Book a meeting →

Push Logo
Threat Briefing Webinar | August 20th 2026

The State of Shadow AI

Most AI policies sanction one or two platforms. What's actually in use across the workforce is a different story: AI apps, browser extensions, and OAuth integrations accumulating faster than any approval process can track, mostly self-adopted, unapproved, and invisible to security and IT teams.


That gap isn't created by rogue employees. It's created by four ordinary behaviors: signing up for an AI tool that looks useful, logging into an approved one with a personal account, installing a browser extension, and clicking "Allow" on an OAuth consent screen. 


Attackers have noticed. The same behaviors driving AI adoption are enabling attacks.


Insecure personal accounts get compromised on personal devices and take corporate data with them. Imitation extensions branded as official AI companions ship with permissions to read everything in the browser. Malicious OAuth grants become hidden backdoors in tenants where LLM connections are already normal activity. And compromised AI vendors turn forgotten integrations into breach paths.

Join Push Security Field CTO Mark Orlando to learn the real state of AI adoption. We'll cover:

Push telemetry on workforce AI adoption: the averages, the outliers, and what "normal" looks like in 2026
The behaviors behind shadow AI — and why blocking unsanctioned apps doesn't address the whole picture
How attackers exploit each dimension: shadow-account compromise, imitation extensions, malicious integrations, and OAuth supply chain attacks
AI as an attack surface in its own right — agents that concentrate OAuth tokens across your SaaS estate, granting persistent access to attackers
Practical controls for each dimension, where existing controls fall short, and why browser visibility and control is key

Can't make it? Register anyway and we'll send you the recording.

Push forward double slash
Mark OrlandoField CTO

Register Your Spot Now

Subscribe me to email updates from Push
By signing up to this webinar you agree to our privacy policy .
Trusted by
Sophos
Gitlab
Thinkst
Cribl
Enter some text...