Abstract: Presented herein are techniques for automatically generating information about risks associated with browser extensions used by browsers in an enterprise network for purposes of determining whether to whitelist a browser extension in response to a request from a user. A request to install a browser extension is obtained from a user device of a plurality of user devices associated with an organization, wherein the request comprises an extension identifier for the browser extension. A risk score is generated for the browser extension based on risk values for each of one or more permissions requested by the browser extension. The risk score is compared to a threshold value to determine whether the browser extension satisfies risk standards of the organization, and if so, the browser extension is automatically added to a whitelist of permitted extensions for future installation on the plurality of user devices.

Abstract: Presented herein are techniques for automatically generating information about risks associated with browser extensions used by browsers in an enterprise network for purposes of determining whether to whitelist a browser extension in response to a request from a user. A request to install a browser extension is obtained from a user device of a plurality of user devices associated with an organization, wherein the request comprises an extension identifier for the browser extension. A risk score is generated for the browser extension based on risk values for each of one or more permissions requested by the browser extension. The risk score is compared to a threshold value to determine whether the browser extension satisfies risk standards of the organization, and if so, the browser extension is automatically added to a whitelist of permitted extensions for future installation on the plurality of user devices.

Abstract: A system and method that enables the configuration of computer security of a subject entity at a computer security platform includes collecting a corpus of security data relating to one or more security configurations of the network maintained by the subject entity, analyzing the corpus of security data to determine one or more vulnerability factors and one or more security behaviors relating to the subject entity, generating a security assessment for the subject entity based on the analysis of the corpus of security data, generating a computer security policy for the security environment based on the security assessment, and providing, to the subject entity, a security policy recommendation incorporating at least a subset of the generated computer security policy.

Abstract: A system and method that enables the configuration of computer security of a subject entity at a computer security platform includes collecting a corpus of security data relating to one or more security configurations of the network maintained by the subject entity, analyzing the corpus of security data to determine one or more vulnerability factors and one or more security behaviors relating to the subject entity, generating a security assessment for the subject entity based on the analysis of the corpus of security data, generating a computer security policy for the security environment based on the security assessment, and providing, to the subject entity, a security policy recommendation incorporating at least a subset of the generated computer security policy.