Browser extensions have change into deeply embedded in workers’ each day workflows, aiding duties from grammar checking to low cost searching. But, their in depth permissions create vital safety dangers, largely unnoticed by IT and safety groups.
A brand new 2025 Enterprise Browser Extension Safety Report, uniquely combining information from public extension marketplaces and real-world enterprise utilization telemetry to highlight this underestimated risk vector.
LayerX is internet hosting a webinar to debate key findings from the Enterprise Browser Extension Safety Report 2025. Acquire actionable insights to mitigate browser extension dangers.
Key Findings from the Report
1. Extensions are Ubiquitous however Harmful: 99% of enterprise customers have browser extensions put in, with 52% operating greater than ten extensions, considerably broadening the risk floor.
Safety evaluation: Practically each worker may probably compromise organizational safety.
2. Intensive Permissions to Delicate Knowledge: 53% of extensions put in in enterprise environments have ‘excessive’ or ‘crucial’ threat permissions, permitting entry to delicate information like cookies, passwords, shopping historical past, and webpage contents.
Safety evaluation: One compromised extension can put all the group in danger.
3. GenAI Extensions: The Hidden Risk Over 20% of enterprise workers use GenAI extensions, with 58% of those holding ‘excessive’ or ‘crucial’ permissions, creating vital threat.
Safety evaluation: Enterprises should implement strict insurance policies on GenAI extension utilization and information dealing with.
4. Untrusted Extension Publishers: 54% of extensions are revealed anonymously through Gmail accounts, with 79% from publishers who’ve launched just one extension, making belief evaluation extraordinarily difficult.
Safety evaluation: Belief verification for extensions is very troublesome, growing the probability of malicious exercise.
5. Deserted and Outdated Extensions: 51% of extensions have not acquired updates in over a yr, whereas 26% of enterprise extensions are sideloaded, bypassing safety vetting.
Safety evaluation: Outdated or unmanaged extensions considerably elevate safety dangers as a result of potential vulnerabilities.
Suggestions for Safety and IT Groups:
- Audit all browser extensions throughout the enterprise setting.
- Categorize extensions to know their threat profiles.
- Enumerate and analyze extension permissions meticulously.
- Carry out complete threat assessments of every extension.
- Implement adaptive, risk-based safety insurance policies to handle extension threats successfully.
Obtain the total report to know the whole safety implications and techniques for managing browser extensions securely.
Sponsored and written by LayerX.
