At Least Until Skynet Ruins it, AI is Pretty Handy!
Posted by: Gino Tags: Browser Management, Proton Posted date: March 21, 2023
Please share this with your security team!
Call me paranoid but everything that I have read about AI, like most technology, has its potential for good, and (very) bad. It’s the same old story, new technology creates new opportunities, and bad actors want more than their share…
Recently, two of our largest customers have queried us on specific security issues based on data points within the browser, specifically in relation to extensions and their permissions, and the ability for Browsium to configure who can use them. It seems that both companies view browsers as what they are –self-contained, mini operating systems that have potential attack surfaces – and wish to gain more visibility within them. One of the companies already employs our Browser telemetry tool, Proton, and has requested a more granular look at the extensions in their estate – both publicly facing, and internal. One specific example of granularity is the surfacing of the permissions that change when an extension is auto-updated. Anyway, this got me thinking about what data points are available inside a browser that could potentially be utilized by a security team. So… I asked ChatGPT a couple of questions. Below is the Q&A. Interestingly, my own semi-AI writing tool offered me a couple of rewrites “For Better Clarity”. Is there anything on these lists that your company would like to see a more granular view of? Please let me Know!
What are the most important data points in the browser for enterprise IT?
There are several important data points in the browser that enterprise IT should monitor to ensure a secure and efficient computing environment. Here are some of the key data points:
- Browser usage: It is important to monitor which browsers are being used by employees, as this information can help determine which browsers should be supported and which ones may need to be blocked.
- Browser versions: Knowing which versions of each browser are being used can help identify potential security vulnerabilities and ensure that the latest security updates have been applied.
- Plugin usage (including extensions: Monitoring which plugins are being used can help identify potential security risks and ensure that only authorized plugins are installed.
- Page load times: Slow page load times can impact employee productivity, so it is important to monitor and optimize page load times.
- Network traffic: Monitoring network traffic from browsers can help identify potential security threats, such as malware or unauthorized access attempts.
- User activity: Tracking user activity within the browser can help identify potential security breaches or policy violations.
By monitoring these key data points, enterprise IT can ensure a more secure and efficient computing environment for employees.
Additionally, here are some more specific data points that can be monitored within each category:
1. Browser usage:
- Browser type (Chrome, Firefox, Safari, etc.)
- Percentage of users on each browser
- Browser market share trends over time
- Browser usage by department or team
2. Browser versions:
- Browser version number (e.g., Chrome 92.0.4515.159)
- Percentage of users on each version
- Security vulnerabilities fixed in each version
- Compatibility issues with specific websites or applications
3. Plugin usage:
- Plugin type (e.g., Adobe Flash, Java, Microsoft Silverlight)
- Percentage of users with each plugin installed
- Security vulnerabilities associated with each plugin
- Usage patterns by department or team
4. Page load times:
- Average page load time for each website or application
- Time to first byte (TTFB)
- Time to interact (TTI)
- Page load times by browser type or version
5. Network traffic:
- Incoming and outgoing traffic volumes
- Traffic sources (e.g. internal vs. external)
- Traffic patterns by department or team
- Suspicious or unauthorized traffic patterns
6. User activity:
- Websites visited
- Time spent on each website
- Downloads or uploads from each website
- User logins and logouts
Proton White Paper – Proton Graphic – Product One Sheets