Risky Business

Risky Biz Soap Box: Push Security's browser-first twist on identity security

May 15, 2025
Guest
Luke Jennings
Guest
Adam Bateman
Adam Bateman, Co-founder and CEO of Push Security, and Luke Jennings, Head of Research, dive into the critical world of identity security in modern browsers. They discuss the evolution of phishing techniques and the need for organizations to adapt their defenses. The duo explains how browser-based security solutions can monitor user interactions and protect against sophisticated threats. They also highlight the importance of safeguarding Single Sign-On (SSO) passwords and the complexities involved in securing identities across various platforms.
Ask episode
AI Snips
Chapters
Transcript
Episode notes
INSIGHT

Visibility Into Browser Identities

  • Push Security's browser extension sees all user identity activity beyond just SSO logs.
  • This reveals shadow accounts, unsanctioned SaaS usage, and poor MFA adoption across environments.
ANECDOTE

Hybrid Phishing Attack Example

  • Luke Jennings described clever phishing attacks using legitimate service flows, like sales contacting users via JotForm.
  • Attackers use multi-stage, legitimate-looking interactions to bypass email security filters.
INSIGHT

Browser-Level Phishing Detection

  • Being inside the browser enables Push to detect phishing by analyzing decoded page content and user interactions.
  • This dynamic inspection uncovers phishing activity that network or static analysis would miss.
Get the Snipd Podcast app to discover more snips from this episode
Get the app