Runar Verwaal
As browser-based applications become central to modern workflows, the security risks associated with Chromium-based browser extensions are increasing significantly. We request improved monitoring, control, and policy enforcement capabilities for browser extensions to mitigate risks related to malicious plugins and shadow IT.
In today’s work environment, the reliance on browser applications continues to grow. At the same time, the number of malicious or compromised extensions in the Chrome Web Store and other Chromium-based marketplaces is rising rapidly.
This creates several security challenges:
  • Malicious extensions can exfiltrate sensitive data, inject scripts, or act as persistence mechanisms.
  • Shadow IT risks increase as users install extensions tied to unapproved SaaS platforms, leading to uncontrolled data distribution.
  • Lack of centralized visibility makes it difficult for IT and security teams to audit and manage extension usage across endpoints.
Existing endpoint security solutions, including Huntress, have limited visibility and control over browser extensions, particularly:
  • No centralized inventory of installed extensions
  • Limited insight into extension permissions and behaviors
  • No enforcement of allow/block policies at scale
  • Lack of alerting on high-risk or newly installed extensions
We propose adding dedicated browser extension security capabilities, including:
Extension Inventory & Visibility
  • Centralized dashboard of all installed Chromium extensions across endpoints
- Metadata including publisher, permissions, install source, and user
Risk Assessment & Detection
  • Flag extensions with high-risk permissions (e.g., access to all sites, clipboard, downloads)
  • Detection of known malicious or suspicious extensions
  • Alerts on newly installed or recently updated extensions
Policy-Based Control
  • Ability to create allowlists and blocklists
  • Enforcement of approved extensions only
  • Optional auto-removal or disablement of unauthorized extensions
Shadow IT Insights
  • Identify extensions linked to unapproved SaaS or data-sharing services
  • Reporting on potential data exposure vectors
Integration & Response
  • Tie extension activity into existing Huntress detection and response workflows
  • Enable automated or guided remediation actions
Conclusion:
As browsers increasingly function as primary work platforms, extension security must be treated as a first-class concern. Enhanced control and visibility over Chromium extensions would provide significant security value to customers operating in today’s threat landscape.