Browsing Security

Ep. 10 - The Data Beneath the Breach: Analyzing Francis Odum’s Latest Report

In Episode 10, we take an in-depth look at the latest report from cybersecurity researcher Francis Odum, uncovering the key insights behind the numbers. We discuss: * How third-party and credential-based risks are evolving * What the report reveals about attacker tactics and system intrusion trends * The growing risk surface of browsers and unmanaged endpoints * What infosec leaders should take away—and act on—based on the data This is a technical, first-person exploration of breach dynamics, informed by real-world telemetry and sharp analysis. If you’re a practitioner navigating complex environments, this episode is for you.

E9 - Inside the 2025 Verizon DBIR with Alex Pinto

In this episode, we unpack the key insights from our recent LayerX webinar featuring Alex Pinto, lead author of the 2025 Verizon Data Breach Investigations Report (DBIR). Alongside Or Eshed, our CEO, we explore the changing risk landscape—from credential abuse and third-party risk to AI misuse and browser-native threats. Key themes: * What the doubling of third-party breaches reveals about today’s interconnected environments * Why unmanaged devices and browser cookies still sabotage identity protection * The real AI risk: unsanctioned employee usage, not just attackers with LLMs * How the browser became ground zero for modern security battles 🎯 Want to go deeper? Watch the full webinar on demand: 👉 https://layerx.easywebinar.live/layerx-verizon-dbir [https://layerx.easywebinar.live/layerx-verizon-dbir]

E8 - ExtensionPedia is Live!

Are you aware of the hidden risks lurking in your organization’s browser extensions? Nearly every enterprise user has at least one extension installed—and over half of those extensions request powerful permissions that can expose cookies, passwords, and sensitive data. In this video, we introduce ExtensionPedia, LayerX’s free, publicly available Browser Extension Risk Database and Knowledge Center. 🔍 What You’ll Learn • Why browser extensions are a growing attack vector for CISOs and InfoSec teams • How ExtensionPedia aggregates risk scores for 200,000+ Chrome, Edge, and Firefox extensions • The key permission scopes and reputation factors used to calculate each extension’s risk • Practical steps to research any extension by name or ID before deployment • How to leverage in-depth documentation, best practices, and threat advisories to safeguard your users 📈 Why It Matters • 99% of enterprise employees have at least one browser extension installed • Over 50% of those extensions request high-level permissions that can access critical data • ExtensionPedia empowers security leaders to make data-driven decisions and eliminate blind spots at the browser level 🌐 Resources & Links ▶️ Read the official Dark Reading announcement: https://www.darkreading.com/endpoint-security/layerx-launches-extensionpedia ▶️ Explore ExtensionPedia now: https://layerxsecurity.com/extensions/ ▶️ Learn more about LayerX Browser Security: https://www.layerxsecurity.com 👍 Like, Comment & Subscribe If this video helped you understand how to mitigate extension-based risks in your enterprise, please give it a thumbs up and leave a comment with your questions. Don’t forget to subscribe for more insights into browser security, SSE gaps, and next-generation enterprise protection. #BrowserSecurity #ExtensionRisk #LayerX #ExtensionPedia #Cybersecurity #CISO #InfoSec #ThreatIntelligence

E7 - Where SSE Falls Short: A Deep Dive into Last-Mile Security Gaps

🔍 Are SSEs Really Securing the Last Mile? In this episode, we break down the hidden architectural gaps in Security Service Edge (SSE) platforms—specifically where they fall short in protecting the browser, where today’s real threats unfold. 📉 Despite vendor claims, SSEs are blind to: * Copy/paste data leakage * Malicious browser extensions * Shadow SaaS and GenAI misuse * Identity misuse and session hijacking 🛡️ We’ll walk through key use cases—like GenAI prompt monitoring, in-browser DLP, and zero-hour phishing—and explain why traditional network-layer tools just don’t cut it. 📌 Who should watch: CISOs, security architects, and InfoSec leaders who are questioning the effectiveness of their SSE stack—or considering augmenting it. 📘 Based on the technical whitepaper: "Reevaluating SSEs: A Gap Analysis of Last-Mile Protection" by LayerX. Download it here: [Insert link] 🔗 Want to see how browser-native security can close the gap? Learn more at: https://www.layerxsecurity.com [https://www.layerxsecurity.com] #SSE #Cybersecurity #DLP #BrowserSecurity #GenAI #InfoSec #LayerX

E6 - Browser extensions are everywhere - but are they safe for enterprise use?

In this episode, we explore the hidden risks posed by one of the most overlooked elements of the modern enterprise tech stack: browser extensions. In this episode we will unpack key insights from the newly released Enterprise Browser Extension Security Report 2025 - a data-driven look into how widely-used browser extensions are impacting enterprise security postures. As the browser becomes the de facto interface for SaaS access, identity, and day-to-day productivity, extensions often slip under the radar of traditional security programs. But with capabilities like DOM access, clipboard monitoring, and cookie extraction, they’re increasingly being exploited as a backdoor into sensitive data and sessions. Together, our AI hosts examine the anatomy of malicious extensions, the shortcomings of existing SSE and endpoint protection tools in detecting them, and what enterprises can do to regain visibility and control - especially in BYOD and hybrid environments. Why are popular extensions like Grammarly or ad blockers being flagged by security researchers? What controls should security teams implement to protect against extension-based threats? Tune in to this episode for answers, insights, and actionable recommendations.