New Free Tool Scans for Chrome Extension Safety
CRXcavator scans extensions in real time based on factors including permissions, external calls, and third-party libraries.
Chrome is, by far, the most widely used browser in the world. Its popularity is enhanced by the more than 180,000 add-ins, themes, apps, and extensions available for the browser. But are they safe to use? Now a new free tool from Duo Security can scan those extensions in real time to provide IT teams with assurance whether they are, indeed, safe for business users.
The CRXcavator scans a set of factors including permissions, external calls, third-party libraries, content security, and metadata to give security and IT staff insight into the safety of the browsers on their companies' computers. According to the blog post announcing the tool's availability, Duo researchers scanned 120,463 extensions and apps in January and found that many developers have used poor programming practices in their software. For example, 38,289 extensions " ... used third-party libraries that contain publicly known vulnerabilities," wrote the researchers.
Read more here.
Join Dark Reading LIVE for two cybersecurity summits at Interop 2019. Learn from the industry's most knowledgeable IT security experts. Check out the Interop agenda here.
About the Author
You May Also Like
DevSecOps/AWS
Oct 17, 2024Social Engineering: New Tricks, New Threats, New Defenses
Oct 23, 202410 Emerging Vulnerabilities Every Enterprise Should Know
Oct 30, 2024Simplify Data Security with Automation
Oct 31, 2024