google Workspace. This integration identifies OAuth integrations with permissions to company data, cloud applications that employees have accessed via social login, as well as MFA registration and any suspicious mail rules.

By observing employee logins and signups at the moment they occur, Push is able to provide an accurate accounting of your cloud identities and SaaS apps, including unmanaged accounts and shadow apps. Note that Push only collects activity data for your specified work domains, not for employees’ personal accounts.

With this data, Push surfaces security risks associated with SaaS activity, including:

• Compromised, weak or reused passwords

• Shared account credentials

• Risky third-party OAuth integrations

• A lack of MFA protection

• Whether employees are using a password manager

• Suspicious mail rules, a potential indicator of malicious account activity

Use Push’s ChatOps feature to help employees improve their security so they can adopt and use cloud accounts safely, taking the burden off your security team.

Push is free to use for up to 10 employees. You can sign up at pushsecurity.com to get full access to every feature, or request a demo first.

Administrator accounts on the Push platform do not consume a license for billing purposes unless you wish to also enroll those administrators as end-users in order to capture their account activity and send ChatOps messages.

You can buy additional employee licenses on a monthly or annual basis. Note that administrators have full control over which employees are licensed in Push. When you import basic employee details into Push as part of integrating with your work platform, you will explicitly assign licenses to individuals. Employees without a license are not counted for billing purposes.

The following steps apply to new administrators of Push. If you use Push as an employee end-user, refer to our employee documentation for help.

Setting up Push takes about 10 minutes. Complete your setup with these three steps:

1. Integrate with your work platform to import employees into Push. License employees to discover cloud apps they have accessed via social login, as well as third-party OAuth integrations and any suspicious mail rules. Push integrates via API with Microsoft 365 and Google Workspace.

2. Install the Push browser extension on employee browsers to find vulnerable identities, including accounts created outside of SSO.

3. Select from Push’s preconfigured ChatOps workflows to message employees automatically when there’s an issue, such as a weak password, a suspicious mail rule, or a lack of MFA. You can also use ChatOps to automate the browser installation process, inviting employees to install it themselves and enroll their browsers in Push. Browser self-enrollment takes about a minute.

You’ll see some data immediately after completing a setup task. Other data will populate as your employees log into apps. Here’s what to expect as a new administrator on the Push platform:

• After completing an API integration with your work platform, you’ll immediately see third-party OAuth integrations, social logins to apps, suspicious mail forwarding rules, and MFA usage among your workforce. After the initial integration, Push checks once an hour to update this data in the Push admin console.

• After enrolling employee browsers using the Push browser extension, you’ll begin to see username / password logins. You’ll also begin to see password vulnerability data such as compromised, weak and reused passwords. Username / password login data and password hygiene data is captured in the admin console as soon as Push observes the login.

Initial login

You can sign up for a Push administrator account on pushsecurity.com. Choose your username and password or use a social login to sign up.

We recommend you use a Microsoft 365 or Google Workspace social login when signing up to use Push, or use multi-factor authentication (MFA) protection for your administrator account if you are using a username and password.

1. To set up MFA, click on your profile in the top right corner of the Push admin console and select My account.

2. Then select Enable MFA.

3. Use your preferred authenticator app to complete the setup and begin using one-time passcodes.

Inviting administrators

We strongly recommend having at least two administrators on your account. This will help your organization maintain access to the Push admin console in the event of staff departure. You should also routinely audit the administrators who have access to your Push admin console.

To invite other administrators to the admin console, go to My account, then to send an invitation via email.

The sole reason Push exists is to improve security, so protecting your personal data is a top priority. We make considerable efforts to secure your personal information and we aim for full transparency on how we gather and use your personal information within our service.

Refer to our privacy policy for more details.

We’re always happy to hear from customers and are here to help. To find answers yourself, check out our Help Center articles. Or contact us to talk to a human.