[{"data":1,"prerenderedAt":1316},["ShallowReactive",2],{"application-flags":3,"navbar":7,"always-visible-banner":36,"navbar-about-highlight":100,"navbar-resource-highlight":174,"use-case-page":219,"fa-icon-regular-faFishingRod":1241,"fa-icon-regular-faPuzzlePiece":1245,"fa-icon-regular-faUserSecret":1247,"fa-icon-regular-faRadar":1249,"fa-icon-regular-faLaptopCode":1251,"fa-icon-regular-faSatelliteDish":1253,"fa-icon-regular-faShieldCheck":1255,"fa-icon-regular-faBrainCircuit":1257,"press-pages-/news/push-security-new-security-alert-cross-idp-impersonation":1259},[4],{"name":5,"enabled":6},"maintenanceMode",false,[8],{"createdDate":9,"id":10,"name":11,"modelId":12,"published":13,"query":14,"data":15,"variations":20,"lastUpdated":21,"firstPublished":22,"testRatio":23,"createdBy":24,"lastUpdatedBy":25,"folders":26,"meta":27,"rev":35},1742208588866,"1c7a4e423bf54ac1a328bb4063459ef2","Banner","1c6207a5f24948ab82d4a0b17f251193","published",[],{"type":16,"url":17,"text":18,"link":19},"web-banner","https://pushsecurity.com/resources/browser-attacks-report","Get our latest report analyzing browser attack techniques in 2026",{},{},1774258294825,1742208637545,1,"CydmZnOWU1XuAaLhEDCoYNM4Z8W2","jKjF9r5jcvXU8tzZEfFQm31Iyvr2",[],{"kind":28,"lastPreviewUrl":29,"breakpoints":30,"hasAutosaves":34},"data","",{"xsmall":31,"small":32,"medium":33},320,640,768,true,"pgglvqcrxzc",{"createdDate":37,"id":38,"name":39,"modelId":40,"published":13,"meta":41,"stageModifiedSincePublish":6,"query":45,"data":46,"variations":93,"lastUpdated":94,"firstPublished":95,"testRatio":23,"createdBy":96,"lastUpdatedBy":97,"folders":98,"rev":99},1774965361051,"fd266d0172cc47429be7ad10f48c99ad","always visible banner","0678d178ec8b41efb8a23c09dba7874d",{"kind":42,"hasLinks":6,"breakpoints":43,"lastPreviewUrl":44,"hasAutosaves":6},"component",{"xsmall":31,"small":32,"medium":33},"https://pushsecurity.com/?builder.space=f3a1111ff5be48cdbb123cd9f5795a05&builder.user.permissions=read%2Ccreate%2Cpublish%2CeditCode%2CeditDesigns%2CeditLayouts%2CeditLayers%2CeditContentPriority%2CeditFolders%2CeditProjects%2CmodifyMcpServers%2CmodifyWorkflowIntegrations%2CmodifyProjectSettings%2CconnectCodeRepository%2CcreateProjects%2CindexDesignSystems%2CsendPullRequests%2CmergePullRequests&builder.user.role.name=Developer&builder.user.role.id=developer&builder.cachebust=true&builder.preview=always-visible-banner&builder.noCache=true&builder.allowTextEdit=true&__builder_editing__=true&builder.overrides.always-visible-banner=fd266d0172cc47429be7ad10f48c99ad&builder.overrides.fd266d0172cc47429be7ad10f48c99ad=fd266d0172cc47429be7ad10f48c99ad&builder.options.locale=Default",[],{"url":29,"ctaText":47,"text":48,"blocks":49,"state":89},"ewrererw","testrfesssssssssss",[50,77],{"@type":51,"@version":52,"id":53,"component":54,"responsiveStyles":67},"@builder.io/sdk:Element",2,"builder-ca12c06a52de41d7b8743da53118cd38",{"name":55,"tag":55,"options":56,"isRSC":66},"TopBannerContent",{"text":57,"ctaText":58,"url":59,"mainText":60,"cta":63},"New Webinar Series: Join John Hammond, Troy Hunt, and Matt Johansen for the State of Browser Attacks","Save Your Spot","https://pushsecurity.com/webinar/state-of-browser-security",{"content":61,"fontSize":62},"\u003Cp>Is your stack covered? 51 browser & identity attacks, mapped.\u003C/p>","text-base",{"content":64,"fontSize":62,"url":65},"\u003Cp>\u003Cstrong style=\"font-weight:700;\">See the matrix →\u003C/strong>\u003C/p>\n","https://pushsecurity.com/resources/browser-identity-attacks-matrix/",null,{"large":68},{"display":69,"flexDirection":70,"position":71,"flexShrink":72,"boxSizing":73,"marginTop":74,"marginBottom":74,"fontSize":75,"fontWeight":76},"flex","column","relative","0","border-box",".56rem","1.125rem","700",{"id":78,"@type":51,"tagName":79,"properties":80,"responsiveStyles":84},"builder-pixel-9ok42w92k4u","img",{"src":81,"aria-hidden":82,"alt":29,"role":83,"width":72,"height":72},"https://cdn.builder.io/api/v1/pixel?apiKey=f3a1111ff5be48cdbb123cd9f5795a05","true","presentation",{"large":85},{"height":72,"width":72,"display":86,"opacity":72,"overflow":87,"pointerEvents":88},"block","hidden","none",{"deviceSize":90,"location":91},"large",{"path":29,"query":92},{},{},1778612252607,1774968080803,"ST0tXQM8slWpFrmioqKHmENB2qe2","ax7YYfD0OCeqT1Vxxv1G4FUbqVr1",[],"hwo9vkauhxq",[101,137],{"createdDate":102,"id":103,"name":104,"modelId":105,"published":13,"stageModifiedSincePublish":6,"query":106,"data":107,"variations":130,"lastUpdated":131,"firstPublished":132,"testRatio":23,"createdBy":24,"lastUpdatedBy":24,"folders":133,"meta":134,"rev":136},1776247359804,"9136a8f18b3b4a6ba29b8653a99372b1","testimonial-inductive-automation","20d9eaa352304613b3d1a794b400703d",[],{"link":108,"type":109,"testimonialLink":110,"testimonial":111},{},"testimonial","/customer-stories/inductive-automation",{"@type":112,"id":113,"model":109,"value":114},"@builder.io/core:Reference","f028f2b685bb47cd8bf9e82a26dd5a79",{"query":115,"folders":116,"createdDate":117,"id":113,"name":118,"modelId":119,"published":13,"data":120,"variations":124,"lastUpdated":125,"firstPublished":126,"testRatio":23,"createdBy":96,"lastUpdatedBy":96,"meta":127,"rev":129},[],[],1735823466309,"We found Push to be more accurate when compared to competitors and the browser agent offered features that others couldn’t match.","42035571a56940ac98bff4544aa79aa5",{"author":121,"jobTitle":122,"quote":118,"image":123},"Jason Waits","\u003Cp>CISO at Inductive Automation\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Ff04c0c0689ce4a89ac0f0708d78c0a07",{},1735910703862,1735823501152,{"kind":28,"lastPreviewUrl":29,"breakpoints":128,"hasAutosaves":34},{"small":32,"medium":33},"kb91e3i79ob",{},1776247404986,1776247404973,[],{"breakpoints":135,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},"82pmplfjtt3",{"createdDate":138,"id":139,"name":140,"modelId":105,"published":13,"meta":141,"stageModifiedSincePublish":6,"query":143,"data":144,"variations":170,"lastUpdated":171,"firstPublished":172,"testRatio":23,"createdBy":24,"lastUpdatedBy":24,"folders":173,"rev":136},1776255761419,"05a9322735fc427db12e2740e4302300","Report: 2026 Browser Attack Techniques",{"breakpoints":142,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},[],{"testimonial":145,"link":164,"type":167,"title":140,"description":168,"image":169},{"@type":112,"id":146,"model":109,"value":147},"192acbb1f9ca4cac918c0ec435a8bae3",{"query":148,"folders":149,"createdDate":150,"id":146,"name":151,"modelId":119,"published":13,"data":152,"variations":158,"lastUpdated":159,"firstPublished":160,"testRatio":23,"createdBy":96,"lastUpdatedBy":24,"meta":161,"rev":163},[],[],1728981467463,"Push does for identity what CrowdStrike did for the endpoint",{"video":153,"jobTitle":154,"author":155,"qoute":29,"quote":156,"image":157},"https://cdn.builder.io/o/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F8b30e8ca50064058bbaef0f3c6164575%2Fcompressed?apiKey=f3a1111ff5be48cdbb123cd9f5795a05&token=8b30e8ca50064058bbaef0f3c6164575&alt=media&optimized=true","\u003Cp>Deputy CISO at Microsoft\u003C/p>\u003Cp>Former LinkedIn, Slack, Palantir\u003C/p>","Geoff Belknap","Push does for identity what CrowdStrike did for the endpoint.","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F748f0ad0a5064a00a13f4721fcc8dea1",{},1742902158597,1728981782923,{"kind":28,"lastPreviewUrl":29,"breakpoints":162,"hasAutosaves":34},{"small":32,"medium":33},"vp1wflk84xi",{"text":165,"url":166},"Download now","/resources/browser-attacks-report","resource","Learn about the latest techniques being used in the wild.","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F7b4a5ebf81d64e8c9d7fc35f6c96c4a9",{},1776255810913,1776255810900,[],[175,197],{"createdDate":176,"id":177,"name":140,"modelId":178,"published":13,"meta":179,"stageModifiedSincePublish":6,"query":181,"data":182,"variations":192,"lastUpdated":193,"firstPublished":194,"testRatio":23,"createdBy":24,"lastUpdatedBy":24,"folders":195,"rev":196},1776256900280,"1f429607996e4e5fae8fe3f9b9610e55","4829faa81e7c4ee8bd2d000e160e8d3c",{"breakpoints":180,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},[],{"testimonial":183,"link":191,"type":167,"title":140,"description":168,"image":169},{"@type":112,"id":146,"model":109,"value":184},{"query":185,"folders":186,"createdDate":150,"id":146,"name":151,"modelId":119,"published":13,"data":187,"variations":188,"lastUpdated":159,"firstPublished":160,"testRatio":23,"createdBy":96,"lastUpdatedBy":24,"meta":189,"rev":163},[],[],{"video":153,"jobTitle":154,"author":155,"qoute":29,"quote":156,"image":157},{},{"kind":28,"lastPreviewUrl":29,"breakpoints":190,"hasAutosaves":34},{"small":32,"medium":33},{"text":165,"url":166},{},1776256937553,1776256937540,[],"9fyjtyfwkr",{"createdDate":198,"id":199,"name":200,"modelId":178,"published":13,"stageModifiedSincePublish":6,"query":201,"data":202,"variations":213,"lastUpdated":214,"firstPublished":215,"testRatio":23,"createdBy":24,"lastUpdatedBy":24,"folders":216,"meta":217,"rev":196},1776256949234,"ce043785b71b4ece98eac811ecf4ba10","inductive-automation",[],{"link":203,"type":109,"testimonial":204,"testimonialLink":110},{},{"@type":112,"id":113,"model":109,"value":205},{"query":206,"folders":207,"createdDate":117,"id":113,"name":118,"modelId":119,"published":13,"data":208,"variations":209,"lastUpdated":125,"firstPublished":126,"testRatio":23,"createdBy":96,"lastUpdatedBy":96,"meta":210,"rev":212},[],[],{"author":121,"jobTitle":122,"quote":118,"image":123},{},{"kind":28,"lastPreviewUrl":29,"breakpoints":211,"hasAutosaves":34},{"small":32,"medium":33},"m7dw46llqdg",{},1776256974140,1776256974130,[],{"breakpoints":218,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},[220,404,523,642,760,880,1000,1120],{"createdDate":221,"id":222,"name":223,"modelId":224,"published":13,"stageModifiedSincePublish":6,"query":225,"data":231,"variations":392,"lastUpdated":393,"firstPublished":394,"testRatio":23,"screenshot":395,"createdBy":96,"lastUpdatedBy":396,"folders":397,"meta":398,"rev":403},1744829487099,"387451215c314dd5bd654668cdc1a197","Zero-day phishing","cca4143377554c5a9163cc203a8ed2ba",[226],{"@type":227,"property":228,"operator":229,"value":230},"@builder.io/core:Query","urlPath","is","/uc/zero-day-phishing-protection",{"inputs":232,"customFonts":233,"seoTitle":281,"title":281,"tsCode":29,"seoDescription":282,"fontAwesomeIcon":283,"jsCode":29,"blocks":284,"url":230,"state":389},[],[234],{"family":235,"kind":236,"version":237,"lastModified":238,"files":239,"category":258,"menu":259,"subsets":260,"variants":263},"DM Sans","webfonts#webfont","v14","2023-07-13",{"100":240,"200":241,"300":242,"500":243,"600":244,"700":245,"800":246,"900":247,"800italic":248,"900italic":249,"700italic":250,"100italic":251,"italic":252,"regular":253,"200italic":254,"500italic":255,"300italic":256,"600italic":257},"https://fonts.gstatic.com/s/dmsans/v14/rP2tp2ywxg089UriI5-g4vlH9VoD8CmcqZG40F9JadbnoEwAop1hTmf3ZGMZpg.ttf","https://fonts.gstatic.com/s/dmsans/v14/rP2tp2ywxg089UriI5-g4vlH9VoD8CmcqZG40F9JadbnoEwAIpxhTmf3ZGMZpg.ttf","https://fonts.gstatic.com/s/dmsans/v14/rP2tp2ywxg089UriI5-g4vlH9VoD8CmcqZG40F9JadbnoEwA_JxhTmf3ZGMZpg.ttf","https://fonts.gstatic.com/s/dmsans/v14/rP2tp2ywxg089UriI5-g4vlH9VoD8CmcqZG40F9JadbnoEwAkJxhTmf3ZGMZpg.ttf","https://fonts.gstatic.com/s/dmsans/v14/rP2tp2ywxg089UriI5-g4vlH9VoD8CmcqZG40F9JadbnoEwAfJthTmf3ZGMZpg.ttf","https://fonts.gstatic.com/s/dmsans/v14/rP2tp2ywxg089UriI5-g4vlH9VoD8CmcqZG40F9JadbnoEwARZthTmf3ZGMZpg.ttf","https://fonts.gstatic.com/s/dmsans/v14/rP2tp2ywxg089UriI5-g4vlH9VoD8CmcqZG40F9JadbnoEwAIpthTmf3ZGMZpg.ttf","https://fonts.gstatic.com/s/dmsans/v14/rP2tp2ywxg089UriI5-g4vlH9VoD8CmcqZG40F9JadbnoEwAC5thTmf3ZGMZpg.ttf","https://fonts.gstatic.com/s/dmsans/v14/rP2rp2ywxg089UriCZaSExd86J3t9jz86Mvy4qCRAL19DksVat8JCm3zRmYJpso5.ttf","https://fonts.gstatic.com/s/dmsans/v14/rP2rp2ywxg089UriCZaSExd86J3t9jz86Mvy4qCRAL19DksVat8gCm3zRmYJpso5.ttf","https://fonts.gstatic.com/s/dmsans/v14/rP2rp2ywxg089UriCZaSExd86J3t9jz86Mvy4qCRAL19DksVat9uCm3zRmYJpso5.ttf","https://fonts.gstatic.com/s/dmsans/v14/rP2rp2ywxg089UriCZaSExd86J3t9jz86Mvy4qCRAL19DksVat-JDG3zRmYJpso5.ttf","https://fonts.gstatic.com/s/dmsans/v14/rP2rp2ywxg089UriCZaSExd86J3t9jz86Mvy4qCRAL19DksVat-JDW3zRmYJpso5.ttf","https://fonts.gstatic.com/s/dmsans/v14/rP2tp2ywxg089UriI5-g4vlH9VoD8CmcqZG40F9JadbnoEwAopxhTmf3ZGMZpg.ttf","https://fonts.gstatic.com/s/dmsans/v14/rP2rp2ywxg089UriCZaSExd86J3t9jz86Mvy4qCRAL19DksVat8JDW3zRmYJpso5.ttf","https://fonts.gstatic.com/s/dmsans/v14/rP2rp2ywxg089UriCZaSExd86J3t9jz86Mvy4qCRAL19DksVat-7DW3zRmYJpso5.ttf","https://fonts.gstatic.com/s/dmsans/v14/rP2rp2ywxg089UriCZaSExd86J3t9jz86Mvy4qCRAL19DksVat_XDW3zRmYJpso5.ttf","https://fonts.gstatic.com/s/dmsans/v14/rP2rp2ywxg089UriCZaSExd86J3t9jz86Mvy4qCRAL19DksVat9XCm3zRmYJpso5.ttf","sans-serif","https://fonts.gstatic.com/s/dmsans/v14/rP2tp2ywxg089UriI5-g4vlH9VoD8CmcqZG40F9JadbnoEwAopxRT23z.ttf",[261,262],"latin","latin-ext",[264,265,266,267,268,269,76,270,271,272,273,274,275,276,277,278,279,280],"100","200","300","regular","500","600","800","900","100italic","200italic","300italic","italic","500italic","600italic","700italic","800italic","900italic","Zero-day phishing protection","Detect phishing TTPs directly in the browser and stop credential theft.","faFishingRod",[285,384],{"@type":51,"@version":52,"tagName":286,"id":287,"children":288},"div","builder-76c6b8d1499346c7bc1fd56ae4e93638",[289,306,314,321,333,348,359,370,376],{"@type":51,"@version":52,"layerName":290,"id":291,"component":292,"responsiveStyles":303},"UseCaseHero","builder-5228fe062bef4a40a91e43f1112832fa",{"name":290,"options":293,"isRSC":66},{"title":281,"description":294,"points":295,"video":302},"\u003Cp>Push detects phishing as it happens. Autonomous agents hunt for new phishing techniques, identify kit signatures, and deploy detections within minutes of a new attack being analyzed. From cloned login pages to AiTM credential harvesting, Push sees what traditional filters miss and stops threats before they escalate.\u003C/p>",[296,298,300],{"item":297},"Detect phishing that bypasses traditional filters, including AiTM, SSO password theft, and fake login pages",{"item":299},"Stop never-before-seen attacks with AI-native behavioral and on-page analysis inside the browser",{"item":301},"Investigate faster with unified browser, user, and page context","https://cdn.builder.io/o/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F40433ceeb4f94b43a82e039a0f4fd411%2Fcompressed?apiKey=f3a1111ff5be48cdbb123cd9f5795a05&token=40433ceeb4f94b43a82e039a0f4fd411&alt=media&optimized=true",{"large":304},{"display":69,"flexDirection":70,"position":71,"flexShrink":72,"boxSizing":73,"backgroundColor":305},"transparent",{"@type":51,"@version":52,"id":307,"component":308,"responsiveStyles":311},"builder-96634044407e491299e291ed64669e39",{"name":309,"options":310,"isRSC":66},"TrustedBy",{"AllPartners":34,"backgroundTransparent":6},{"large":312},{"display":69,"flexDirection":70,"position":71,"flexShrink":72,"boxSizing":73,"backgroundColor":313},"#000",{"@type":51,"@version":52,"id":315,"component":316,"responsiveStyles":319},"builder-2c3768f930534557bb8978e32b6a6a0f",{"name":317,"options":318,"isRSC":66},"Diagonal",{"darkMode":34},{"large":320},{"display":69,"flexDirection":70,"position":71,"flexShrink":72,"boxSizing":73},{"@type":51,"@version":52,"layerName":322,"id":323,"component":324,"responsiveStyles":331},"TextImageBlockVertical","builder-7c3c1c2840424db2ad2ccbfaf382dd64",{"name":322,"tag":322,"options":325,"isRSC":66},{"darkMode":6,"maxWidth":326,"maxTextWidth":327,"title":328,"description":329,"animatedTitle":29,"image":330,"reverse":6,"descriptionPaddingHorizontal":66},1200,800,"\u003Ch2>Why stop at the inbox?\u003C/h2>","\u003Cp>Phishing attacks have evolved. Whether attackers lure users with QR codes, instant messages, or OAuth consent screens, the outcome is the same: it plays out in the browser. Push gives you real-time detection for in-browser threats, stopping phishing and consent-based attacks before they lead to compromise\u003C/p>\u003Cp>\u003Cbr>\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F7fdcac241f0e4a049166d7076858adeb",{"large":332},{"display":69,"flexDirection":70,"position":71,"flexShrink":72,"boxSizing":73},{"@type":51,"@version":52,"id":334,"component":335,"responsiveStyles":343},"builder-41c978b3669749cf947e622b4e79e4d7",{"name":336,"options":337,"isRSC":66},"TextImageBlockHorizontal",{"darkMode":6,"maxWidth":326,"imageMaxWidth":338,"textPaddingTop":339,"title":340,"description":341,"reverse":34,"image":342},600,100,"\u003Cp>Detect phishing at the edge\u003C/p>","\u003Cp>Push uses industry-first telemetry to detect phishing based on behavior, not static indicators. Autonomous agents analyze how phishing pages behave and how users interact with them, uncovering fake logins, credential theft, and phishing kits the moment they load in the browser.\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F9df3d180c97b4e61af142af2ccd68721",{"large":344},{"display":69,"flexDirection":70,"position":71,"flexShrink":72,"boxSizing":73,"fontFamily":345,"paddingTop":346,"marginTop":347},"DM Sans, sans-serif","20px","0px",{"@type":51,"@version":52,"id":349,"component":350,"responsiveStyles":356},"builder-d2a7bc941feb43cdb898bc116b203cf9",{"name":336,"options":351,"isRSC":66},{"darkMode":6,"maxWidth":326,"imageMaxWidth":338,"textPaddingTop":352,"title":353,"description":354,"reverse":6,"image":355},120,"\u003Ch2>Go beyond blocklists and IOCs\u003C/h2>","\u003Cp>Push goes beyond URLs and easy-to-change indicators. It reads the full phishing playbook like script behavior, session hijacks, DOM changes, user inputs, then connects the dots in real time. This gives your team a complete picture of how the phishing attempt worked, not just an alert.\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fabfd58db169b433e96d3f1261797156e",{"large":357},{"display":69,"flexDirection":70,"position":71,"flexShrink":72,"boxSizing":73,"paddingTop":358},"36px",{"@type":51,"@version":52,"layerName":336,"id":360,"component":361,"responsiveStyles":367},"builder-42c32198083f4880acb37c5cb76934da",{"name":336,"options":362,"isRSC":66},{"darkMode":6,"maxWidth":326,"imageMaxWidth":338,"textPaddingTop":363,"title":364,"description":365,"reverse":34,"image":366},140,"\u003Ch2>Enhance your phishing response\u003C/h2>","\u003Cp>When phishing enters your environment, speed matters. Push gives you instant access to the telemetry that counts like session data, user behavior, and page activity, so you can investigate fast, trigger in-browser prompts, or forward alerts to your SIEM or SOAR for response. All in real time, right from the browser.\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fbb195aec46904056b85e8688629e558e",{"large":368},{"display":69,"flexDirection":70,"position":71,"flexShrink":72,"boxSizing":73,"paddingTop":369},"47px",{"@type":51,"@version":52,"id":371,"component":372,"responsiveStyles":374},"builder-9a95b9cbc4854421a92ef7b90f6c7adb",{"name":317,"options":373,"isRSC":66},{"darkMode":6},{"large":375},{"display":69,"flexDirection":70,"position":71,"flexShrink":72,"boxSizing":73},{"@type":51,"@version":52,"id":377,"component":378,"responsiveStyles":382},"builder-0afa17a9f25c4661a90f314d5578aa18",{"name":379,"tag":379,"options":380,"isRSC":66},"LatestResources",{"sectionHeading":29,"customClass":381},"bg-black",{"large":383},{"display":69,"flexDirection":70,"position":71,"flexShrink":72,"boxSizing":73},{"id":385,"@type":51,"tagName":79,"properties":386,"responsiveStyles":387},"builder-pixel-qdbblp2z9pi",{"src":81,"aria-hidden":82,"alt":29,"role":83,"width":72,"height":72},{"large":388},{"height":72,"width":72,"display":86,"opacity":72,"overflow":87,"pointerEvents":88},{"deviceSize":90,"location":390},{"path":29,"query":391},{},{},1776275046831,1745499158657,"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fff60c30a8442489c8ed7e0af9599d14f","kYgMv6WsbvfmlOUYqR2SFwGzw6e2",[],{"lastPreviewUrl":399,"winningTest":66,"breakpoints":400,"kind":401,"hasLinks":6,"originalContentId":402,"hasAutosaves":6},"https://pushsecurity.com/uc/zero-day-phishing-protection?builder.space=f3a1111ff5be48cdbb123cd9f5795a05&builder.user.permissions=read%2Ccreate%2Cpublish%2CeditDesigns%2CeditLayouts%2CeditLayers%2CeditContentPriority%2CeditFolders%2CcreateProjects%2CsendPullRequests&builder.user.role.name=Designer&builder.user.role.id=creator&builder.cachebust=true&builder.preview=use-case-page&builder.noCache=true&builder.allowTextEdit=true&__builder_editing__=true&builder.overrides.use-case-page=387451215c314dd5bd654668cdc1a197&builder.overrides.387451215c314dd5bd654668cdc1a197=387451215c314dd5bd654668cdc1a197&builder.overrides.use-case-page:/uc/zero-day-phishing-protection=387451215c314dd5bd654668cdc1a197&builder.options.locale=Default",{"xsmall":31,"small":32,"medium":33},"page","2daa5670b8504fc7ba4700633e8bd921","6cprzix80zl",{"createdDate":405,"id":406,"name":407,"modelId":224,"published":13,"stageModifiedSincePublish":6,"query":408,"data":411,"variations":515,"lastUpdated":516,"firstPublished":517,"testRatio":23,"screenshot":518,"createdBy":96,"lastUpdatedBy":396,"folders":519,"meta":520,"rev":403},1756833377777,"54f8256648f54d439303734b1e69221b","Browser extension security",[409],{"@type":227,"property":228,"operator":229,"value":410},"/uc/browser-extension-security",{"seoDescription":412,"jsCode":29,"fontAwesomeIcon":413,"tsCode":29,"title":407,"seoTitle":407,"customFonts":414,"inputs":419,"blocks":420,"url":410,"state":512},"Shine a light on risky browser extensions.","faPuzzlePiece",[415],{"kind":236,"family":235,"version":237,"files":416,"category":258,"lastModified":238,"subsets":417,"variants":418,"menu":259},{"100":240,"200":241,"300":242,"500":243,"600":244,"700":245,"800":246,"900":247,"100italic":251,"italic":252,"regular":253,"900italic":249,"800italic":248,"700italic":250,"200italic":254,"300italic":256,"500italic":255,"600italic":257},[261,262],[264,265,266,267,268,269,76,270,271,272,273,274,275,276,277,278,279,280],[],[421,507],{"@type":51,"@version":52,"tagName":286,"id":422,"meta":423,"children":424},"builder-71d0648c1d2f4ede8d0d0b5b28b7b94c",{"previousId":287},[425,441,448,455,464,474,484,494,501],{"@type":51,"@version":52,"id":426,"meta":427,"component":428,"responsiveStyles":439},"builder-ff325b4b8fad4edea53f38865947e854",{"previousId":291},{"name":290,"options":429,"isRSC":66},{"title":407,"description":430,"points":431,"video":438},"\u003Cp>Browser extensions introduce new code, new permissions, and new potential for risk. Many include AI features, and most go completely unnoticed. Push gives you full visibility into every extension used across your workforce, across major browsers, so you can uncover shadow IT, assess risky permissions, and block unsafe tools before they lead to compromise.\u003C/p>",[432,434,436],{"item":433},"Discover every browser extension in use",{"item":435},"Spot risky or unsanctioned behavior",{"item":437},"Make informed decisions on extension policy","https://cdn.builder.io/o/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fc538aad95d7f403aa3c3551af72f67c0?alt=media&token=1411fa6d-2eac-4e6c-94bf-ea117da12d67&apiKey=f3a1111ff5be48cdbb123cd9f5795a05",{"large":440},{"display":69,"flexDirection":70,"position":71,"flexShrink":72,"boxSizing":73,"backgroundColor":305},{"@type":51,"@version":52,"id":442,"meta":443,"component":444,"responsiveStyles":446},"builder-fb89d128c64e47cf9cbb11d90fc24523",{"previousId":307},{"name":309,"options":445,"isRSC":66},{"AllPartners":34,"backgroundTransparent":6},{"large":447},{"display":69,"flexDirection":70,"position":71,"flexShrink":72,"boxSizing":73,"backgroundColor":313},{"@type":51,"@version":52,"id":449,"meta":450,"component":451,"responsiveStyles":453},"builder-54388d35126c4d0096eeebaf8c4448cd",{"previousId":315},{"name":317,"options":452,"isRSC":66},{"darkMode":34},{"large":454},{"display":69,"flexDirection":70,"position":71,"flexShrink":72,"boxSizing":73},{"@type":51,"@version":52,"layerName":322,"id":456,"component":457,"responsiveStyles":462},"builder-3c8fa6785dd6466abf52a2470d66d85a",{"name":322,"tag":322,"options":458,"isRSC":66},{"darkMode":6,"maxWidth":326,"maxTextWidth":327,"title":459,"description":460,"image":461,"reverse":6},"\u003Ch2>Take control of browser extensions\u003C/h2>","\u003Cp>Attackers are increasingly using malicious browser extensions to gain access to data processed and stored in the browser. And the problem is, most security teams have no visibility into what extensions are being used. Push changes that. With browser-native telemetry, the Push extension continuously inventories browser extensions across your environment, flags the risky ones, and gives you intelligence to act. \u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>\u003Cbr>\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F0a004f16a6874f4c8fdf14344acc9fec",{"large":463},{"display":69,"flexDirection":70,"position":71,"flexShrink":72,"boxSizing":73},{"@type":51,"@version":52,"id":465,"meta":466,"component":467,"responsiveStyles":472},"builder-93738f98109a4009affb349afd7bb182",{"previousId":334},{"name":336,"options":468,"isRSC":66},{"darkMode":6,"maxWidth":326,"imageMaxWidth":338,"textPaddingTop":339,"title":469,"description":470,"reverse":34,"image":471},"\u003Ch2>Discover every extension in use\u003C/h2>","\u003Cp>Push gives you structured, searchable data about every extension in your environment, so you’re not just seeing what’s there, but also understanding how it got there, what it can do, and who it affects. It’s the kind of granular insight that’s nearly impossible to get from traditional tools, and it lays the groundwork for better policy decisions and faster investigations.\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F0e5727ca99474f14b1b7916bf6bbb782",{"large":473},{"display":69,"flexDirection":70,"position":71,"flexShrink":72,"boxSizing":73,"fontFamily":345,"paddingTop":346,"marginTop":347},{"@type":51,"@version":52,"id":475,"meta":476,"component":477,"responsiveStyles":482},"builder-83393acb12ee4fdd840839185b51edb4",{"previousId":349},{"name":336,"options":478,"isRSC":66},{"darkMode":6,"maxWidth":326,"imageMaxWidth":338,"textPaddingTop":352,"title":479,"description":480,"reverse":6,"image":481},"\u003Ch2>Spot risky or malicious extensions\u003C/h2>","\u003Cp>Push highlights extensions with dangerous permissions, broad access, or poor reputations. This includes AI extensions that request access far beyond what their stated purpose requires. You can quickly detect sideloaded, manually installed, or development-mode extensions that bypass normal controls. And because Push shows you who’s using them and where, you can respond precisely and effectively.\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fa104d58c8da34fbb8901f738fb21453b",{"large":483},{"display":69,"flexDirection":70,"position":71,"flexShrink":72,"boxSizing":73,"paddingTop":358},{"@type":51,"@version":52,"layerName":336,"id":485,"meta":486,"component":487,"responsiveStyles":492},"builder-da98e3de949646d89c53a0d1c2784664",{"previousId":360},{"name":336,"options":488,"isRSC":66},{"darkMode":6,"maxWidth":326,"imageMaxWidth":338,"textPaddingTop":363,"title":489,"description":490,"reverse":34,"image":491},"\u003Ch2>Accelerate security reviews\u003C/h2>","\u003Cp>Most teams have extension policies, they just don’t have the data to enforce them. Push reveals how each extension entered your environment, whether it was installed manually, sideloaded, or deployed in dev mode. You’ll see which users are running what, and where, so you can surface violations, investigate quickly, and respond with confidence.\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F229f355be6f243b180f410d237a75bb3",{"large":493},{"display":69,"flexDirection":70,"position":71,"flexShrink":72,"boxSizing":73,"paddingTop":369},{"@type":51,"@version":52,"id":495,"meta":496,"component":497,"responsiveStyles":499},"builder-1a689287d1a1418997d57db578a71105",{"previousId":371},{"name":317,"options":498,"isRSC":66},{"darkMode":6},{"large":500},{"display":69,"flexDirection":70,"position":71,"flexShrink":72,"boxSizing":73},{"@type":51,"@version":52,"id":502,"component":503,"responsiveStyles":505},"builder-feb4e75029f84c10b6498ef1f8f79128",{"name":379,"tag":379,"options":504,"isRSC":66},{"sectionHeading":29,"customClass":381},{"large":506},{"display":69,"flexDirection":70,"position":71,"flexShrink":72,"boxSizing":73},{"id":508,"@type":51,"tagName":79,"properties":509,"responsiveStyles":510},"builder-pixel-tqwnkkrdd0c",{"src":81,"aria-hidden":82,"alt":29,"role":83,"width":72,"height":72},{"large":511},{"height":72,"width":72,"display":86,"opacity":72,"overflow":87,"pointerEvents":88},{"deviceSize":90,"location":513},{"path":29,"query":514},{},{},1776275365038,1757000441666,"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F8d496cf111644ee5afcc046b72d1ca5a",[],{"kind":401,"winningTest":66,"breakpoints":521,"lastPreviewUrl":522,"hasLinks":6,"originalContentId":222,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},"https://pushsecurity.com/uc/browser-extension-security?builder.space=f3a1111ff5be48cdbb123cd9f5795a05&builder.user.permissions=read%2Ccreate%2Cpublish%2CeditDesigns%2CeditLayouts%2CeditLayers%2CeditContentPriority%2CeditFolders%2CcreateProjects%2CsendPullRequests&builder.user.role.name=Designer&builder.user.role.id=creator&builder.cachebust=true&builder.preview=use-case-page&builder.noCache=true&builder.allowTextEdit=true&__builder_editing__=true&builder.overrides.use-case-page=54f8256648f54d439303734b1e69221b&builder.overrides.54f8256648f54d439303734b1e69221b=54f8256648f54d439303734b1e69221b&builder.overrides.use-case-page:/uc/browser-extension-security=54f8256648f54d439303734b1e69221b&builder.options.locale=Default",{"createdDate":524,"id":525,"name":526,"modelId":224,"published":13,"query":527,"data":530,"variations":633,"lastUpdated":634,"firstPublished":635,"testRatio":23,"screenshot":636,"createdBy":96,"lastUpdatedBy":637,"folders":638,"meta":639,"rev":403},1744923509705,"94bebb7bb99d48629ad157e80cf4d81d","Account takeover detection",[528],{"@type":227,"property":228,"operator":229,"value":529},"/uc/account-takeover-detection",{"title":526,"customFonts":531,"jsCode":29,"seoTitle":526,"seoDescription":536,"fontAwesomeIcon":537,"tsCode":29,"blocks":538,"url":529,"state":630},[532],{"kind":236,"category":258,"variants":533,"menu":259,"files":534,"family":235,"subsets":535,"version":237,"lastModified":238},[264,265,266,267,268,269,76,270,271,272,273,274,275,276,277,278,279,280],{"100":240,"200":241,"300":242,"500":243,"600":244,"700":245,"800":246,"900":247,"300italic":256,"500italic":255,"800italic":248,"700italic":250,"italic":252,"900italic":249,"600italic":257,"200italic":254,"regular":253,"100italic":251},[261,262],"Stop ATO with stolen credential and compromised token detection.","faUserSecret",[539,625],{"@type":51,"@version":52,"tagName":286,"id":540,"meta":541,"children":542},"builder-e7913a774cae44c5a23d6081c5c30a52",{"previousId":287},[543,559,566,573,582,592,602,612,619],{"@type":51,"@version":52,"id":544,"meta":545,"component":546,"responsiveStyles":557},"builder-f1f1ab1601bc4c0f8c2a8aafd173675d",{"previousId":291},{"name":290,"options":547,"isRSC":66},{"title":526,"description":548,"points":549,"video":556},"\u003Cp>Attackers don’t need to phish, they just need a password that works. Push monitors for signs of credential-based attacks in real time, directly in the browser, catching account takeover attempts before the damage spreads. From ghost logins to credential stuffing, Push cuts off the paths attackers use to quietly slip in the back door.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>",[550,552,554],{"item":551},"Identify credential-based ATO as it unfolds",{"item":553},"Surface hijacked sessions and token misuse",{"item":555},"Strengthen authentication where your IdP can’t","https://cdn.builder.io/o/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fb4dd9db24bc9495b8a686b1b4d492016%2Fcompressed?apiKey=f3a1111ff5be48cdbb123cd9f5795a05&token=b4dd9db24bc9495b8a686b1b4d492016&alt=media&optimized=true",{"large":558},{"display":69,"flexDirection":70,"position":71,"flexShrink":72,"boxSizing":73,"backgroundColor":305},{"@type":51,"@version":52,"id":560,"meta":561,"component":562,"responsiveStyles":564},"builder-0bc0d1c78ece4994993c3a6427a4d533",{"previousId":307},{"name":309,"options":563,"isRSC":66},{"AllPartners":34,"backgroundTransparent":6},{"large":565},{"display":69,"flexDirection":70,"position":71,"flexShrink":72,"boxSizing":73,"backgroundColor":313},{"@type":51,"@version":52,"id":567,"meta":568,"component":569,"responsiveStyles":571},"builder-e45de8f3768c4f16938dbf78e4e87524",{"previousId":315},{"name":317,"options":570,"isRSC":66},{"darkMode":34},{"large":572},{"display":69,"flexDirection":70,"position":71,"flexShrink":72,"boxSizing":73},{"@type":51,"@version":52,"id":574,"component":575,"responsiveStyles":580},"builder-c98e8bfd341146c1b67c02d5698ff093",{"name":322,"tag":322,"options":576,"isRSC":66},{"darkMode":6,"maxWidth":326,"maxTextWidth":327,"title":577,"description":578,"image":579,"reverse":6},"\u003Ch2>Assume less. See more.\u003C/h2>","\u003Cp>Most account takeovers don’t start with a breach, they start with a login. Whether it’s a reused password, a local account, or an outdated login flow, Push shows you how accounts are actually accessed day to day, not just how policies say they should be. That means no more blind spots around ghost logins, bypassed SSO, or stale access paths that quietly persist.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>\u003Cbr>\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F18630ad2746d4eb7b7fcc0428b11a8f0",{"large":581},{"display":69,"flexDirection":70,"position":71,"flexShrink":72,"boxSizing":73},{"@type":51,"@version":52,"id":583,"meta":584,"component":585,"responsiveStyles":590},"builder-55c1fc38ddc04fd1a0d6a8e2fb819e00",{"previousId":334},{"name":336,"options":586,"isRSC":66},{"darkMode":6,"maxWidth":326,"imageMaxWidth":338,"textPaddingTop":339,"title":587,"description":588,"reverse":34,"image":589},"\u003Ch2>Catch stolen credential use in real time\u003C/h2>","\u003Cp>Push monitors login activity directly in the browser to detect signs of credential-based attacks like leaked password use or suspicious login flows. By analyzing attacker TTPs instead of relying on known indicators, Push spots credential stuffing and account takeover attempts the moment they begin, not after they’ve succeeded.\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F52b0123cac2c4dfdb1dc0af6adf9d603",{"large":591},{"display":69,"flexDirection":70,"position":71,"flexShrink":72,"boxSizing":73,"fontFamily":345,"paddingTop":347,"marginTop":347},{"@type":51,"@version":52,"id":593,"meta":594,"component":595,"responsiveStyles":600},"builder-dfb31737b30948c6b95323655d571a50",{"previousId":349},{"name":336,"options":596,"isRSC":66},{"darkMode":6,"maxWidth":326,"imageMaxWidth":338,"textPaddingTop":352,"title":597,"description":598,"reverse":6,"image":599},"\u003Ch2>Detect session hijacks and stealth access\u003C/h2>","\u003Cp>Attackers don’t always need a login screen, they often sidestep it entirely using stolen session tokens. Push detects when valid sessions are reused in unexpected ways, identifying hijacked sessions and stealth access attempts that traditional tools miss. Because we monitor directly in the browser, you see what’s happening inside active sessions in real time.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F94a6859a99e04d309ffe5841f3dbdf5c",{"large":601},{"display":69,"flexDirection":70,"position":71,"flexShrink":72,"boxSizing":73,"paddingTop":358},{"@type":51,"@version":52,"layerName":336,"id":603,"meta":604,"component":605,"responsiveStyles":610},"builder-f7585b90eb974d03a7dc7eae5b58d227",{"previousId":360},{"name":336,"options":606,"isRSC":66},{"darkMode":6,"maxWidth":326,"imageMaxWidth":338,"textPaddingTop":363,"title":607,"description":608,"reverse":34,"image":609},"\u003Ch2>Harden accounts before they’re compromised\u003C/h2>","\u003Cp>Push goes beyond alerts. It identifies apps that still allow local logins, even when SSO is configured, so you can remove weak access paths. Push also flags users without MFA, reused work credentials, or weak passwords, and prompts users in-browser to fix risky behaviors before they’re exploited.\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F01c1b638f1b6497093a4f2b8ceddb5bb",{"large":611},{"display":69,"flexDirection":70,"position":71,"flexShrink":72,"boxSizing":73,"paddingTop":369},{"@type":51,"@version":52,"id":613,"meta":614,"component":615,"responsiveStyles":617},"builder-ad81d1e3afec49a791214194eae09bdc",{"previousId":371},{"name":317,"options":616,"isRSC":66},{"darkMode":6},{"large":618},{"display":69,"flexDirection":70,"position":71,"flexShrink":72,"boxSizing":73},{"@type":51,"@version":52,"id":620,"component":621,"responsiveStyles":623},"builder-8dac1aa4b9d148628d92252bd8eff822",{"name":379,"tag":379,"options":622,"isRSC":66},{"sectionHeading":29,"customClass":381},{"large":624},{"display":69,"flexDirection":70,"position":71,"flexShrink":72,"boxSizing":73},{"id":626,"@type":51,"tagName":79,"properties":627,"responsiveStyles":628},"builder-pixel-5untkxjgklw",{"src":81,"aria-hidden":82,"alt":29,"role":83,"width":72,"height":72},{"large":629},{"height":72,"width":72,"display":86,"opacity":72,"overflow":87,"pointerEvents":88},{"deviceSize":90,"location":631},{"path":29,"query":632},{},{},1770892814499,1745499162732,"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F58b660fa94aa4b30b0faeb9b663ae41a","SfUPqW5tkibIPby49keNFMdHFTr1",[],{"lastPreviewUrl":640,"hasLinks":6,"originalContentId":222,"breakpoints":641,"winningTest":66,"kind":401,"hasAutosaves":34},"https://pushsecurity.com/uc/account-takeover-detection?builder.space=f3a1111ff5be48cdbb123cd9f5795a05&builder.user.permissions=read%2Ccreate%2Cpublish%2CeditCode%2CeditDesigns%2CeditLayouts%2CeditLayers%2CeditContentPriority%2CeditFolders%2CeditProjects%2CmodifyMcpServers%2CmodifyWorkflowIntegrations%2CmodifyProjectSettings%2CconnectCodeRepository%2CcreateProjects%2CindexDesignSystems%2CsendPullRequests&builder.user.role.name=Developer&builder.user.role.id=developer&builder.cachebust=true&builder.preview=use-case-page&builder.noCache=true&builder.allowTextEdit=true&__builder_editing__=true&builder.overrides.use-case-page=94bebb7bb99d48629ad157e80cf4d81d&builder.overrides.94bebb7bb99d48629ad157e80cf4d81d=94bebb7bb99d48629ad157e80cf4d81d&builder.overrides.use-case-page:/uc/account-takeover-detection=94bebb7bb99d48629ad157e80cf4d81d&builder.options.includeRefs=true&builder.options.enrich=true&builder.options.locale=Default",{"xsmall":31,"small":32,"medium":33},{"createdDate":643,"id":644,"name":645,"modelId":224,"published":13,"query":646,"data":649,"variations":752,"lastUpdated":753,"firstPublished":754,"testRatio":23,"screenshot":755,"createdBy":96,"lastUpdatedBy":637,"folders":756,"meta":757,"rev":403},1745009370904,"23eb48fb56d3451cab77cb6ed140ee6d","Attack path hardening",[647],{"@type":227,"property":228,"operator":229,"value":648},"/uc/attack-path-hardening",{"tsCode":29,"seoDescription":650,"jsCode":29,"customFonts":651,"fontAwesomeIcon":656,"seoTitle":645,"title":645,"blocks":657,"url":648,"state":749},"Harden access paths with visibility,  detection, and guardrails.",[652],{"kind":236,"files":653,"version":237,"lastModified":238,"subsets":654,"menu":259,"category":258,"variants":655,"family":235},{"100":240,"200":241,"300":242,"500":243,"600":244,"700":245,"800":246,"900":247,"regular":253,"italic":252,"800italic":248,"500italic":255,"600italic":257,"200italic":254,"900italic":249,"700italic":250,"100italic":251,"300italic":256},[261,262],[264,265,266,267,268,269,76,270,271,272,273,274,275,276,277,278,279,280],"faRadar",[658,744],{"@type":51,"@version":52,"tagName":286,"id":659,"meta":660,"children":661},"builder-1d8553eddcaa44d7bba9e2f4ca13af2a",{"previousId":540},[662,678,685,692,701,711,721,731,738],{"@type":51,"@version":52,"id":663,"meta":664,"component":665,"responsiveStyles":676},"builder-84fe3d7c85a743cf8cef649aa974f1ef",{"previousId":544},{"name":290,"options":666,"isRSC":66},{"title":645,"description":667,"points":668,"video":675},"\u003Cp>Push continuously monitors your environment for exposed login paths, weak credentials, and missing protections like MFA. It detects the gaps attackers exploit and helps you close them before they’re used.\u003C/p>",[669,671,673],{"item":670},"Find weak spots like reused passwords, local logins, and missing MFA",{"item":672},"Monitor how users actually log in across apps, flows, and tools",{"item":674},"Enforce secure access with in-browser guardrails","https://cdn.builder.io/o/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fdbdcf52892034f1bbddded77f753a343%2Fcompressed?apiKey=f3a1111ff5be48cdbb123cd9f5795a05&token=dbdcf52892034f1bbddded77f753a343&alt=media&optimized=true",{"large":677},{"display":69,"flexDirection":70,"position":71,"flexShrink":72,"boxSizing":73,"backgroundColor":305},{"@type":51,"@version":52,"id":679,"meta":680,"component":681,"responsiveStyles":683},"builder-b3f66f5b08054cc78a06fecfc3ae2337",{"previousId":560},{"name":309,"options":682,"isRSC":66},{"AllPartners":34,"backgroundTransparent":6},{"large":684},{"display":69,"flexDirection":70,"position":71,"flexShrink":72,"boxSizing":73,"backgroundColor":313},{"@type":51,"@version":52,"id":686,"meta":687,"component":688,"responsiveStyles":690},"builder-4c73418b84be49ed85e6e13d2625c5a0",{"previousId":567},{"name":317,"options":689,"isRSC":66},{"darkMode":34},{"large":691},{"display":69,"flexDirection":70,"position":71,"flexShrink":72,"boxSizing":73},{"@type":51,"@version":52,"id":693,"component":694,"responsiveStyles":699},"builder-dec0246085e1485c803f7152b1922a81",{"name":322,"tag":322,"options":695,"isRSC":66},{"darkMode":6,"maxWidth":326,"maxTextWidth":327,"title":696,"description":697,"image":698,"reverse":6},"\u003Ch2>Find the gaps that lead to compromise\u003C/h2>","\u003Cp>Misconfigurations don’t show up in your config files, they show up in how users actually access apps. Push monitors real login behavior in the browser, surfacing risky patterns like local login access, duplicate accounts, or missing protections that leave doors wide open.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>\u003Cbr>\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F309a59bba8d247a19476bb369397460e",{"large":700},{"display":69,"flexDirection":70,"position":71,"flexShrink":72,"boxSizing":73},{"@type":51,"@version":52,"id":702,"meta":703,"component":704,"responsiveStyles":709},"builder-ebf049a645604a249550996a88f8f3b6",{"previousId":583},{"name":336,"options":705,"isRSC":66},{"darkMode":6,"maxWidth":326,"imageMaxWidth":338,"textPaddingTop":339,"title":706,"description":707,"reverse":34,"image":708},"\u003Ch2>See real login behavior\u003C/h2>","\u003Cp>Push watches authentication flows as they happen, giving you a live view of how users log in, which methods they choose, and where protections like MFA are missing. Plus, uncover every app and account in use, even shadow IT you didn’t know existed, without relying on stale config files or IdP assumptions. \u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fb51f6b0357cc451b87a7a5016d984e5e",{"large":710},{"display":69,"flexDirection":70,"position":71,"flexShrink":72,"boxSizing":73,"fontFamily":345,"paddingTop":346,"marginTop":347},{"@type":51,"@version":52,"id":712,"meta":713,"component":714,"responsiveStyles":719},"builder-431d175c59004669b0b2776b07d71737",{"previousId":593},{"name":336,"options":715,"isRSC":66},{"darkMode":6,"maxWidth":326,"imageMaxWidth":338,"textPaddingTop":352,"title":716,"description":717,"reverse":6,"image":718},"\u003Ch2>Find and fix posture drift\u003C/h2>","\u003Cp>Security posture isn’t static. Push continuously monitors for issues like missing MFA or legacy login methods. When something falls out of policy, you know immediately with custom notifications so you can act before it turns into risk.\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F324e39127dfc41e592b1183dfb39892d",{"large":720},{"display":69,"flexDirection":70,"position":71,"flexShrink":72,"boxSizing":73,"paddingTop":358},{"@type":51,"@version":52,"layerName":336,"id":722,"meta":723,"component":724,"responsiveStyles":729},"builder-3dffdcbe0a484e2ca4c03f019b6d40ee",{"previousId":603},{"name":336,"options":725,"isRSC":66},{"darkMode":6,"maxWidth":326,"imageMaxWidth":338,"textPaddingTop":363,"title":726,"description":727,"reverse":34,"image":728},"\u003Ch2>Guide users with in-browser guardrails\u003C/h2>","\u003Cp>Push doesn’t just surface problems, it helps you fix them. When users sign in without MFA, reuse a password, or use insecure credentials, Push prompts them directly in the browser to secure their access. It’s faster, more effective, and actually gets results.\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fee8b75d13e45488aba55434a8b49ebb0",{"large":730},{"display":69,"flexDirection":70,"position":71,"flexShrink":72,"boxSizing":73,"paddingTop":369},{"@type":51,"@version":52,"id":732,"meta":733,"component":734,"responsiveStyles":736},"builder-976bc222cd7647ff905f1e01cfedc453",{"previousId":613},{"name":317,"options":735,"isRSC":66},{"darkMode":6},{"large":737},{"display":69,"flexDirection":70,"position":71,"flexShrink":72,"boxSizing":73},{"@type":51,"@version":52,"id":739,"component":740,"responsiveStyles":742},"builder-8c47ec2fd0f74382bb3e6c870555632c",{"name":379,"tag":379,"options":741,"isRSC":66},{"sectionHeading":29,"customClass":381},{"large":743},{"display":69,"flexDirection":70,"position":71,"flexShrink":72,"boxSizing":73},{"id":745,"@type":51,"tagName":79,"properties":746,"responsiveStyles":747},"builder-pixel-hvbzvrk8njr",{"src":81,"aria-hidden":82,"alt":29,"role":83,"width":72,"height":72},{"large":748},{"height":72,"width":72,"display":86,"opacity":72,"overflow":87,"pointerEvents":88},{"deviceSize":90,"location":750},{"path":29,"query":751},{},{},1770892844854,1745499166112,"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F6ca12bf728a045f1a31d40c0beb3bfe5",[],{"kind":401,"lastPreviewUrl":758,"breakpoints":759,"hasLinks":6,"originalContentId":525,"winningTest":66,"hasAutosaves":34},"https://pushsecurity.com/uc/attack-path-hardening?builder.space=f3a1111ff5be48cdbb123cd9f5795a05&builder.user.permissions=read%2Ccreate%2Cpublish%2CeditCode%2CeditDesigns%2CeditLayouts%2CeditLayers%2CeditContentPriority%2CeditFolders%2CeditProjects%2CmodifyMcpServers%2CmodifyWorkflowIntegrations%2CmodifyProjectSettings%2CconnectCodeRepository%2CcreateProjects%2CindexDesignSystems%2CsendPullRequests&builder.user.role.name=Developer&builder.user.role.id=developer&builder.cachebust=true&builder.preview=use-case-page&builder.noCache=true&builder.allowTextEdit=true&__builder_editing__=true&builder.overrides.use-case-page=23eb48fb56d3451cab77cb6ed140ee6d&builder.overrides.23eb48fb56d3451cab77cb6ed140ee6d=23eb48fb56d3451cab77cb6ed140ee6d&builder.overrides.use-case-page:/uc/attack-path-hardening=23eb48fb56d3451cab77cb6ed140ee6d&builder.options.includeRefs=true&builder.options.enrich=true&builder.options.locale=Default",{"xsmall":31,"small":32,"medium":33},{"createdDate":761,"id":762,"name":763,"modelId":224,"published":13,"query":764,"data":767,"variations":872,"lastUpdated":873,"firstPublished":874,"testRatio":23,"screenshot":875,"createdBy":96,"lastUpdatedBy":637,"folders":876,"meta":877,"rev":403},1761675020232,"ea4f309d2ffe46c5aa97ebf0fda4e2e3","ClickFix Protection",[765],{"@type":227,"property":228,"operator":229,"value":766},"/uc/clickfix-protection",{"seoDescription":768,"fontAwesomeIcon":769,"customFonts":770,"seoTitle":775,"jsCode":29,"tsCode":29,"title":775,"blocks":776,"url":766,"state":869},"Block attacks that trick users into running malicious code.","faLaptopCode",[771],{"files":772,"subsets":773,"menu":259,"version":237,"kind":236,"family":235,"lastModified":238,"variants":774,"category":258},{"100":240,"200":241,"300":242,"500":243,"600":244,"700":245,"800":246,"900":247,"200italic":254,"800italic":248,"700italic":250,"600italic":257,"100italic":251,"italic":252,"regular":253,"300italic":256,"500italic":255,"900italic":249},[261,262],[264,265,266,267,268,269,76,270,271,272,273,274,275,276,277,278,279,280],"ClickFix protection",[777,864],{"@type":51,"@version":52,"tagName":286,"id":778,"meta":779,"children":780},"builder-d7eefdde0f2a4b2b9de3dcb2978fd6cb",{"previousId":659},[781,797,804,811,821,831,841,851,858],{"@type":51,"@version":52,"id":782,"meta":783,"component":784,"responsiveStyles":795},"builder-56e2c54bcce040a4af8b92ae03706c12",{"previousId":663},{"name":290,"options":785,"isRSC":66},{"title":775,"description":786,"points":787,"image":794},"\u003Cp>ClickFix attacks are one of the fastest-growing threats, tricking users into copying malicious code from a webpage and running it locally. This technique bypasses traditional EDR, email gateways, and network filters, leading directly to ransomware and data theft. Push stops this attack at the source, in the browser, by detecting and blocking the malicious behavior before the user can ever paste the code.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>",[788,790,792],{"item":789},"Detect ClickFix, FileFix, and fake CAPTCHA in the browser",{"item":791},"Block malicious copy-and-paste actions before code is executed",{"item":793},"See full telemetry into which users were targeted and what they saw","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F7b74af62889847ebb3927364485b0546",{"large":796},{"display":69,"flexDirection":70,"position":71,"flexShrink":72,"boxSizing":73,"backgroundColor":305},{"@type":51,"@version":52,"id":798,"meta":799,"component":800,"responsiveStyles":802},"builder-05f9614d4e3e4dc88b3ee8658f54e10e",{"previousId":679},{"name":309,"options":801,"isRSC":66},{"AllPartners":34,"backgroundTransparent":6},{"large":803},{"display":69,"flexDirection":70,"position":71,"flexShrink":72,"boxSizing":73,"backgroundColor":313},{"@type":51,"@version":52,"id":805,"meta":806,"component":807,"responsiveStyles":809},"builder-c4fb5179366243c1b6c32d368675cf47",{"previousId":686},{"name":317,"options":808,"isRSC":66},{"darkMode":34},{"large":810},{"display":69,"flexDirection":70,"position":71,"flexShrink":72,"boxSizing":73},{"@type":51,"@version":52,"id":812,"meta":813,"component":814,"responsiveStyles":819},"builder-261af50705fd445d8cca4a6ba20d5391",{"previousId":693},{"name":322,"tag":322,"options":815,"isRSC":66},{"darkMode":6,"maxWidth":326,"maxTextWidth":327,"title":816,"description":817,"reverse":6,"image":818},"\u003Ch2>Stop ClickFix-style attacks before they become a breach\u003C/h2>","\u003Cp>Traditional security tools are blind to malicious copy and paste attacks because the attack exploits a gap between the browser and the endpoint. EDR only sees the payload after it runs, and network tools see only part of the picture.\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F98b2f7e08dec4eafaf8e24937605b8cf",{"large":820},{"display":69,"flexDirection":70,"position":71,"flexShrink":72,"boxSizing":73},{"@type":51,"@version":52,"id":822,"meta":823,"component":824,"responsiveStyles":829},"builder-7d21b8aab8064c40b1e5dd23c4749309",{"previousId":702},{"name":336,"options":825,"isRSC":66},{"darkMode":6,"maxWidth":326,"imageMaxWidth":338,"textPaddingTop":339,"title":826,"description":827,"reverse":34,"image":828},"\u003Ch2>Discover lures at the source\u003C/h2>","\u003Cp>Push inspects page behavior to identify ClickFix attacks as they happen. By inspecting the page, its structure, and how the user interacts with it, Push can detect and block these in-browser threats in real time. This deep, TTP-based inspection spots the trap even on novel pages that are built to bypass traditional web filters and blocklists.\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F665bf47e01544c75bf9ddafd3917927b",{"large":830},{"display":69,"flexDirection":70,"position":71,"flexShrink":72,"boxSizing":73,"fontFamily":345,"paddingTop":346,"marginTop":347},{"@type":51,"@version":52,"id":832,"meta":833,"component":834,"responsiveStyles":839},"builder-fb91943adf6149259ed9e1e6566c9afe",{"previousId":712},{"name":336,"options":835,"isRSC":66},{"darkMode":6,"maxWidth":326,"imageMaxWidth":338,"textPaddingTop":352,"title":836,"description":837,"reverse":6,"image":838},"\u003Ch2>Block the malicious action\u003C/h2>","\u003Cp>When Push detects a malicious script, it intercepts the user's action and blocks the code from being copied to the clipboard. The user is protected, the attack is stopped, and no malicious code ever reaches the endpoint. Unlike broad DLP tools, this action is surgical, targeting only malicious behavior without disrupting normal work.\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F5ee68f81f1ac416685cbfe91298cf827",{"large":840},{"display":69,"flexDirection":70,"position":71,"flexShrink":72,"boxSizing":73,"paddingTop":358},{"@type":51,"@version":52,"layerName":336,"id":842,"meta":843,"component":844,"responsiveStyles":849},"builder-bfac95fada864e5a8259b955b5b5f98b",{"previousId":722},{"name":336,"options":845,"isRSC":66},{"darkMode":6,"maxWidth":326,"imageMaxWidth":338,"textPaddingTop":363,"title":846,"description":847,"reverse":34,"image":848},"\u003Ch2>Accelerate ClickFix investigations\u003C/h2>","\u003Cp>When an attack happens, knowing what the user saw or did is critical. Push provides rich browser session data for rapid investigation and containment. Security teams get detailed telemetry on which users were targeted, what lure they were served, and when the block occurred. This enables defenders to reconstruct what happened and respond quickly, even when other tools miss the activity entirely.\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F6cdf2a8aeddc4e9a9023cbf974e40239",{"large":850},{"display":69,"flexDirection":70,"position":71,"flexShrink":72,"boxSizing":73,"paddingTop":369},{"@type":51,"@version":52,"id":852,"meta":853,"component":854,"responsiveStyles":856},"builder-136892e831684a6987f87d3be67c33d1",{"previousId":732},{"name":317,"options":855,"isRSC":66},{"darkMode":6},{"large":857},{"display":69,"flexDirection":70,"position":71,"flexShrink":72,"boxSizing":73},{"@type":51,"@version":52,"id":859,"component":860,"responsiveStyles":862},"builder-dec26b739f2f42beb5a73cfc6c675b60",{"name":379,"tag":379,"options":861,"isRSC":66},{"sectionHeading":29,"customClass":381},{"large":863},{"display":69,"flexDirection":70,"position":71,"flexShrink":72,"boxSizing":73},{"id":865,"@type":51,"tagName":79,"properties":866,"responsiveStyles":867},"builder-pixel-l8aqy3nmp2a",{"src":81,"aria-hidden":82,"alt":29,"role":83,"width":72,"height":72},{"large":868},{"height":72,"width":72,"display":86,"opacity":72,"overflow":87,"pointerEvents":88},{"deviceSize":90,"location":870},{"path":29,"query":871},{},{},1770892881888,1761847585203,"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F375467b8bef34ed1a8a1cc5b8b67d75f",[],{"lastPreviewUrl":878,"originalContentId":644,"winningTest":66,"hasLinks":6,"kind":401,"breakpoints":879,"hasAutosaves":6},"https://pushsecurity.com/uc/clickfix-protection?builder.space=f3a1111ff5be48cdbb123cd9f5795a05&builder.user.permissions=read%2Ccreate%2Cpublish%2CeditCode%2CeditDesigns%2CeditLayouts%2CeditLayers%2CeditContentPriority%2CeditFolders%2CeditProjects%2CmodifyMcpServers%2CmodifyWorkflowIntegrations%2CmodifyProjectSettings%2CconnectCodeRepository%2CcreateProjects%2CindexDesignSystems%2CsendPullRequests&builder.user.role.name=Developer&builder.user.role.id=developer&builder.cachebust=true&builder.preview=use-case-page&builder.noCache=true&builder.allowTextEdit=true&__builder_editing__=true&builder.overrides.use-case-page=ea4f309d2ffe46c5aa97ebf0fda4e2e3&builder.overrides.ea4f309d2ffe46c5aa97ebf0fda4e2e3=ea4f309d2ffe46c5aa97ebf0fda4e2e3&builder.overrides.use-case-page:/uc/clickfix-protection=ea4f309d2ffe46c5aa97ebf0fda4e2e3&builder.options.includeRefs=true&builder.options.enrich=true&builder.options.locale=Default",{"xsmall":31,"small":32,"medium":33},{"createdDate":881,"id":882,"name":883,"modelId":224,"published":13,"query":884,"data":887,"variations":992,"lastUpdated":993,"firstPublished":994,"testRatio":23,"screenshot":995,"createdBy":96,"lastUpdatedBy":637,"folders":996,"meta":997,"rev":403},1745009743870,"a9d5556e77f84a37b5bd52310a7110c1","Incident response",[885],{"@type":227,"property":228,"operator":229,"value":886},"/uc/incident-response",{"seoDescription":888,"customFonts":889,"title":883,"jsCode":29,"fontAwesomeIcon":894,"seoTitle":895,"tsCode":29,"blocks":896,"url":886,"state":989},"Investigate and respond faster with unique browser telemetry.",[890],{"kind":236,"subsets":891,"menu":259,"variants":892,"category":258,"family":235,"version":237,"lastModified":238,"files":893},[261,262],[264,265,266,267,268,269,76,270,271,272,273,274,275,276,277,278,279,280],{"100":240,"200":241,"300":242,"500":243,"600":244,"700":245,"800":246,"900":247,"900italic":249,"600italic":257,"200italic":254,"300italic":256,"100italic":251,"700italic":250,"800italic":248,"regular":253,"italic":252,"500italic":255},"faSatelliteDish","Browser based incident response",[897,984],{"@type":51,"@version":52,"tagName":286,"id":898,"meta":899,"children":900},"builder-653c4aed737b4def88dc4cd2d695660a",{"previousId":659},[901,918,925,932,941,951,961,971,978],{"@type":51,"@version":52,"id":902,"meta":903,"component":904,"responsiveStyles":916},"builder-18190bd36518467d9154d27d7e945b9b",{"previousId":663},{"name":290,"options":905,"isRSC":66},{"title":906,"description":907,"points":908,"video":915},"Browser-based incident response","\u003Cp>Push gives you real-time visibility into what actually happened during a breach, right in the browser where the attack played out. From credential theft to session hijacking, Push captures high-fidelity telemetry so you can investigate quickly, contain confidently, and shut it down before it spreads.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>",[909,911,913],{"item":910},"Reconstruct what happened with real browser session context",{"item":912},"Investigate faster with real-world session context",{"item":914},"Trigger response actions automatically through your SIEM or SOAR","https://cdn.builder.io/o/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fd00e39d3b6e346c296261d875cf55652%2Fcompressed?apiKey=f3a1111ff5be48cdbb123cd9f5795a05&token=d00e39d3b6e346c296261d875cf55652&alt=media&optimized=true",{"large":917},{"display":69,"flexDirection":70,"position":71,"flexShrink":72,"boxSizing":73,"backgroundColor":305},{"@type":51,"@version":52,"id":919,"meta":920,"component":921,"responsiveStyles":923},"builder-8a0a8ea63f5d48dd8a6726f2d49cf0ca",{"previousId":679},{"name":309,"options":922,"isRSC":66},{"AllPartners":34,"backgroundTransparent":6},{"large":924},{"display":69,"flexDirection":70,"position":71,"flexShrink":72,"boxSizing":73,"backgroundColor":313},{"@type":51,"@version":52,"id":926,"meta":927,"component":928,"responsiveStyles":930},"builder-2df65c3f54334df2b26e7cb744886cdc",{"previousId":686},{"name":317,"options":929,"isRSC":66},{"darkMode":34},{"large":931},{"display":69,"flexDirection":70,"position":71,"flexShrink":72,"boxSizing":73},{"@type":51,"@version":52,"id":933,"component":934,"responsiveStyles":939},"builder-2c32c869efc2423ab69ef06b150e9f97",{"name":322,"tag":322,"options":935,"isRSC":66},{"darkMode":6,"maxWidth":326,"maxTextWidth":327,"title":936,"description":937,"image":938,"reverse":6},"\u003Ch2>See attacks unfold, not just their aftermath\u003C/h2>","\u003Cp>Attacks happen in the browser, not in logs. Push captures what traditional tools miss: what users clicked, what loaded, what was entered, and how attackers moved. That gives you real-world evidence, not just assumptions, when every second matters.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>\u003Cbr>\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F36fc719bd1de4a38b916f4d25c81a26d",{"large":940},{"display":69,"flexDirection":70,"position":71,"flexShrink":72,"boxSizing":73},{"@type":51,"@version":52,"id":942,"meta":943,"component":944,"responsiveStyles":949},"builder-370e53c6016e432db01e9193a2ce90f6",{"previousId":702},{"name":336,"options":945,"isRSC":66},{"darkMode":6,"maxWidth":326,"imageMaxWidth":338,"textPaddingTop":339,"title":946,"description":947,"reverse":34,"image":948},"\u003Ch2>Investigate faster with high-fidelity data\u003C/h2>","\u003Cp>Reconstructing an incident shouldn’t feel like guesswork. Push records detailed telemetry from inside the browser: page loads, credential inputs, DOM changes, session activity, user behavior. It’s structured, exportable, and ready to plug into your investigation workflows, so you can move fast without digging through proxy logs or relying on user reports.\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fa6adda040e684e67a8d68a55c5ce5f6d",{"large":950},{"display":69,"flexDirection":70,"position":71,"flexShrink":72,"boxSizing":73,"fontFamily":345,"paddingTop":347,"marginTop":347},{"@type":51,"@version":52,"id":952,"meta":953,"component":954,"responsiveStyles":959},"builder-a7f3767a8d184bd08fb24520bf210e95",{"previousId":712},{"name":336,"options":955,"isRSC":66},{"darkMode":6,"maxWidth":326,"imageMaxWidth":338,"textPaddingTop":352,"title":956,"description":957,"reverse":6,"image":958},"\u003Ch2>Contain and respond in real time\u003C/h2>","\u003Cp>When something looks off, Push doesn’t just alert you, it gives you options. Guide users with in-browser prompts. Terminate sessions. Trigger SOAR workflows. Enrich SIEM alerts. Push gives you the context and control to stop spread before it starts.\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fb3dedeed5aba4847a2c2d22e10d0ec12",{"large":960},{"display":69,"flexDirection":70,"position":71,"flexShrink":72,"boxSizing":73,"paddingTop":358},{"@type":51,"@version":52,"layerName":336,"id":962,"meta":963,"component":964,"responsiveStyles":969},"builder-b92036ee0ece4b32acdbdcc7c377366b",{"previousId":722},{"name":336,"options":965,"isRSC":66},{"darkMode":6,"maxWidth":326,"imageMaxWidth":338,"textPaddingTop":363,"title":966,"description":967,"reverse":34,"image":968},"\u003Ch2>Prevent the next one\u003C/h2>","\u003Cp>Push helps you respond fast, but it also helps you fix what went wrong. It surfaces misconfigurations and risky behaviors that made the attack possible in the first place, then guides users in-browser to remediate. One tool. Full loop. No loose ends.\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fc1ecc2d5d3814b62b072fac01827ff96",{"large":970},{"display":69,"flexDirection":70,"position":71,"flexShrink":72,"boxSizing":73,"paddingTop":369},{"@type":51,"@version":52,"id":972,"meta":973,"component":974,"responsiveStyles":976},"builder-5e8ae39655274de89da32ab573a2525a",{"previousId":732},{"name":317,"options":975,"isRSC":66},{"darkMode":6},{"large":977},{"display":69,"flexDirection":70,"position":71,"flexShrink":72,"boxSizing":73},{"@type":51,"@version":52,"id":979,"component":980,"responsiveStyles":982},"builder-dfd6850cfb4741d2b8a0c16c2780f00a",{"name":379,"tag":379,"options":981,"isRSC":66},{"sectionHeading":29,"customClass":381},{"large":983},{"display":69,"flexDirection":70,"position":71,"flexShrink":72,"boxSizing":73},{"id":985,"@type":51,"tagName":79,"properties":986,"responsiveStyles":987},"builder-pixel-epe8qezphq4",{"src":81,"aria-hidden":82,"alt":29,"role":83,"width":72,"height":72},{"large":988},{"height":72,"width":72,"display":86,"opacity":72,"overflow":87,"pointerEvents":88},{"deviceSize":90,"location":990},{"path":29,"query":991},{},{},1770892908052,1745427419274,"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fb07017bfd318431690a5bb35bda35b99",[],{"kind":401,"breakpoints":998,"originalContentId":644,"winningTest":66,"lastPreviewUrl":999,"hasLinks":6,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},"https://pushsecurity.com/uc/incident-response?builder.space=f3a1111ff5be48cdbb123cd9f5795a05&builder.user.permissions=read%2Ccreate%2Cpublish%2CeditCode%2CeditDesigns%2CeditLayouts%2CeditLayers%2CeditContentPriority%2CeditFolders%2CeditProjects%2CmodifyMcpServers%2CmodifyWorkflowIntegrations%2CmodifyProjectSettings%2CconnectCodeRepository%2CcreateProjects%2CindexDesignSystems%2CsendPullRequests&builder.user.role.name=Developer&builder.user.role.id=developer&builder.cachebust=true&builder.preview=use-case-page&builder.noCache=true&builder.allowTextEdit=true&__builder_editing__=true&builder.overrides.use-case-page=a9d5556e77f84a37b5bd52310a7110c1&builder.overrides.a9d5556e77f84a37b5bd52310a7110c1=a9d5556e77f84a37b5bd52310a7110c1&builder.overrides.use-case-page:/uc/incident-response=a9d5556e77f84a37b5bd52310a7110c1&builder.options.includeRefs=true&builder.options.enrich=true&builder.options.locale=Default",{"createdDate":1001,"id":1002,"name":1003,"modelId":224,"published":13,"query":1004,"data":1007,"variations":1112,"lastUpdated":1113,"firstPublished":1114,"testRatio":23,"screenshot":1115,"createdBy":96,"lastUpdatedBy":637,"folders":1116,"meta":1117,"rev":403},1746122471259,"5f118e24433d46ceb79f5099987156d7","Shadow SaaS",[1005],{"@type":227,"property":228,"operator":229,"value":1006},"/uc/shadow-saas",{"seoTitle":1008,"seoDescription":1009,"customFonts":1010,"fontAwesomeIcon":1015,"title":1016,"jsCode":29,"tsCode":29,"blocks":1017,"url":1006,"state":1109},"Find and secure shadow SaaS","See and control shadow SaaS in the browser.",[1011],{"kind":236,"variants":1012,"files":1013,"family":235,"version":237,"subsets":1014,"lastModified":238,"category":258,"menu":259},[264,265,266,267,268,269,76,270,271,272,273,274,275,276,277,278,279,280],{"100":240,"200":241,"300":242,"500":243,"600":244,"700":245,"800":246,"900":247,"300italic":256,"500italic":255,"regular":253,"900italic":249,"italic":252,"100italic":251,"200italic":254,"600italic":257,"700italic":250,"800italic":248},[261,262],"faShieldCheck","Secure shadow SaaS",[1018,1104],{"@type":51,"@version":52,"tagName":286,"id":1019,"meta":1020,"children":1021},"builder-04da805c4cd34652a2db452fcda52e1d",{"previousId":898},[1022,1038,1045,1052,1061,1071,1081,1091,1098],{"@type":51,"@version":52,"id":1023,"meta":1024,"component":1025,"responsiveStyles":1036},"builder-830d414faeaf41439142f9157e8288c8",{"previousId":902},{"name":290,"options":1026,"isRSC":66},{"title":1008,"description":1027,"points":1028,"video":1035},"\u003Cp>SaaS sprawl is one of today’s fastest-growing security blind spots because most tools monitor around the edges. Push sees it at the source, in the browser, revealing every app users access, flagging risky tools, and helping you shut down exposure before it leads to a breach. No guesswork. No nasty surprises. Just real-time visibility and control.\u003C/p>",[1029,1031,1033],{"item":1030},"Discover every SaaS app users access, managed or not",{"item":1032},"Spot accounts with weak security postures like missing MFA, unmanaged access, and no SSO",{"item":1034},"Control usage with in-browser prompts, blocks, and security guardrails","https://cdn.builder.io/o/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F3e4eece318d04d6586e691d59d0741cf%2Fcompressed?apiKey=f3a1111ff5be48cdbb123cd9f5795a05&token=3e4eece318d04d6586e691d59d0741cf&alt=media&optimized=true",{"large":1037},{"display":69,"flexDirection":70,"position":71,"flexShrink":72,"boxSizing":73,"backgroundColor":305},{"@type":51,"@version":52,"id":1039,"meta":1040,"component":1041,"responsiveStyles":1043},"builder-cd7833f966cb4c7e8adf0d6c979414a6",{"previousId":919},{"name":309,"options":1042,"isRSC":66},{"AllPartners":34,"backgroundTransparent":6},{"large":1044},{"display":69,"flexDirection":70,"position":71,"flexShrink":72,"boxSizing":73,"backgroundColor":313},{"@type":51,"@version":52,"id":1046,"meta":1047,"component":1048,"responsiveStyles":1050},"builder-49d720b45430454e8b08c526f267c19f",{"previousId":926},{"name":317,"options":1049,"isRSC":66},{"darkMode":34},{"large":1051},{"display":69,"flexDirection":70,"position":71,"flexShrink":72,"boxSizing":73},{"@type":51,"@version":52,"id":1053,"component":1054,"responsiveStyles":1059},"builder-3dde0bf6c8544e5e9ab41b18a9d68034",{"name":322,"tag":322,"options":1055,"isRSC":66},{"darkMode":6,"maxWidth":326,"maxTextWidth":327,"title":1056,"description":1057,"image":1058,"reverse":6},"\u003Ch2>Use your browser to curb Saas Sprawl\u003C/h2>","\u003Cp>Shadow SaaS isn’t hiding in your network, it’s in your browser. From AI tools to unsanctioned file-sharing sites, security risks live in the apps your users sign into every day. Push maps your organization's true SaaS footprint in real time, exposing apps and accounts with unmanaged access, poor authentication, or no security oversight.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>\u003Cbr>\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fb6811a214c7949b6bbe0b9a3bca62efd",{"large":1060},{"display":69,"flexDirection":70,"position":71,"flexShrink":72,"boxSizing":73},{"@type":51,"@version":52,"id":1062,"meta":1063,"component":1064,"responsiveStyles":1069},"builder-e2420451ccdc4f088d0a4904cff45935",{"previousId":942},{"name":336,"options":1065,"isRSC":66},{"darkMode":6,"maxWidth":326,"imageMaxWidth":338,"textPaddingTop":339,"title":1066,"description":1067,"reverse":34,"image":1068},"\u003Ch2>Discover hidden SaaS usage\u003C/h2>","\u003Cp>Push captures live browser telemetry across every tab and session. Whether a user signs into a sanctioned app with a personal account or tries a new AI plugin, you’ll see it in real time, with no integrations or manual tagging.\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fe16e301f9af94665b95d98232a863d8a",{"large":1070},{"display":69,"flexDirection":70,"position":71,"flexShrink":72,"boxSizing":73,"fontFamily":345,"paddingTop":347,"marginTop":347},{"@type":51,"@version":52,"id":1072,"meta":1073,"component":1074,"responsiveStyles":1079},"builder-b36de7fce7994beea9e58d94662e7166",{"previousId":952},{"name":336,"options":1075,"isRSC":66},{"darkMode":6,"maxWidth":326,"imageMaxWidth":338,"textPaddingTop":352,"title":1076,"description":1077,"reverse":6,"image":1078},"\u003Ch2>Spot risky access and unsafe usage\u003C/h2>","\u003Cp>Discovery is just the beginning. Push flags apps with risky traits, no MFA, no SSO, known vulnerabilities, or broad access scopes. You’ll know which tools introduce real risk, and which users are exposed so you can act with precision.\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F6585f3c242da4d70ae3cb7d02f481bef",{"large":1080},{"display":69,"flexDirection":70,"position":71,"flexShrink":72,"boxSizing":73,"paddingTop":358},{"@type":51,"@version":52,"layerName":336,"id":1082,"meta":1083,"component":1084,"responsiveStyles":1089},"builder-dc366b5134684fe7a508edf8913103ea",{"previousId":962},{"name":336,"options":1085,"isRSC":66},{"darkMode":6,"maxWidth":326,"imageMaxWidth":338,"textPaddingTop":363,"title":1086,"description":1087,"reverse":34,"image":1088},"\u003Ch2>Close gaps before they grow\u003C/h2>","\u003Cp>Push turns insight into action. When risky SaaS use is detected, guide users to enable MFA, block high-risk apps, or apply in-browser guardrails automatically. All without deploying new infrastructure or managing dozens of integrations.\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Fe6d60b6d91414819bc6258a318f00557",{"large":1090},{"display":69,"flexDirection":70,"position":71,"flexShrink":72,"boxSizing":73,"paddingTop":369},{"@type":51,"@version":52,"id":1092,"meta":1093,"component":1094,"responsiveStyles":1096},"builder-8708f6f0d8da4b3f9e17bf16cda70219",{"previousId":972},{"name":317,"options":1095,"isRSC":66},{"darkMode":6},{"large":1097},{"display":69,"flexDirection":70,"position":71,"flexShrink":72,"boxSizing":73},{"@type":51,"@version":52,"id":1099,"component":1100,"responsiveStyles":1102},"builder-8ff4b38d60534cf28cb523ab0f754875",{"name":379,"tag":379,"options":1101,"isRSC":66},{"sectionHeading":29,"customClass":381},{"large":1103},{"display":69,"flexDirection":70,"position":71,"flexShrink":72,"boxSizing":73},{"id":1105,"@type":51,"tagName":79,"properties":1106,"responsiveStyles":1107},"builder-pixel-c21tljh84k7",{"src":81,"aria-hidden":82,"alt":29,"role":83,"width":72,"height":72},{"large":1108},{"height":72,"width":72,"display":86,"opacity":72,"overflow":87,"pointerEvents":88},{"deviceSize":90,"location":1110},{"path":29,"query":1111},{},{},1770892936802,1746714967208,"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F01bfb2304521412fbd2e1a1180904d40",[],{"originalContentId":882,"winningTest":66,"lastPreviewUrl":1118,"breakpoints":1119,"kind":401,"hasLinks":6,"hasAutosaves":6},"https://pushsecurity.com/uc/shadow-saas?builder.space=f3a1111ff5be48cdbb123cd9f5795a05&builder.user.permissions=read%2Ccreate%2Cpublish%2CeditCode%2CeditDesigns%2CeditLayouts%2CeditLayers%2CeditContentPriority%2CeditFolders%2CeditProjects%2CmodifyMcpServers%2CmodifyWorkflowIntegrations%2CmodifyProjectSettings%2CconnectCodeRepository%2CcreateProjects%2CindexDesignSystems%2CsendPullRequests&builder.user.role.name=Developer&builder.user.role.id=developer&builder.cachebust=true&builder.preview=use-case-page&builder.noCache=true&builder.allowTextEdit=true&__builder_editing__=true&builder.overrides.use-case-page=5f118e24433d46ceb79f5099987156d7&builder.overrides.5f118e24433d46ceb79f5099987156d7=5f118e24433d46ceb79f5099987156d7&builder.overrides.use-case-page:/uc/shadow-saas=5f118e24433d46ceb79f5099987156d7&builder.options.includeRefs=true&builder.options.enrich=true&builder.options.locale=Default",{"xsmall":31,"small":32,"medium":33},{"createdDate":1121,"id":1122,"name":1123,"modelId":224,"published":13,"stageModifiedSincePublish":6,"query":1124,"data":1127,"variations":1233,"lastUpdated":1234,"firstPublished":1235,"testRatio":23,"screenshot":1236,"createdBy":96,"lastUpdatedBy":396,"folders":1237,"meta":1238,"rev":403},1764707470172,"b62629ce2f3741158d961cd10fe74b31","Shadow AI",[1125],{"@type":227,"property":228,"operator":229,"value":1126},"/uc/shadow-ai",{"seoTitle":1128,"fontAwesomeIcon":1129,"title":1130,"seoDescription":1131,"customFonts":1132,"tsCode":29,"jsCode":29,"blocks":1137,"url":1126,"state":1230},"Secure AI native and AI enhanced apps. ","faBrainCircuit","Secure AI","See and control AI apps in the browser.",[1133],{"version":237,"files":1134,"kind":236,"family":235,"lastModified":238,"category":258,"variants":1135,"subsets":1136,"menu":259},{"100":240,"200":241,"300":242,"500":243,"600":244,"700":245,"800":246,"900":247,"700italic":250,"100italic":251,"600italic":257,"italic":252,"300italic":256,"200italic":254,"500italic":255,"800italic":248,"900italic":249,"regular":253},[264,265,266,267,268,269,76,270,271,272,273,274,275,276,277,278,279,280],[261,262],[1138,1225],{"@type":51,"@version":52,"tagName":286,"id":1139,"meta":1140,"children":1141},"builder-a6e5717a2c914d5695058e4ee201a05d",{"previousId":1019},[1142,1158,1165,1172,1182,1192,1202,1212,1219],{"@type":51,"@version":52,"id":1143,"meta":1144,"component":1145,"responsiveStyles":1156},"builder-3e0ed678683f4a0eb7aa00253cf263b2",{"previousId":1023},{"name":290,"options":1146,"isRSC":66},{"title":1130,"description":1147,"points":1148,"image":1155},"\u003Cp>Every AI interaction traverses the browser. Employees use GenAI tools, connect AI apps to corporate accounts, and run agentic workflows, often outside security oversight. Push gives security teams the visibility to see what AI is doing across their environment and the controls to intervene before sensitive data leaves or access gets abused.\u003C/p>",[1149,1151,1153],{"item":1150},"Discover every AI tool and agent active across your workforce",{"item":1152},"Detect sensitive data being submitted to AI apps",{"item":1154},"Enforce AI policy directly in the browser","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F33cf153d920f4e389f3650253577cff7",{"large":1157},{"display":69,"flexDirection":70,"position":71,"flexShrink":72,"boxSizing":73,"backgroundColor":305},{"@type":51,"@version":52,"id":1159,"meta":1160,"component":1161,"responsiveStyles":1163},"builder-76968f8471d14893b8189d75b08fb426",{"previousId":1039},{"name":309,"options":1162,"isRSC":66},{"AllPartners":34,"backgroundTransparent":6},{"large":1164},{"display":69,"flexDirection":70,"position":71,"flexShrink":72,"boxSizing":73,"backgroundColor":313},{"@type":51,"@version":52,"id":1166,"meta":1167,"component":1168,"responsiveStyles":1170},"builder-b55b9d4bc5a649d8839ce7f6c2043d95",{"previousId":1046},{"name":317,"options":1169,"isRSC":66},{"darkMode":34},{"large":1171},{"display":69,"flexDirection":70,"position":71,"flexShrink":72,"boxSizing":73},{"@type":51,"@version":52,"id":1173,"meta":1174,"component":1175,"responsiveStyles":1180},"builder-c3f38ef4d75d4989a29b5903175ed8a1",{"previousId":1053},{"name":322,"tag":322,"options":1176,"isRSC":66},{"darkMode":6,"maxWidth":326,"maxTextWidth":327,"title":1177,"description":1178,"image":1179,"reverse":6},"\u003Ch2>The browser is where AI lives\u003C/h2>","\u003Cp>AI activity doesn't happen at the network layer or the endpoint. It happens in the browser, where employees interact with AI tools, where agents execute tasks, and where sensitive data gets submitted to external services. Push captures live telemetry from inside the browser session, identifying every AI-native and AI-enhanced application in use. \u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F30b43bda6f1644c19478fb1efa20050c",{"large":1181},{"display":69,"flexDirection":70,"position":71,"flexShrink":72,"boxSizing":73},{"@type":51,"@version":52,"id":1183,"meta":1184,"component":1185,"responsiveStyles":1190},"builder-90ee9cb9afc44e7f885523715bf51a53",{"previousId":1062},{"name":336,"options":1186,"isRSC":66},{"darkMode":6,"maxWidth":326,"imageMaxWidth":338,"textPaddingTop":339,"title":1187,"description":1188,"reverse":34,"image":1189},"\u003Ch2>Discover every AI tool users touch\u003C/h2>","\u003Cp>Most organisations are using far more AI than they've approved. Push identifies every AI-native and AI-enhanced application accessed across the workforce, which corporate identities are connected, and what new tools appear in the environment. Applications are categorized by risk and policy status so security teams can prioritize exposure before it becomes an incident.\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F636e65ad0c4c43faa3e626c41e90d8a3",{"large":1191},{"display":69,"flexDirection":70,"position":71,"flexShrink":72,"boxSizing":73,"fontFamily":345,"paddingTop":347,"marginTop":347},{"@type":51,"@version":52,"id":1193,"meta":1194,"component":1195,"responsiveStyles":1200},"builder-9e44539fa53c4d8e87406036c921fc46",{"previousId":1072},{"name":336,"options":1196,"isRSC":66},{"darkMode":6,"maxWidth":326,"imageMaxWidth":338,"textPaddingTop":352,"title":1197,"description":1198,"reverse":6,"image":1199},"\u003Ch2>Prevent sensitive data from reaching the wrong AI tools\u003C/h2>","\u003Cp>Employees paste credentials, customer data, and internal documents into AI tools without realizing the risk. Push detects sensitive data interactions in the browser in real time, including file uploads, clipboard activity, and form submissions to unsanctioned or high-risk AI applications. Controls can be applied to warn users, require policy acknowledgment, or block the interaction entirely.\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F011332d42dab4a299f25ab3847741ed9",{"large":1201},{"display":69,"flexDirection":70,"position":71,"flexShrink":72,"boxSizing":73,"paddingTop":358},{"@type":51,"@version":52,"layerName":336,"id":1203,"meta":1204,"component":1205,"responsiveStyles":1210},"builder-44c1a891926f4bdeaaa37e90721fe6ac",{"previousId":1082},{"name":336,"options":1206,"isRSC":66},{"darkMode":6,"maxWidth":326,"imageMaxWidth":338,"textPaddingTop":363,"title":1207,"description":1208,"reverse":34,"image":1209},"\u003Ch2>Govern agentic AI permissions and activity\u003C/h2>","\u003Cp>AI agents operating in the browser can access applications, execute actions, and handle data on behalf of users, often with permissions that were never explicitly reviewed. Push surfaces agentic permissions and data flows so security teams can see what agents are doing, where they have access, and apply controls before that access is exploited or abused.\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F71549a73d0b84f1c8cb151c05e493e8d",{"large":1211},{"display":69,"flexDirection":70,"position":71,"flexShrink":72,"boxSizing":73,"paddingTop":369},{"@type":51,"@version":52,"id":1213,"meta":1214,"component":1215,"responsiveStyles":1217},"builder-dcc906f9cbe54dc68b3c672668e7a38f",{"previousId":1092},{"name":317,"options":1216,"isRSC":66},{"darkMode":6},{"large":1218},{"display":69,"flexDirection":70,"position":71,"flexShrink":72,"boxSizing":73},{"@type":51,"@version":52,"id":1220,"component":1221,"responsiveStyles":1223},"builder-d2d64780c31b4349bc75805b23a07e38",{"name":379,"tag":379,"options":1222,"isRSC":66},{"sectionHeading":29,"customClass":381},{"large":1224},{"display":69,"flexDirection":70,"position":71,"flexShrink":72,"boxSizing":73},{"id":1226,"@type":51,"tagName":79,"properties":1227,"responsiveStyles":1228},"builder-pixel-0jz5ul6fu54",{"src":81,"aria-hidden":82,"alt":29,"role":83,"width":72,"height":72},{"large":1229},{"height":72,"width":72,"display":86,"opacity":72,"overflow":87,"pointerEvents":88},{"deviceSize":90,"location":1231},{"path":29,"query":1232},{},{},1778073860450,1764950077593,"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F9b4d5666fc9e495a9a8de4258975cd9f",[],{"lastPreviewUrl":1239,"hasLinks":6,"originalContentId":1002,"winningTest":66,"breakpoints":1240,"kind":401,"hasAutosaves":6},"https://pushsecurity.com/uc/shadow-ai?builder.space=f3a1111ff5be48cdbb123cd9f5795a05&builder.user.permissions=read%2Ccreate%2Cpublish%2CeditDesigns%2CeditLayouts%2CeditLayers%2CeditContentPriority%2CeditFolders%2CcreateProjects%2CsendPullRequests&builder.user.role.name=Designer&builder.user.role.id=creator&builder.cachebust=true&builder.preview=use-case-page&builder.noCache=true&builder.allowTextEdit=true&__builder_editing__=true&builder.overrides.use-case-page=b62629ce2f3741158d961cd10fe74b31&builder.overrides.b62629ce2f3741158d961cd10fe74b31=b62629ce2f3741158d961cd10fe74b31&builder.overrides.use-case-page:/uc/shadow-ai=b62629ce2f3741158d961cd10fe74b31&builder.options.locale=Default",{"xsmall":31,"small":32,"medium":33},{"w":1242,"h":1243,"d":1244},448,512,"M280.4 48c-3.2 0-6.3 .5-9.3 1.4L206.6 69.2C136.1 90.9 88 156.1 88 229.8l0 42.9c22.7 3.8 40 23.6 40 47.3l0 144c0 26.5-21.5 48-48 48l-32 0c-26.5 0-48-21.5-48-48L0 320c0-23.8 17.3-43.5 40-47.3l0-42.9C40 135 101.8 51.2 192.5 23.4L256.9 3.5c7.6-2.3 15.5-3.5 23.4-3.5 44 0 79.6 35.7 79.6 79.6l0 56.4c0 13.3-10.7 24-24 24s-24-10.7-24-24l0-56.4C312 62.2 297.8 48 280.4 48zM48 320l0 144 32 0 0-144-32 0zm208 24c0-71.6 55.6-127.8 89-148.1 4.3-2.6 9.6-2.6 14 0 33.5 20.3 89 76.6 89 148.1 0 32-16 80-64 112l27.3 27.3c3 3 4.7 7.1 4.7 11.3l0 1.4c0 8.8-7.2 16-16 16l-96 0c-8.8 0-16-7.2-16-16l0-1.4c0-4.2 1.7-8.3 4.7-11.3L320 456c-48-32-64-80-64-112zm128-32a24 24 0 1 0 -48 0 24 24 0 1 0 48 0z",{"w":1243,"h":1243,"d":1246},"M201.1 57.3c-7 5.3-9.1 10.7-9.1 14.7 0 4.2 2.4 10.1 10.4 15.6 7.8 5.3 13.6 14.6 13.6 25.6 0 17-13.8 30.7-30.7 30.7L56 144c-4.4 0-8 3.6-8 8l0 52.5c7.4-2.9 15.5-4.5 24-4.5 43.1 0 72 39.4 72 80s-28.9 80-72 80c-8.5 0-16.6-1.6-24-4.5L48 456c0 4.4 3.6 8 8 8l100.5 0c-2.9-7.4-4.5-15.5-4.5-24 0-43.1 39.4-72 80-72s80 28.9 80 72c0 8.5-1.6 16.6-4.5 24l52.5 0c4.4 0 8-3.6 8-8l0-129.3c0-17 13.8-30.7 30.7-30.7 11.1 0 20.3 5.8 25.6 13.6 5.5 8 11.4 10.4 15.6 10.4 4 0 9.5-2.1 14.7-9.1s9.3-17.9 9.3-30.9-4-23.8-9.3-30.9-10.7-9.1-14.7-9.1c-4.2 0-10.1 2.4-15.6 10.4-5.3 7.8-14.6 13.6-25.6 13.6-17 0-30.7-13.8-30.7-30.7l0-81.3c0-4.4-3.6-8-8-8l-81.3 0c-17 0-30.7-13.8-30.7-30.7 0-11.1 5.8-20.3 13.6-25.6 8-5.5 10.4-11.4 10.4-15.6 0-4-2.1-9.5-9.1-14.7S245 48 232 48 208.2 52 201.1 57.3zM172.3 18.9C188.5 6.8 209.6 0 232 0S275.5 6.8 291.7 18.9 320 49.5 320 72c0 8.6-1.8 16.7-4.9 24L360 96c30.9 0 56 25.1 56 56l0 44.9c7.3-3.1 15.4-4.9 24-4.9 22.5 0 41 12.2 53.1 28.3s18.9 37.3 18.9 59.7-6.8 43.5-18.9 59.7-30.6 28.3-53.1 28.3c-8.6 0-16.7-1.8-24-4.9l0 92.9c0 30.9-25.1 56-56 56l-78.1 0c-18.7 0-33.9-15.2-33.9-33.9 0-10.1 4.5-18.5 9.9-24.2 4.2-4.3 6.1-9.2 6.1-13.9 0-9.9-10.7-24-32-24s-32 14.1-32 24c0 4.7 1.9 9.5 6.1 13.9 5.5 5.7 9.9 14.1 9.9 24.2 0 18.7-15.2 33.9-33.9 33.9L56 512c-30.9 0-56-25.1-56-56L0 329.9c0-18.7 15.2-33.9 33.9-33.9 10.1 0 18.5 4.5 24.2 9.9 4.3 4.2 9.2 6.1 13.9 6.1 9.9 0 24-10.7 24-32s-14.1-32-24-32c-4.7 0-9.5 1.9-13.9 6.1-5.7 5.5-14.1 9.9-24.2 9.9-18.7 0-33.9-15.2-33.9-33.9L0 152c0-30.9 25.1-56 56-56l92.9 0c-3.1-7.3-4.9-15.4-4.9-24 0-22.5 12.2-41 28.3-53.1z",{"w":1242,"h":1243,"d":1248},"M102.7 96c10.4-53.7 31.9-112 68.3-112 9.6 0 19 3.9 27.5 8.2 8.2 4.1 18.4 7.8 25.5 7.8s17.3-3.7 25.5-7.8c8.5-4.3 17.9-8.2 27.5-8.2 36.4 0 57.8 58.3 68.3 112L376 96c13.3 0 24 10.7 24 24s-10.7 24-24 24l-24 0 0 32c0 17-3.3 33.2-9.3 48l33.3 0c8.1 0 15.6 4 20 10.8s5.2 15.2 2.1 22.6l-31.5 74.2c48.9 31.2 81.4 86 81.4 148.5l0 8c0 13.3-10.7 24-24 24s-24-10.7-24-24l0-8c0-51.4-30.3-95.8-74.1-116.1-11.7-5.5-17-19.2-12-31.2l25.8-60.7-27.7 0c-1.1 0-2.1-.1-3.1-.2-22.6 20-52.3 32.2-84.9 32.2s-62.3-12.2-84.9-32.2c-1 .1-2.1 .2-3.1 .2l-27.7 0 25.8 60.7c5.1 11.9-.2 25.7-12 31.2-43.8 20.4-74.1 64.7-74.1 116.1l0 8c0 13.3-10.7 24-24 24S0 501.3 0 488l0-8c0-62.4 32.5-117.2 81.4-148.5L49.9 257.4c-3.2-7.4-2.4-15.9 2.1-22.6S63.9 224 72 224l33.3 0c-6-14.8-9.3-31-9.3-48l0-32-24 0c-13.3 0-24-10.7-24-24S58.7 96 72 96l30.7 0zm45.9 107c11.1 30.9 40.6 53 75.3 53s64.2-22.1 75.3-53c-5.7 3.2-12.3 5-19.3 5l-12.4 0c-16.5 0-31.1-10.6-36.3-26.2-2.3-7-12.2-7-14.5 0-5.2 15.6-19.9 26.2-36.3 26.2L168 208c-7 0-13.6-1.8-19.3-5zm44.8 133l61 0c9.7 0 17.5 7.8 17.5 17.5 0 4.2-1.5 8.2-4.2 11.4l-27.9 32.5 28.9 82.6c5.5 15.6-6.1 31.9-22.7 31.9l-44.3 0c-16.5 0-28.1-16.3-22.7-31.9l28.9-82.6-27.9-32.5c-2.7-3.2-4.2-7.2-4.2-11.4 0-9.7 7.8-17.5 17.5-17.5z",{"w":1243,"h":1243,"d":1250},"M304.8 173.3c-14.3-8.4-31-13.3-48.8-13.3-53 0-96 43-96 96s43 96 96 96 96-43 96-96l48 0c0 79.5-64.5 144-144 144s-144-64.5-144-144 64.5-144 144-144c31.1 0 59.9 9.9 83.4 26.6l45.7-45.7C349.7 64.8 304.8 48 256 48 141.1 48 48 141.1 48 256s93.1 208 208 208 208-93.1 208-208l48 0c0 141.4-114.6 256-256 256S0 397.4 0 256 114.6 0 256 0c62.1 0 118.9 22.1 163.3 58.8L463 15c9.4-9.4 24.6-9.4 33.9 0s9.4 24.6 0 33.9L273 273c-9.4 9.4-24.6 9.4-33.9 0s-9.4-24.6 0-33.9l65.7-65.7z",{"w":32,"h":1243,"d":1252},"M128 80l384 0c8.8 0 16 7.2 16 16l0 208 48 0 0-208c0-35.3-28.7-64-64-64L128 32C92.7 32 64 60.7 64 96l0 208 48 0 0-208c0-8.8 7.2-16 16-16zM52.8 400l534.4 0c-8.5 18.9-27.5 32-49.6 32l-435.2 0c-22.1 0-41.1-13.1-49.6-32zM25.6 352C11.5 352 0 363.5 0 377.6 0 434.2 45.8 480 102.4 480l435.2 0c56.6 0 102.4-45.8 102.4-102.4 0-14.1-11.5-25.6-25.6-25.6L25.6 352zM281 169c9.4-9.4 9.4-24.6 0-33.9s-24.6-9.4-33.9 0l-48 48c-9.4 9.4-9.4 24.6 0 33.9l48 48c9.4 9.4 24.6 9.4 33.9 0s9.4-24.6 0-33.9l-31-31 31-31zM393 135c-9.4-9.4-24.6-9.4-33.9 0s-9.4 24.6 0 33.9l31 31-31 31c-9.4 9.4-9.4 24.6 0 33.9s24.6 9.4 33.9 0l48-48c9.4-9.4 9.4-24.6 0-33.9l-48-48z",{"w":1243,"h":1243,"d":1254},"M232 0c-13.3 0-24 10.7-24 24s10.7 24 24 24c128.1 0 232 103.9 232 232 0 13.3 10.7 24 24 24s24-10.7 24-24C512 125.4 386.6 0 232 0zM48 256c0-23 3.7-45 10.5-65.6l263 263C301 460.3 279 464 256 464 141.1 464 48 370.9 48 256zM72.8 136.8c-14.1-14.1-37.6-12-46.5 5.8-16.9 34.2-26.4 72.6-26.4 113.3 0 141.4 114.6 256 256 256 40.7 0 79.2-9.5 113.3-26.4 17.9-8.8 19.9-32.4 5.8-46.5L241 305 281 265c9.4-9.4 9.4-24.6 0-33.9s-24.6-9.4-33.9 0L207 271 72.8 136.8zM208 120c0 13.3 10.7 24 24 24 75.1 0 136 60.9 136 136 0 13.3 10.7 24 24 24s24-10.7 24-24c0-101.6-82.4-184-184-184-13.3 0-24 10.7-24 24z",{"w":1243,"h":1243,"d":1256},"M256.1 0c4.6 0 9.2 1 13.3 2.9L457.8 82.8c22 9.3 38.4 31 38.3 57.2-.5 99.2-41.3 280.7-213.6 363.2-16.7 8-36.1 8-52.8 0-172.4-82.5-213.2-263.9-213.7-363.2-.1-26.2 16.3-47.9 38.3-57.2L242.7 2.9C246.8 1 251.4 0 256.1 0zM73.1 127c-5.9 2.5-9.1 7.7-9 12.7 .5 91.4 38.4 249.3 186.4 320.1 3.6 1.7 7.8 1.7 11.3 0 148-70.8 185.9-228.7 186.3-320.1 0-5-3.1-10.2-9-12.7l-183-77.6-183 77.6zm240.3 34.9c7.8-10.7 22.8-13.1 33.5-5.3 10.7 7.8 13.1 22.8 5.3 33.5L249.8 330.9c-4.2 5.7-10.7 9.3-17.8 9.8s-14-2.2-18.9-7.3l-46.4-48c-9.2-9.5-9-24.7 .6-33.9 9.5-9.2 24.7-8.9 33.9 .6l26.5 27.4 85.6-117.7z",{"w":1243,"h":1243,"d":1258},"M123 58.1c9.5-33.5 40.4-58.1 77-58.1 21.8 0 41.6 8.7 56 22.9 14.4-14.1 34.2-22.9 56-22.9 36.6 0 67.4 24.6 77 58.1 47.4 9.7 83 51.6 83 101.9 0 11.3-1.8 22.2-5.1 32.3 22.7 19.1 37.1 47.7 37.1 79.7 0 23.7-8 45.6-21.3 63.1 3.5 10.4 5.3 21.4 5.3 32.9 0 54-41.2 98.5-93.9 103.5-15.6 24.3-42.9 40.5-74.1 40.5-25.2 0-48-10.6-64-27.6-16 17-38.8 27.6-64 27.6-31.1 0-58.4-16.2-74.1-40.5-52.7-5.1-93.9-49.5-93.9-103.5 0-11.5 1.9-22.5 5.3-32.9-13.4-17.5-21.3-39.4-21.3-63.1 0-32 14.5-60.6 37.1-79.7-3.3-10.2-5.1-21.1-5.1-32.3 0-50.3 35.6-92.2 83-101.9zM200 48c-17.7 0-32 14.3-32 32 0 13.3-10.7 24-24 24-30.9 0-56 25.1-56 56 0 10.5 2.9 20.3 7.9 28.6 3.4 5.7 4.3 12.5 2.5 18.9s-6.2 11.7-12 14.7c-18 9.3-30.3 28.1-30.3 49.8 0 16.1 6.8 30.7 17.8 40.9 7.9 7.4 9.9 19.2 4.8 28.8-4.2 7.8-6.5 16.7-6.5 26.3 0 30.9 25.1 56 56 56 1.1 0 2.2 0 3.2-.1 10.3-.6 19.8 5.5 23.6 15 5.9 14.7 20.4 25.1 37.1 25.1 20.4 0 37.2-15.3 39.7-35 .1-.6 .2-1.3 .3-1.9l0-135.1-40 0c-6.6 0-12 5.4-12 12l0 4.4c16.5 7.6 28 24.3 28 43.6 0 26.5-21.5 48-48 48s-48-21.5-48-48c0-19.4 11.5-36.1 28-43.6l0-4.4c0-28.7 23.3-52 52-52l40 0 0-56-12.4 0c-7.6 16.5-24.3 28-43.6 28-26.5 0-48-21.5-48-48s21.5-48 48-48c19.4 0 36.1 11.5 43.6 28l12.4 0 0-76c0-17.7-14.3-32-32-32zm80 148l0 152 40 0c6.6 0 12-5.4 12-12l0-4.4c-16.5-7.6-28-24.3-28-43.6 0-26.5 21.5-48 48-48s48 21.5 48 48c0 19.4-11.5 36.1-28 43.6l0 4.4c0 28.7-23.3 52-52 52l-40 0 0 39.1c.1 .6 .2 1.2 .3 1.9 2.5 19.7 19.3 35 39.7 35 16.8 0 31.2-10.3 37.1-25.1 3.8-9.6 13.3-15.6 23.6-15 1.1 .1 2.2 .1 3.2 .1 30.9 0 56-25.1 56-56 0-9.5-2.4-18.5-6.5-26.3-5.1-9.6-3.1-21.4 4.8-28.8 11-10.2 17.8-24.8 17.8-40.9 0-21.6-12.2-40.4-30.3-49.8-5.9-3-10.2-8.4-12-14.7s-.9-13.2 2.5-18.9c5-8.4 7.9-18.1 7.9-28.6 0-30.9-25.1-56-56-56-13.3 0-24-10.7-24-24 0-17.7-14.3-32-32-32s-32 14.3-32 32l0 76 12.4 0c7.6-16.5 24.3-28 43.6-28 26.5 0 48 21.5 48 48s-21.5 48-48 48c-19.4 0-36.1-11.5-43.6-28L280 196zm56-36a16 16 0 1 0 0 32 16 16 0 1 0 0-32zm0 128a16 16 0 1 0 32 0 16 16 0 1 0 -32 0zM144 352a16 16 0 1 0 32 0 16 16 0 1 0 -32 0zm16-176a16 16 0 1 0 32 0 16 16 0 1 0 -32 0z",{"createdDate":1260,"id":1261,"name":1262,"modelId":1263,"published":13,"stageModifiedSincePublish":6,"query":1264,"data":1267,"variations":1305,"lastUpdated":1306,"firstPublished":1307,"testRatio":23,"screenshot":1308,"createdBy":1309,"lastUpdatedBy":637,"folders":1310,"meta":1311,"rev":1315},1745016416170,"a3bb1ec62ef34682a686618d761f37f4","PR20241119 New Security Alert: Cross IDP Impersonation ","f4b8a13df871497bb5e61c4707cfc5e5",[1265],{"@type":227,"property":228,"operator":229,"value":1266},"/news/push-security-new-security-alert-cross-idp-impersonation",{"ogImage":1268,"seoDescription":1269,"seoTitle":1269,"image":1268,"themeId":6,"title":1270,"date":1271,"blocks":1272,"url":1266,"state":1299},"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F9741878f0ea747c38ae9fbbc949003c8","New Security Alert: Cross-IdP Impersonation ","New Security Alert from Push Security: Cross-IDP Impersonation Threatens SSO Security to Gain Unauthorized Access to Downstream Apps","Tue Nov 19 2024 00:00:00 GMT-0800 (Pacific Standard Time)",[1273,1285,1294],{"@type":51,"@version":52,"id":1274,"meta":1275,"component":1277,"responsiveStyles":1281},"builder-a5c13d9a57534405bd0a7d38f2d14a88",{"previousId":1276},"builder-1d2bfddaed9a4fb6840f3df35157e3b2",{"name":1278,"options":1279,"isRSC":66},"Text",{"text":1280},"\u003Cp>\u003Cem style=\"font-size: 16px;\">Push adds Cross-IdP impersonation to the SaaS attack matrix, enabling fraudulent IdP accounts to be used\u003C/em>\u003C/p>",{"large":1282},{"display":69,"flexDirection":70,"position":71,"flexShrink":72,"boxSizing":73,"lineHeight":1283,"height":1284},"normal","auto",{"@type":51,"@version":52,"id":1286,"meta":1287,"component":1289,"responsiveStyles":1292},"builder-bf6b0443a59c42d088b66d825dc3c0f9",{"previousId":1288},"builder-81c491477b064c92b23bca18cec21736",{"name":1278,"options":1290,"isRSC":66},{"text":1291},"\u003Cp style=\"text-align: center;\">\u003Cbr>\u003C/p>\u003Cp>LONDON, Nov. 19, 2024 — Security researchers at Push Security, \u003Cspan style=\"font-size: 14px;\">a leader in browser-based detection and response,\u003C/span> have identified a new technique used by attackers known as \"Cross-IdP Impersonation,\" that enables attackers to hijack the single sign-on (SSO) process to gain unauthorized access to downstream applications without compromising a company's primary identity provider (IdP). Recent high-profile vulnerabilities, including ones involving Zendesk and Google, demonstrate the increasing risk this technique poses for organizations relying on SSO for secure access to software-as-a-service (SaaS) apps.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>Cross-IdP impersonation exploits a flaw in SSO configurations by allowing attackers to create fraudulent IdP accounts matching an organization’s domain, which are then used to access downstream apps via SSO. This tactic enables unauthorized access to various downstream applications, bypassing even the most secure primary IdP protections.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Ch4>\u003Cstrong>Notable Examples of Cross-IdP Impersonation\u003C/strong>\u003C/h4>\u003Cp>Two recent cases have highlighted the impact of Cross-IdP impersonation. In one instance, a \u003Ca href=\"https://cts.businesswire.com/ct/CT?id=smartlink&url=https%3A%2F%2Fgist.github.com%2Fhackermondev%2F68ec8ed145fcee49d2f5e2b9d2cf2e52&esheet=54154704&newsitemid=20241119299695&lan=en-US&anchor=15-year-old+researcher+abused+a+flaw+in+Zendesk&index=1&md5=3e245a76f52b6f21e6bd16548370751d\" rel=\"noopener noreferrer\" target=\"_blank\">15-year-old researcher abused a flaw in Zendesk\u003C/a> to create fraudulent Apple SSO accounts linked to hundreds of legitimate company domains. Using this newly created IdP account, the researcher could infiltrate connected apps, including Slack, exposing potentially sensitive information across multiple business applications.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>In another example, \u003Ca href=\"https://cts.businesswire.com/ct/CT?id=smartlink&url=https%3A%2F%2Fkrebsonsecurity.com%2F2024%2F07%2Fcrooks-bypassed-googles-email-verification-to-create-workspace-accounts-access-3rd-party-services%2F&esheet=54154704&newsitemid=20241119299695&lan=en-US&anchor=a+now-resolved+Google+domain+verification+flaw&index=2&md5=20a0da7ace3250189c28c47b4db1082b\" rel=\"noopener noreferrer\" target=\"_blank\">a now-resolved Google domain verification flaw\u003C/a> previously enabled newly created Google Workspace accounts to authenticate via SSO without requiring domain verification, which could then be used to access login to downstream applications usually accessed with a different SSO provider.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Ch4>\u003Cstrong>Security Implications and Attack Surface\u003C/strong>\u003C/h4>\u003Cp>“Cross-IdP impersonation could be likened to \u003Ca href=\"https://cts.businesswire.com/ct/CT?id=smartlink&url=https%3A%2F%2Fpushsecurity.com%2Fblog%2Fghost-logins-when-forgotten-identities-come-back-to-haunt-you%2F&esheet=54154704&newsitemid=20241119299695&lan=en-US&anchor=ghost+logins&index=3&md5=2d3dd5c0ea386eed146f3c5289a6f0bc\" rel=\"noopener noreferrer\" target=\"_blank\">ghost logins\u003C/a> on steroids,” said Dan Green, security researcher at Push Security. “This attack method bypasses traditional security safeguards that protect main IdP accounts. It doesn’t matter how locked down your primary IdP account is if attackers can simply create a new one for your domain.”\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>“In the examples we’ve seen in the wild, these attacks required no user interaction by exploiting configuration weaknesses in IdP and SaaS services. But the same result could be achieved through convincing social engineering scams, without needing to phish MFA factors or lure users to malicious webpages,” he continued.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>Security tests on the most popular applications used by Push customers revealed that 3 in 5 of the apps tested do not require re-verification by default when adding a new SSO login method, meaning that an attacker can log in with a newly registered IdP and take over the accounts on downstream applications.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Ch4>\u003Cstrong>Mitigation and Security Recommendations\u003C/strong>\u003C/h4>\u003Cp>Push Security recommends that organizations take proactive steps to defend against Cross-IdP impersonation:\u003C/p>\u003Cul>\u003Cli>Set Email Alerts: Implement automated email alerts for new IdP activation emails sent to employees, providing visibility into unauthorized IdP connections to company domains.\u003C/li>\u003Cli>Restrict Account Conversion: Where configurable, prevent the conversion of personal accounts to corporate accounts within primary IdP platforms.\u003C/li>\u003Cli>Enforce Re-Verification Protocols: Where configurable, require downstream applications to enforce re-verification when adding new SSO methods. Requiring login with the original method, rather than email approval, is a more secure approach.\u003C/li>\u003C/ul>\u003Cp>\u003Cbr>\u003C/p>\u003Ch4>\u003Cstrong>A Growing Threat Landscape\u003C/strong>\u003C/h4>\u003Cp>With the success of recent attacks, both attackers and security researchers are expected to focus increasingly on Cross-IdP impersonation techniques.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>“As applications typically integrate with several IdPs, the inconsistencies in authentication are creating exploitable gaps in SaaS security across applications,” said Green.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>Organizations are urged to monitor and tighten SaaS and IdP configurations and prepare to detect and respond to unauthorized SSO methods being used.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>Cross-IdP impersonation could be mitigated with a unified approach to SSO verification by SaaS providers by ensuring re-verification upon a new method being added, but companies must act now to protect their data, accounts, and applications.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>Push Security has updated its popular \u003Ca href=\"https://cts.businesswire.com/ct/CT?id=smartlink&url=https%3A%2F%2Fgithub.com%2Fpushsecurity%2Fsaas-attacks&esheet=54154704&newsitemid=20241119299695&lan=en-US&anchor=SaaS+attack+matrix+resource&index=4&md5=bc097be7d0189d9654c7b283a03bb5b6\" rel=\"noopener noreferrer\" target=\"_blank\">SaaS attack matrix resource\u003C/a>, used by security teams to simulate and defend against SaaS and identity attacks, and has provided more details on this cross-IdP impersonation trend on the Push Security blog: \u003Ca href=\"https://cts.businesswire.com/ct/CT?id=smartlink&url=https%3A%2F%2Fpushsecurity.com%2Fblog%2Fcross-idp-impersonation&esheet=54154704&newsitemid=20241119299695&lan=en-US&anchor=https%3A%2F%2Fpushsecurity.com%2Fblog%2Fcross-idp-impersonation&index=5&md5=7761e208ec7d407deac28dd3c469e478\" rel=\"noopener noreferrer\" target=\"_blank\">https://pushsecurity.com/blog/cross-idp-impersonation\u003C/a>\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Ch4>\u003Cstrong>About Push Security\u003C/strong>\u003C/h4>\u003Cp>Push Security stops identity attacks that result in account takeover — such as phishing, credential stuffing, session hijacking — and secures your entire identity perimeter. Push is the industry’s first identity security platform that uses a browser agent to monitor and defend workforce identities. Think of Push as being like EDR, but in the browser.\u003C/p>\u003Cp>\u003Cbr>\u003C/p>\u003Cp>Security teams use Push to map their identity attack surface, detect and respond to advanced identity attacks in real time, and proactively improve their overall identity security posture. Push was founded by former red team members skilled in offensive security and security operations and is backed by Decibel, GV (Google Ventures), Redpoint Ventures, Datadog Ventures, B3 Capital and other notable angel investors. For more information, visit \u003Ca href=\"https://pushsecurity.com/\" rel=\"noopener noreferrer\" target=\"_blank\">https://pushsecurity.com\u003C/a> or follow \u003Ca href=\"http://x.com/pushsecurity\" rel=\"noopener noreferrer\" target=\"_blank\">@pushsecurity\u003C/a>.\u003C/p>",{"large":1293},{"display":69,"flexDirection":70,"position":71,"flexShrink":72,"boxSizing":73,"lineHeight":1283,"height":1284},{"id":1295,"@type":51,"tagName":79,"properties":1296,"responsiveStyles":1297},"builder-pixel-vm85qiqup7",{"src":81,"aria-hidden":82,"alt":29,"role":83,"width":72,"height":72},{"large":1298},{"height":72,"width":72,"display":86,"opacity":72,"overflow":87,"pointerEvents":88},{"deviceSize":90,"location":1300},{"pathname":1266,"path":1301,"query":1304},[1302,1303],"news","push-security-new-security-alert-cross-idp-impersonation",{},{},1778249956534,1745016786985,"https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F471da2ab5f0447e6b87e78cb69b114eb","rGmJFEtPqFbC0o3fwsbG5B9aNv03",[],{"winningTest":66,"breakpoints":1312,"lastPreviewUrl":1313,"hasLinks":6,"originalContentId":1314,"kind":401,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},"https://pushsecurity.com/news/push-security-new-security-alert-cross-idp-impersonation?builder.space=f3a1111ff5be48cdbb123cd9f5795a05&builder.user.permissions=read%2Ccreate%2Cpublish%2CeditCode%2CeditDesigns%2CeditLayouts%2CeditLayers%2CeditContentPriority%2CeditFolders%2CeditProjects%2CmodifyMcpServers%2CmodifyWorkflowIntegrations%2CmodifyProjectSettings%2CconnectCodeRepository%2CcreateProjects%2CindexDesignSystems%2CsendPullRequests%2CmergePullRequests&builder.user.role.name=Developer&builder.user.role.id=developer&builder.cachebust=true&builder.preview=press-pages&builder.noCache=true&builder.allowTextEdit=true&__builder_editing__=true&builder.overrides.press-pages=a3bb1ec62ef34682a686618d761f37f4&builder.overrides.a3bb1ec62ef34682a686618d761f37f4=a3bb1ec62ef34682a686618d761f37f4&builder.options.includeRefs=true&builder.options.enrich=true&builder.options.locale=Default","f0db5df32b904435841922cd66c7db65","8tim3a2eqll",1778677338948]