[{"data":1,"prerenderedAt":2120},["ShallowReactive",2],{"application-flags":3,"navbar":7,"always-visible-banner":36,"navbar-about-highlight":108,"navbar-resource-highlight":182,"blog/product-release-november-2025":226},[4],{"name":5,"enabled":6},"maintenanceMode",false,[8],{"createdDate":9,"id":10,"name":11,"modelId":12,"published":13,"query":14,"data":15,"variations":20,"lastUpdated":21,"firstPublished":22,"testRatio":23,"createdBy":24,"lastUpdatedBy":25,"folders":26,"meta":27,"rev":35},1742208588866,"1c7a4e423bf54ac1a328bb4063459ef2","Banner","1c6207a5f24948ab82d4a0b17f251193","published",[],{"type":16,"url":17,"text":18,"link":19},"web-banner","https://pushsecurity.com/resources/browser-attacks-report","Get our latest report analyzing browser attack techniques in 2026",{},{},1774258294825,1742208637545,1,"CydmZnOWU1XuAaLhEDCoYNM4Z8W2","jKjF9r5jcvXU8tzZEfFQm31Iyvr2",[],{"kind":28,"lastPreviewUrl":29,"breakpoints":30,"hasAutosaves":34},"data","",{"xsmall":31,"small":32,"medium":33},320,640,768,true,"ga0kpxjhh76",{"createdDate":37,"id":38,"name":39,"modelId":40,"published":13,"stageModifiedSincePublish":6,"query":41,"data":42,"variations":97,"lastUpdated":98,"firstPublished":99,"testRatio":23,"createdBy":100,"lastUpdatedBy":101,"folders":102,"meta":103,"rev":107},1774965361051,"fd266d0172cc47429be7ad10f48c99ad","always visible banner","0678d178ec8b41efb8a23c09dba7874d",[],{"ctaText":43,"text":44,"url":29,"blocks":45,"state":93},"ewrererw","testrfesssssssssss",[46,73,81],{"@type":47,"@version":48,"id":49,"component":50,"responsiveStyles":63},"@builder.io/sdk:Element",2,"builder-ca12c06a52de41d7b8743da53118cd38",{"name":51,"tag":51,"options":52,"isRSC":62},"TopBannerContent",{"text":53,"ctaText":54,"url":55,"mainText":56,"cta":59},"New Webinar Series: Join John Hammond, Troy Hunt, and Matt Johansen for the State of Browser Attacks","Save Your Spot","https://pushsecurity.com/webinar/state-of-browser-security",{"content":57,"fontSize":58},"\u003Cp>Meet Push's browser security experts at BlackHat 2026.\u003C/p>","text-base",{"content":60,"fontSize":58,"url":61},"\u003Cp>Book a meeting →\u003C/p>","https://pushsecurity.com/events/blackhat-2026-meeting",null,{"large":64},{"display":65,"flexDirection":66,"position":67,"flexShrink":68,"boxSizing":69,"marginTop":70,"marginBottom":70,"fontSize":71,"fontWeight":72},"flex","column","relative","0","border-box",".56rem","1.125rem","700",{"@type":47,"@version":48,"id":74,"component":75,"responsiveStyles":79},"builder-a2e1f4b9f30b464bb814d7f5de5b0aa7",{"name":76,"options":77,"isRSC":62},"Custom Code",{"code":78,"scriptsClientOnly":6},"\u003Cstyle>\n  .top-banner.bg-web-orange{background:rgb(114, 79, 255);}\n\u003C/style>\n",{"large":80},{"display":65,"flexDirection":66,"position":67,"flexShrink":68,"boxSizing":69},{"id":82,"@type":47,"tagName":83,"properties":84,"responsiveStyles":88},"builder-pixel-o503s4fpvk","img",{"src":85,"aria-hidden":86,"alt":29,"role":87,"width":68,"height":68},"https://cdn.builder.io/api/v1/pixel?apiKey=f3a1111ff5be48cdbb123cd9f5795a05","true","presentation",{"large":89},{"height":68,"width":68,"display":90,"opacity":68,"overflow":91,"pointerEvents":92},"block","hidden","none",{"deviceSize":94,"location":95},"large",{"path":29,"query":96},{},{},1783541846936,1774968080803,"ST0tXQM8slWpFrmioqKHmENB2qe2","kYgMv6WsbvfmlOUYqR2SFwGzw6e2",[],{"kind":104,"lastPreviewUrl":105,"hasLinks":6,"breakpoints":106,"hasErrors":6,"hasAutosaves":6},"component","https://pushsecurity.com/?builder.space=f3a1111ff5be48cdbb123cd9f5795a05&builder.user.permissions=read%2Ccreate%2Cpublish%2CeditDesigns%2CeditLayouts%2CeditLayers%2CeditContentPriority%2CeditFolders%2CcreateProjects%2CsendPullRequests&builder.user.role.name=Designer&builder.user.role.id=creator&builder.cachebust=true&builder.preview=always-visible-banner&builder.noCache=true&builder.allowTextEdit=true&__builder_editing__=true&builder.overrides.always-visible-banner=fd266d0172cc47429be7ad10f48c99ad&builder.overrides.fd266d0172cc47429be7ad10f48c99ad=fd266d0172cc47429be7ad10f48c99ad&builder.options.locale=Default",{"xsmall":31,"small":32,"medium":33},"kyujw1aptq",[109,145],{"createdDate":110,"id":111,"name":112,"modelId":113,"published":13,"stageModifiedSincePublish":6,"query":114,"data":115,"variations":138,"lastUpdated":139,"firstPublished":140,"testRatio":23,"createdBy":24,"lastUpdatedBy":24,"folders":141,"meta":142,"rev":144},1776247359804,"9136a8f18b3b4a6ba29b8653a99372b1","testimonial-inductive-automation","20d9eaa352304613b3d1a794b400703d",[],{"link":116,"type":117,"testimonialLink":118,"testimonial":119},{},"testimonial","/customer-stories/inductive-automation",{"@type":120,"id":121,"model":117,"value":122},"@builder.io/core:Reference","f028f2b685bb47cd8bf9e82a26dd5a79",{"query":123,"folders":124,"createdDate":125,"id":121,"name":126,"modelId":127,"published":13,"data":128,"variations":132,"lastUpdated":133,"firstPublished":134,"testRatio":23,"createdBy":100,"lastUpdatedBy":100,"meta":135,"rev":137},[],[],1735823466309,"We found Push to be more accurate when compared to competitors and the browser agent offered features that others couldn’t match.","42035571a56940ac98bff4544aa79aa5",{"author":129,"jobTitle":130,"quote":126,"image":131},"Jason Waits","\u003Cp>CISO at Inductive Automation\u003C/p>","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2Ff04c0c0689ce4a89ac0f0708d78c0a07",{},1735910703862,1735823501152,{"kind":28,"lastPreviewUrl":29,"breakpoints":136,"hasAutosaves":34},{"small":32,"medium":33},"e8bsg4qrgtu",{},1776247404986,1776247404973,[],{"breakpoints":143,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},"g9lqcuxphw7",{"createdDate":146,"id":147,"name":148,"modelId":113,"published":13,"meta":149,"stageModifiedSincePublish":6,"query":151,"data":152,"variations":178,"lastUpdated":179,"firstPublished":180,"testRatio":23,"createdBy":24,"lastUpdatedBy":24,"folders":181,"rev":144},1776255761419,"05a9322735fc427db12e2740e4302300","Report: 2026 Browser Attack Techniques",{"breakpoints":150,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},[],{"testimonial":153,"link":172,"type":175,"title":148,"description":176,"image":177},{"@type":120,"id":154,"model":117,"value":155},"192acbb1f9ca4cac918c0ec435a8bae3",{"query":156,"folders":157,"createdDate":158,"id":154,"name":159,"modelId":127,"published":13,"data":160,"variations":166,"lastUpdated":167,"firstPublished":168,"testRatio":23,"createdBy":100,"lastUpdatedBy":24,"meta":169,"rev":171},[],[],1728981467463,"Push does for identity what CrowdStrike did for the endpoint",{"video":161,"jobTitle":162,"author":163,"qoute":29,"quote":164,"image":165},"https://cdn.builder.io/o/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F8b30e8ca50064058bbaef0f3c6164575%2Fcompressed?apiKey=f3a1111ff5be48cdbb123cd9f5795a05&token=8b30e8ca50064058bbaef0f3c6164575&alt=media&optimized=true","\u003Cp>Deputy CISO at Microsoft\u003C/p>\u003Cp>Former LinkedIn, Slack, Palantir\u003C/p>","Geoff Belknap","Push does for identity what CrowdStrike did for the endpoint.","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F748f0ad0a5064a00a13f4721fcc8dea1",{},1742902158597,1728981782923,{"kind":28,"lastPreviewUrl":29,"breakpoints":170,"hasAutosaves":34},{"small":32,"medium":33},"ulhc0im1hfo",{"text":173,"url":174},"Download now","/resources/browser-attacks-report","resource","Learn about the latest techniques being used in the wild.","https://cdn.builder.io/api/v1/image/assets%2Ff3a1111ff5be48cdbb123cd9f5795a05%2F7b4a5ebf81d64e8c9d7fc35f6c96c4a9",{},1776255810913,1776255810900,[],[183,205],{"createdDate":184,"id":185,"name":148,"modelId":186,"published":13,"meta":187,"stageModifiedSincePublish":6,"query":189,"data":190,"variations":200,"lastUpdated":201,"firstPublished":202,"testRatio":23,"createdBy":24,"lastUpdatedBy":24,"folders":203,"rev":204},1776256900280,"1f429607996e4e5fae8fe3f9b9610e55","4829faa81e7c4ee8bd2d000e160e8d3c",{"breakpoints":188,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},[],{"testimonial":191,"link":199,"type":175,"title":148,"description":176,"image":177},{"@type":120,"id":154,"model":117,"value":192},{"query":193,"folders":194,"createdDate":158,"id":154,"name":159,"modelId":127,"published":13,"data":195,"variations":196,"lastUpdated":167,"firstPublished":168,"testRatio":23,"createdBy":100,"lastUpdatedBy":24,"meta":197,"rev":171},[],[],{"video":161,"jobTitle":162,"author":163,"qoute":29,"quote":164,"image":165},{},{"kind":28,"lastPreviewUrl":29,"breakpoints":198,"hasAutosaves":34},{"small":32,"medium":33},{"text":173,"url":174},{},1776256937553,1776256937540,[],"xggsv10v1q9",{"createdDate":206,"id":207,"name":208,"modelId":186,"published":13,"stageModifiedSincePublish":6,"query":209,"data":210,"variations":220,"lastUpdated":221,"firstPublished":222,"testRatio":23,"createdBy":24,"lastUpdatedBy":24,"folders":223,"meta":224,"rev":204},1776256949234,"ce043785b71b4ece98eac811ecf4ba10","inductive-automation",[],{"link":211,"type":117,"testimonial":212,"testimonialLink":118},{},{"@type":120,"id":121,"model":117,"value":213},{"query":214,"folders":215,"createdDate":125,"id":121,"name":126,"modelId":127,"published":13,"data":216,"variations":217,"lastUpdated":133,"firstPublished":134,"testRatio":23,"createdBy":100,"lastUpdatedBy":100,"meta":218,"rev":137},[],[],{"author":129,"jobTitle":130,"quote":126,"image":131},{},{"kind":28,"lastPreviewUrl":29,"breakpoints":219,"hasAutosaves":34},{"small":32,"medium":33},{},1776256974140,1776256974130,[],{"breakpoints":225,"kind":28,"lastPreviewUrl":29,"hasAutosaves":6},{"xsmall":31,"small":32,"medium":33},{"id":227,"title":228,"authorsCollection":229,"content":237,"extension":1034,"faqItemsCollection":1035,"faqTitle":62,"featured":6,"hashTags":62,"meta":1037,"metaTitle":1038,"ogImage":62,"publishedDate":1039,"relatedBlogPostsCollection":1040,"slug":2098,"stem":2099,"subtitle":62,"summary":2100,"synopsis":2111,"sys":2112,"tagsCollection":2115,"__hash__":2119},"blog/blog/product-release-november-2025.json","Product release: November 2025",{"items":230},[231],{"fullName":232,"firstName":233,"jobTitle":234,"profilePicture":235},"Andy Waugh","Andy","VP Product",{"url":236},"https://images.ctfassets.net/y1cdw1ablpvd/3Rf76rJn6S9inMb4dUnAIJ/0a787f8141d05b95300e2fe77c4493fa/DSC_6868.jpg",{"json":238,"links":963},{"data":239,"content":240,"nodeType":962},{},[241,250,326,332,339,365,390,423,432,452,458,465,472,506,512,530,536,552,559,583,590,597,621,637,643,649,656,672,679,732,739,745,763,769,785,792,815,838,844,851,956],{"data":242,"content":243,"nodeType":249},{},[244],{"data":245,"marks":246,"value":247,"nodeType":248},{},[],"What's new this month:","text","heading-1",{"data":251,"content":252,"nodeType":325},{},[253,265,275,285,295,305,315],{"data":254,"content":255,"nodeType":264},{},[256],{"data":257,"content":258,"nodeType":263},{},[259],{"data":260,"marks":261,"value":262,"nodeType":248},{},[],"Get visibility for all installed browser extensions in your environment","paragraph","list-item",{"data":266,"content":267,"nodeType":264},{},[268],{"data":269,"content":270,"nodeType":263},{},[271],{"data":272,"marks":273,"value":274,"nodeType":248},{},[],"New detection for ClickFix-style malicious copy-paste attacks",{"data":276,"content":277,"nodeType":264},{},[278],{"data":279,"content":280,"nodeType":263},{},[281],{"data":282,"marks":283,"value":284,"nodeType":248},{},[],"New Labs feature: Experimental detections",{"data":286,"content":287,"nodeType":264},{},[288],{"data":289,"content":290,"nodeType":263},{},[291],{"data":292,"marks":293,"value":294,"nodeType":248},{},[],"RBAC for the Push admin console",{"data":296,"content":297,"nodeType":264},{},[298],{"data":299,"content":300,"nodeType":263},{},[301],{"data":302,"marks":303,"value":304,"nodeType":248},{},[],"URLscan.io and domain registration enrichment for detections",{"data":306,"content":307,"nodeType":264},{},[308],{"data":309,"content":310,"nodeType":263},{},[311],{"data":312,"marks":313,"value":314,"nodeType":248},{},[],"Filter events by entities",{"data":316,"content":317,"nodeType":264},{},[318],{"data":319,"content":320,"nodeType":263},{},[321],{"data":322,"marks":323,"value":324,"nodeType":248},{},[],"And a few other things … ","unordered-list",{"data":327,"content":328,"nodeType":249},{},[329],{"data":330,"marks":331,"value":262,"nodeType":248},{},[],{"data":333,"content":334,"nodeType":263},{},[335],{"data":336,"marks":337,"value":338,"nodeType":248},{},[],"You can now use Push to see other browser extensions installed on your employees’ browsers.",{"data":340,"content":341,"nodeType":263},{},[342,346,352,356,361],{"data":343,"marks":344,"value":345,"nodeType":248},{},[],"You can enable this feature by going to ",{"data":347,"marks":348,"value":351,"nodeType":248},{},[349],{"type":350},"bold","Settings > Organization",{"data":353,"marks":354,"value":355,"nodeType":248},{},[]," in the Push admin console and toggling on ",{"data":357,"marks":358,"value":360,"nodeType":248},{},[359],{"type":350},"Browser extension visibility",{"data":362,"marks":363,"value":364,"nodeType":248},{},[],". There is no end-user impact when you enable this feature.",{"data":366,"content":367,"nodeType":263},{},[368,372,377,381,386],{"data":369,"marks":370,"value":371,"nodeType":248},{},[],"You’ll see browser extension data populate a new ",{"data":373,"marks":374,"value":376,"nodeType":248},{},[375],{"type":350},"Browser extensions",{"data":378,"marks":379,"value":380,"nodeType":248},{},[]," page in the admin console under ",{"data":382,"marks":383,"value":385,"nodeType":248},{},[384],{"type":350},"Investigate",{"data":387,"marks":388,"value":389,"nodeType":248},{},[],". With this information, you can see:",{"data":391,"content":392,"nodeType":325},{},[393,403,413],{"data":394,"content":395,"nodeType":264},{},[396],{"data":397,"content":398,"nodeType":263},{},[399],{"data":400,"marks":401,"value":402,"nodeType":248},{},[],"Which extensions have been installed for each employee and browser.",{"data":404,"content":405,"nodeType":264},{},[406],{"data":407,"content":408,"nodeType":263},{},[409],{"data":410,"marks":411,"value":412,"nodeType":248},{},[],"How they were installed (e.g. by policy, manually, or sideloaded).",{"data":414,"content":415,"nodeType":264},{},[416],{"data":417,"content":418,"nodeType":263},{},[419],{"data":420,"marks":421,"value":422,"nodeType":248},{},[],"Which permissions they have.",{"data":424,"content":430,"nodeType":431},{"target":425},{"sys":426},{"id":427,"type":428,"linkType":429},"5J5jdmwugy7yU8GGwxe7iH","Link","Entry",[],"embedded-entry-block",{"data":433,"content":434,"nodeType":263},{},[435,438,449],{"data":436,"marks":437,"value":29,"nodeType":248},{},[],{"data":439,"content":443,"nodeType":448},{"target":440},{"sys":441},{"id":442,"type":428,"linkType":429},"3ibVBa6u0XfcXXDVtON5th",[444],{"data":445,"marks":446,"value":447,"nodeType":248},{},[],"Learn more","entry-hyperlink",{"data":450,"marks":451,"value":29,"nodeType":248},{},[],{"data":453,"content":454,"nodeType":249},{},[455],{"data":456,"marks":457,"value":274,"nodeType":248},{},[],{"data":459,"content":460,"nodeType":263},{},[461],{"data":462,"marks":463,"value":464,"nodeType":248},{},[],"Push can now detect malicious copy and paste attacks like ClickFix, FileFix, and other fake CAPTCHA-style techniques.",{"data":466,"content":467,"nodeType":263},{},[468],{"data":469,"marks":470,"value":471,"nodeType":248},{},[],"These techniques have become one of the most prevalent attack types this year, and rely on deceiving users into manually or automatically copying malicious code and running it locally.",{"data":473,"content":474,"nodeType":263},{},[475,479,484,488,493,497,502],{"data":476,"marks":477,"value":478,"nodeType":248},{},[],"You can enable ",{"data":480,"marks":481,"value":483,"nodeType":248},{},[482],{"type":350},"Malicious copy and paste detection",{"data":485,"marks":486,"value":487,"nodeType":248},{},[]," from the ",{"data":489,"marks":490,"value":492,"nodeType":248},{},[491],{"type":350},"Controls",{"data":494,"marks":495,"value":496,"nodeType":248},{},[]," page of the Push admin console. Add a configuration rule to set the detection to ",{"data":498,"marks":499,"value":501,"nodeType":248},{},[500],{"type":350},"Monitor",{"data":503,"marks":504,"value":505,"nodeType":248},{},[],". You can also add an exception for any staff who routinely handle malicious scripts, such as security team members, or add domains to the ignore list as needed.",{"data":507,"content":511,"nodeType":431},{"target":508},{"sys":509},{"id":510,"type":428,"linkType":429},"2fPaiwRCAUd8lMvsVO03HZ",[],{"data":513,"content":514,"nodeType":263},{},[515,518,527],{"data":516,"marks":517,"value":29,"nodeType":248},{},[],{"data":519,"content":523,"nodeType":448},{"target":520},{"sys":521},{"id":522,"type":428,"linkType":429},"1u8RJxC00HbBhCBVxcDnkK",[524],{"data":525,"marks":526,"value":447,"nodeType":248},{},[],{"data":528,"marks":529,"value":29,"nodeType":248},{},[],{"data":531,"content":532,"nodeType":249},{},[533],{"data":534,"marks":535,"value":284,"nodeType":248},{},[],{"data":537,"content":538,"nodeType":263},{},[539,543,548],{"data":540,"marks":541,"value":542,"nodeType":248},{},[],"Get early access to new detections from the Push research team by enabling ",{"data":544,"marks":545,"value":547,"nodeType":248},{},[546],{"type":350},"Experimental detections",{"data":549,"marks":550,"value":551,"nodeType":248},{},[],", a Labs feature.",{"data":553,"content":554,"nodeType":263},{},[555],{"data":556,"marks":557,"value":558,"nodeType":248},{},[],"Labs features are new features Push is testing before releasing them. Early access detections are designed to catch emerging attacker techniques, but may also produce more false positives while we finetune them. These early access detections do not block any user actions.",{"data":560,"content":561,"nodeType":263},{},[562,566,570,574,579],{"data":563,"marks":564,"value":565,"nodeType":248},{},[],"Enable ",{"data":567,"marks":568,"value":547,"nodeType":248},{},[569],{"type":350},{"data":571,"marks":572,"value":573,"nodeType":248},{},[]," by going to ",{"data":575,"marks":576,"value":578,"nodeType":248},{},[577],{"type":350},"Settings > Labs",{"data":580,"marks":581,"value":582,"nodeType":248},{},[]," in the admin console.",{"data":584,"content":585,"nodeType":249},{},[586],{"data":587,"marks":588,"value":589,"nodeType":248},{},[],"RBAC for the Push platform",{"data":591,"content":592,"nodeType":263},{},[593],{"data":594,"marks":595,"value":596,"nodeType":248},{},[],"You can now provide read-only access to the Push admin console to facilitate investigations, review detections, check app usage by department, help with employee offboarding — or anything else you need.",{"data":598,"content":599,"nodeType":263},{},[600,604,608,612,617],{"data":601,"marks":602,"value":603,"nodeType":248},{},[],"To add a read-only admin, go to ",{"data":605,"marks":606,"value":351,"nodeType":248},{},[607],{"type":350},{"data":609,"marks":610,"value":611,"nodeType":248},{},[]," in the admin console. Enter the email address of the admin you want to invite and set the role to ",{"data":613,"marks":614,"value":616,"nodeType":248},{},[615],{"type":350},"Read only",{"data":618,"marks":619,"value":620,"nodeType":248},{},[],".",{"data":622,"content":623,"nodeType":263},{},[624,628,633],{"data":625,"marks":626,"value":627,"nodeType":248},{},[],"Note that existing Push admins now have the role of ",{"data":629,"marks":630,"value":632,"nodeType":248},{},[631],{"type":350},"Full access",{"data":634,"marks":635,"value":636,"nodeType":248},{},[],". You can adjust that role as needed from the Organization page, too.",{"data":638,"content":642,"nodeType":431},{"target":639},{"sys":640},{"id":641,"type":428,"linkType":429},"7kraCfSP2YwdEEwZ8FxM1t",[],{"data":644,"content":645,"nodeType":249},{},[646],{"data":647,"marks":648,"value":304,"nodeType":248},{},[],{"data":650,"content":651,"nodeType":263},{},[652],{"data":653,"marks":654,"value":655,"nodeType":248},{},[],"You can now enrich detections in Push with information from urlscan.io, and see when the domain was first registered. This information gives you domain-relevant context to support investigations.",{"data":657,"content":658,"nodeType":263},{},[659,663,668],{"data":660,"marks":661,"value":662,"nodeType":248},{},[],"To enable this feature, go to ",{"data":664,"marks":665,"value":667,"nodeType":248},{},[666],{"type":350},"Settings > Advanced > Domain enrichment",{"data":669,"marks":670,"value":671,"nodeType":248},{},[]," in the Push admin console or enable it from any existing detection event.",{"data":673,"content":674,"nodeType":263},{},[675],{"data":676,"marks":677,"value":678,"nodeType":248},{},[],"With this enrichment, you can quickly see:",{"data":680,"content":681,"nodeType":325},{},[682,692,702,712,722],{"data":683,"content":684,"nodeType":264},{},[685],{"data":686,"content":687,"nodeType":263},{},[688],{"data":689,"marks":690,"value":691,"nodeType":248},{},[],"The timestamp for when a domain was first registered",{"data":693,"content":694,"nodeType":264},{},[695],{"data":696,"content":697,"nodeType":263},{},[698],{"data":699,"marks":700,"value":701,"nodeType":248},{},[],"The number of times a domain was scanned on urlscan",{"data":703,"content":704,"nodeType":264},{},[705],{"data":706,"content":707,"nodeType":263},{},[708],{"data":709,"marks":710,"value":711,"nodeType":248},{},[],"The first time a domain was scanned",{"data":713,"content":714,"nodeType":264},{},[715],{"data":716,"content":717,"nodeType":263},{},[718],{"data":719,"marks":720,"value":721,"nodeType":248},{},[],"The last time a domain or IP was scanned",{"data":723,"content":724,"nodeType":264},{},[725],{"data":726,"content":727,"nodeType":263},{},[728],{"data":729,"marks":730,"value":731,"nodeType":248},{},[],"A urlscan verdict (e.g. “potentially malicious”)",{"data":733,"content":734,"nodeType":263},{},[735],{"data":736,"marks":737,"value":738,"nodeType":248},{},[],"You’ll see the enrichment data on the details slideout for an individual detection.",{"data":740,"content":744,"nodeType":431},{"target":741},{"sys":742},{"id":743,"type":428,"linkType":429},"563fJFSgoLDOwSXSQ9Y0MM",[],{"data":746,"content":747,"nodeType":263},{},[748,751,760],{"data":749,"marks":750,"value":29,"nodeType":248},{},[],{"data":752,"content":756,"nodeType":448},{"target":753},{"sys":754},{"id":755,"type":428,"linkType":429},"19qsIXEG6EN9EK0VRH3pw9",[757],{"data":758,"marks":759,"value":447,"nodeType":248},{},[],{"data":761,"marks":762,"value":29,"nodeType":248},{},[],{"data":764,"content":765,"nodeType":249},{},[766],{"data":767,"marks":768,"value":314,"nodeType":248},{},[],{"data":770,"content":771,"nodeType":263},{},[772,776,781],{"data":773,"marks":774,"value":775,"nodeType":248},{},[],"You can now filter the ",{"data":777,"marks":778,"value":780,"nodeType":248},{},[779],{"type":350},"Events",{"data":782,"marks":783,"value":784,"nodeType":248},{},[]," page in the Push admin console by entities such as employees and apps to make triage more efficient.",{"data":786,"content":787,"nodeType":263},{},[788],{"data":789,"marks":790,"value":791,"nodeType":248},{},[],"With this option, you can do quick searches such as:",{"data":793,"content":794,"nodeType":325},{},[795,805],{"data":796,"content":797,"nodeType":264},{},[798],{"data":799,"content":800,"nodeType":263},{},[801],{"data":802,"marks":803,"value":804,"nodeType":248},{},[],"See all recent events associated with an employee",{"data":806,"content":807,"nodeType":264},{},[808],{"data":809,"content":810,"nodeType":263},{},[811],{"data":812,"marks":813,"value":814,"nodeType":248},{},[],"See all recent logins for a given app",{"data":816,"content":817,"nodeType":263},{},[818,822,826,830,835],{"data":819,"marks":820,"value":821,"nodeType":248},{},[],"From the ",{"data":823,"marks":824,"value":780,"nodeType":248},{},[825],{"type":350},{"data":827,"marks":828,"value":829,"nodeType":248},{},[]," page, go to ",{"data":831,"marks":832,"value":834,"nodeType":248},{},[833],{"type":350},"Filters > Entity type",{"data":836,"marks":837,"value":620,"nodeType":248},{},[],{"data":839,"content":840,"nodeType":249},{},[841],{"data":842,"marks":843,"value":324,"nodeType":248},{},[],{"data":845,"content":846,"nodeType":263},{},[847],{"data":848,"marks":849,"value":850,"nodeType":248},{},[],"Other new features or improvements to the platform include:",{"data":852,"content":853,"nodeType":325},{},[854,892,914,924,946],{"data":855,"content":856,"nodeType":264},{},[857],{"data":858,"content":859,"nodeType":263},{},[860,864,874,878,888],{"data":861,"marks":862,"value":863,"nodeType":248},{},[],"You can now configure exceptions for ",{"data":865,"content":869,"nodeType":448},{"target":866},{"sys":867},{"id":868,"type":428,"linkType":429},"4oOTN6FXPpZg9MLgQUujys",[870],{"data":871,"marks":872,"value":873,"nodeType":248},{},[],"MFA findings",{"data":875,"marks":876,"value":877,"nodeType":248},{},[]," and ",{"data":879,"content":883,"nodeType":448},{"target":880},{"sys":881},{"id":882,"type":428,"linkType":429},"2eOzRGosD2Ghaipao7NY8W",[884],{"data":885,"marks":886,"value":887,"nodeType":248},{},[],"reused password",{"data":889,"marks":890,"value":891,"nodeType":248},{},[]," findings. This is useful if you purposefully reuse passwords between systems or enforce MFA through a third-party provider.",{"data":893,"content":894,"nodeType":264},{},[895],{"data":896,"content":897,"nodeType":263},{},[898,902,911],{"data":899,"marks":900,"value":901,"nodeType":248},{},[],"We’ve added several first-class SIEM integrations. ",{"data":903,"content":907,"nodeType":448},{"target":904},{"sys":905},{"id":906,"type":428,"linkType":429},"2M73i6A90S9MY6Pe8uVjVv",[908],{"data":909,"marks":910,"value":447,"nodeType":248},{},[],{"data":912,"marks":913,"value":620,"nodeType":248},{},[],{"data":915,"content":916,"nodeType":264},{},[917],{"data":918,"content":919,"nodeType":263},{},[920],{"data":921,"marks":922,"value":923,"nodeType":248},{},[],"We’ve expanded the limit for URLs you can block using the URL blocking control to 2,000.",{"data":925,"content":926,"nodeType":264},{},[927],{"data":928,"content":929,"nodeType":263},{},[930,934,943],{"data":931,"marks":932,"value":933,"nodeType":248},{},[],"You can now set a time period after which to automatically un-license inactive employees, to make license management easier. ",{"data":935,"content":939,"nodeType":448},{"target":936},{"sys":937},{"id":938,"type":428,"linkType":429},"6Ad43w7Cjz2L5fZN2klIOn",[940],{"data":941,"marks":942,"value":447,"nodeType":248},{},[],{"data":944,"marks":945,"value":620,"nodeType":248},{},[],{"data":947,"content":948,"nodeType":264},{},[949],{"data":950,"content":951,"nodeType":263},{},[952],{"data":953,"marks":954,"value":955,"nodeType":248},{},[],"Push now supports Prisma Access browser.\n",{"data":957,"content":958,"nodeType":263},{},[959],{"data":960,"marks":961,"value":29,"nodeType":248},{},[],"document",{"entries":964},{"inline":965,"hyperlink":966,"block":1004},[],[967,973,978,983,988,993,999],{"sys":968,"__typename":969,"title":970,"slug":971,"articleId":972},{"id":442},"HelpArticle","Can Push detect and disable other installed browser extensions?","can-push-detect-other-installed-browser-extensions",10138,{"sys":974,"__typename":975,"title":976,"slug":977},{"id":522},"BlogPosts","Introducing malicious copy and paste detection","introducing-malicious-copy-paste-detection",{"sys":979,"__typename":969,"title":980,"slug":981,"articleId":982},{"id":755},"How does Push enrich detections with domain analysis data?","how-does-push-enrich-detections-with-domain-analysis-data",10136,{"sys":984,"__typename":969,"title":985,"slug":986,"articleId":987},{"id":868},"How do I create an exception for MFA findings?","how-do-i-create-an-exception-for-mfa-findings",10140,{"sys":989,"__typename":969,"title":990,"slug":991,"articleId":992},{"id":882},"How do I create an exception for reused password findings?","how-do-i-create-an-exception-for-reused-password-findings",10139,{"sys":994,"__typename":995,"linkedFromParent":62,"title":996,"slug":997,"audience":998},{"id":906},"DocumentationPage","Connect to SIEM or SOAR","connect-to-siem-or-soar","administrators",{"sys":1000,"__typename":969,"title":1001,"slug":1002,"articleId":1003},{"id":938},"Can I automatically remove licenses from inactive employees?","can-i-automatically-remove-licenses-from-inactive-employees",10143,[1005,1013,1020,1027],{"sys":1006,"__typename":1007,"title":1008,"caption":62,"layoutMode":62,"file":1009},{"id":427},"Image","Extension enumeration - KB 10138",{"url":1010,"width":1011,"height":1012},"https://images.ctfassets.net/y1cdw1ablpvd/1dByBmqYgpC9KhPkZoUbGN/0d65ee5ce5abceed6e8538319d83d761/extension_data_table_20251216.png",1480,826,{"sys":1014,"__typename":1007,"title":1015,"caption":62,"layoutMode":62,"file":1016},{"id":510},"Clickfix detection example - KB 10141",{"url":1017,"width":1018,"height":1019},"https://images.ctfassets.net/y1cdw1ablpvd/5oWnKQFQqPdcsh93DCXji0/14d90366c354312349e5a664e2a0821a/clickfix_example_detection_20251009.png",1940,1696,{"sys":1021,"__typename":1007,"title":1022,"caption":62,"layoutMode":62,"file":1023},{"id":641},"My team - Settings - docs - Administering Push",{"url":1024,"width":1025,"height":1026},"https://images.ctfassets.net/y1cdw1ablpvd/6TN6jkKngLWXBSe80jte2k/05a740c839e8eae4989622f4c9c2198b/org_page_settings_20250929.png",1980,1232,{"sys":1028,"__typename":1007,"title":1029,"caption":62,"layoutMode":62,"file":1030},{"id":743},"Detection details slideout w/ timeline etc. - KB 10136",{"url":1031,"width":1032,"height":1033},"https://images.ctfassets.net/y1cdw1ablpvd/6qMAmnkXcJpsp19n7YANTV/b89b76929cc68387121c60ee3c48b0f2/detection_enrichment_example.png",977,758,"json",{"items":1036},[],{},"Push Security new product features for November 2025","2025-11-04T00:00:00.000Z",{"items":1041},[1042,1607],{"__typename":975,"sys":1043,"content":1045,"title":1593,"synopsis":1594,"hashTags":62,"publishedDate":1595,"slug":1596,"tagsCollection":1597,"authorsCollection":1603},{"id":1044},"5QZCp0CTUoF0V7yZ8WnQrr",{"json":1046},{"data":1047,"content":1048,"nodeType":962},{},[1049,1056,1129,1135,1151,1199,1241,1247,1265,1271,1296,1324,1330,1348,1354,1361,1368,1392,1410,1417,1433,1440,1485,1491,1497,1504,1520,1538,1545,1552,1575],{"data":1050,"content":1051,"nodeType":249},{},[1052],{"data":1053,"marks":1054,"value":1055,"nodeType":248},{},[],"What’s new this month:",{"data":1057,"content":1058,"nodeType":325},{},[1059,1069,1079,1089,1099,1109,1119],{"data":1060,"content":1061,"nodeType":264},{},[1062],{"data":1063,"content":1064,"nodeType":263},{},[1065],{"data":1066,"marks":1067,"value":1068,"nodeType":248},{},[],"Attack timeline, screenshots & classifications for Detections",{"data":1070,"content":1071,"nodeType":264},{},[1072],{"data":1073,"content":1074,"nodeType":263},{},[1075],{"data":1076,"marks":1077,"value":1078,"nodeType":248},{},[],"Block cloned login pages",{"data":1080,"content":1081,"nodeType":264},{},[1082],{"data":1083,"content":1084,"nodeType":263},{},[1085],{"data":1086,"marks":1087,"value":1088,"nodeType":248},{},[],"Block URL schema obfuscation",{"data":1090,"content":1091,"nodeType":264},{},[1092],{"data":1093,"content":1094,"nodeType":263},{},[1095],{"data":1096,"marks":1097,"value":1098,"nodeType":248},{},[],"Identify browsers synced to personal profiles",{"data":1100,"content":1101,"nodeType":264},{},[1102],{"data":1103,"content":1104,"nodeType":263},{},[1105],{"data":1106,"marks":1107,"value":1108,"nodeType":248},{},[],"Enhanced dashboard",{"data":1110,"content":1111,"nodeType":264},{},[1112],{"data":1113,"content":1114,"nodeType":263},{},[1115],{"data":1116,"marks":1117,"value":1118,"nodeType":248},{},[],"Configure a custom data retention period",{"data":1120,"content":1121,"nodeType":264},{},[1122],{"data":1123,"content":1124,"nodeType":263},{},[1125],{"data":1126,"marks":1127,"value":1128,"nodeType":248},{},[],"Debug logs for SIEM & webhooks integrations",{"data":1130,"content":1131,"nodeType":249},{},[1132],{"data":1133,"marks":1134,"value":1068,"nodeType":248},{},[],{"data":1136,"content":1137,"nodeType":263},{},[1138,1142,1147],{"data":1139,"marks":1140,"value":1141,"nodeType":248},{},[],"You can now get deeper context and telemetry to investigate attacks that Push intercepts in the browser using these recently released enrichments for Push’s ",{"data":1143,"marks":1144,"value":1146,"nodeType":248},{},[1145],{"type":350},"Detections",{"data":1148,"marks":1149,"value":1150,"nodeType":248},{},[],":",{"data":1152,"content":1153,"nodeType":325},{},[1154,1169,1184],{"data":1155,"content":1156,"nodeType":264},{},[1157],{"data":1158,"content":1159,"nodeType":263},{},[1160,1165],{"data":1161,"marks":1162,"value":1164,"nodeType":248},{},[1163],{"type":350},"Timeline:",{"data":1166,"marks":1167,"value":1168,"nodeType":248},{},[]," An attack timeline of where a phishing link originated, how a user interacted with the page, and how Push responded.",{"data":1170,"content":1171,"nodeType":264},{},[1172],{"data":1173,"content":1174,"nodeType":263},{},[1175,1180],{"data":1176,"marks":1177,"value":1179,"nodeType":248},{},[1178],{"type":350},"Screenshots:",{"data":1181,"marks":1182,"value":1183,"nodeType":248},{},[]," Optional screenshots of the suspicious page, to quickly triage detections.",{"data":1185,"content":1186,"nodeType":264},{},[1187],{"data":1188,"content":1189,"nodeType":263},{},[1190,1195],{"data":1191,"marks":1192,"value":1194,"nodeType":248},{},[1193],{"type":350},"Blast radius:",{"data":1196,"marks":1197,"value":1198,"nodeType":248},{},[]," A view of the impact of this attack and whether other apps are also compromised or at risk as a result.",{"data":1200,"content":1201,"nodeType":263},{},[1202,1206,1211,1215,1220,1224,1229,1233,1238],{"data":1203,"marks":1204,"value":1205,"nodeType":248},{},[],"You can also now classify a detection to record the outcome of your investigation. Options include: ",{"data":1207,"marks":1208,"value":1210,"nodeType":248},{},[1209],{"type":350},"true positive",{"data":1212,"marks":1213,"value":1214,"nodeType":248},{},[],", ",{"data":1216,"marks":1217,"value":1219,"nodeType":248},{},[1218],{"type":350},"benign true positive",{"data":1221,"marks":1222,"value":1223,"nodeType":248},{},[]," (such as a detection triggered by a phishing simulation exercise), and ",{"data":1225,"marks":1226,"value":1228,"nodeType":248},{},[1227],{"type":350},"false positive",{"data":1230,"marks":1231,"value":1232,"nodeType":248},{},[],". The default state is ",{"data":1234,"marks":1235,"value":1237,"nodeType":248},{},[1236],{"type":350},"not classified",{"data":1239,"marks":1240,"value":620,"nodeType":248},{},[],{"data":1242,"content":1246,"nodeType":431},{"target":1243},{"sys":1244},{"id":1245,"type":428,"linkType":429},"2IMRHDY5ShjsquyaW7hB5M",[],{"data":1248,"content":1249,"nodeType":263},{},[1250,1253,1262],{"data":1251,"marks":1252,"value":29,"nodeType":248},{},[],{"data":1254,"content":1258,"nodeType":448},{"target":1255},{"sys":1256},{"id":1257,"type":428,"linkType":429},"6OFdfAsoPUECeRAetWvedp",[1259],{"data":1260,"marks":1261,"value":447,"nodeType":248},{},[],{"data":1263,"marks":1264,"value":29,"nodeType":248},{},[],{"data":1266,"content":1267,"nodeType":249},{},[1268],{"data":1269,"marks":1270,"value":1078,"nodeType":248},{},[],{"data":1272,"content":1273,"nodeType":263},{},[1274,1278,1283,1287,1292],{"data":1275,"marks":1276,"value":1277,"nodeType":248},{},[],"You can now ",{"data":1279,"marks":1280,"value":1282,"nodeType":248},{},[1281],{"type":350},"Warn",{"data":1284,"marks":1285,"value":1286,"nodeType":248},{},[]," or ",{"data":1288,"marks":1289,"value":1291,"nodeType":248},{},[1290],{"type":350},"Block",{"data":1293,"marks":1294,"value":1295,"nodeType":248},{},[]," employees when Push detects that they’re visiting a cloned login page.",{"data":1297,"content":1298,"nodeType":263},{},[1299,1304,1308,1312,1316,1320],{"data":1300,"marks":1301,"value":1303,"nodeType":248},{},[1302],{"type":350},"Cloned login page detection",{"data":1305,"marks":1306,"value":1307,"nodeType":248},{},[],", which you can configure on the ",{"data":1309,"marks":1310,"value":492,"nodeType":248},{},[1311],{"type":350},{"data":1313,"marks":1314,"value":1315,"nodeType":248},{},[]," page of the Push admin console, has become a highly effective and low false-positive control. We recommend that you move to using ",{"data":1317,"marks":1318,"value":1291,"nodeType":248},{},[1319],{"type":350},{"data":1321,"marks":1322,"value":1323,"nodeType":248},{},[]," mode for your organization — if you’re not already!",{"data":1325,"content":1329,"nodeType":431},{"target":1326},{"sys":1327},{"id":1328,"type":428,"linkType":429},"4auXExHqaYtu44zTFGh47s",[],{"data":1331,"content":1332,"nodeType":263},{},[1333,1336,1345],{"data":1334,"marks":1335,"value":29,"nodeType":248},{},[],{"data":1337,"content":1341,"nodeType":448},{"target":1338},{"sys":1339},{"id":1340,"type":428,"linkType":429},"jN3GN5ddMJZiDtl0fgUVd",[1342],{"data":1343,"marks":1344,"value":447,"nodeType":248},{},[],{"data":1346,"marks":1347,"value":29,"nodeType":248},{},[],{"data":1349,"content":1350,"nodeType":249},{},[1351],{"data":1352,"marks":1353,"value":1098,"nodeType":248},{},[],{"data":1355,"content":1356,"nodeType":263},{},[1357],{"data":1358,"marks":1359,"value":1360,"nodeType":248},{},[],"The Push browser extension can now identify the email address that’s used to log in to a browser, as well as whether browser sync is enabled.",{"data":1362,"content":1363,"nodeType":263},{},[1364],{"data":1365,"marks":1366,"value":1367,"nodeType":248},{},[],"Using this data, you can see whether any employees are signed in to work browsers with non-company identities and syncing their browsers, which can result in work credentials being synced to personal profiles. ",{"data":1369,"content":1370,"nodeType":263},{},[1371,1375,1380,1384,1388],{"data":1372,"marks":1373,"value":1374,"nodeType":248},{},[],"To find this data, go to the Push admin console and view the ",{"data":1376,"marks":1377,"value":1379,"nodeType":248},{},[1378],{"type":350},"Browsers",{"data":1381,"marks":1382,"value":1383,"nodeType":248},{},[]," page under ",{"data":1385,"marks":1386,"value":385,"nodeType":248},{},[1387],{"type":350},{"data":1389,"marks":1390,"value":1391,"nodeType":248},{},[]," in the left toolbar.",{"data":1393,"content":1394,"nodeType":263},{},[1395,1398,1407],{"data":1396,"marks":1397,"value":29,"nodeType":248},{},[],{"data":1399,"content":1403,"nodeType":448},{"target":1400},{"sys":1401},{"id":1402,"type":428,"linkType":429},"2IS6Dbz1fnJZrDfrMSTFQd",[1404],{"data":1405,"marks":1406,"value":447,"nodeType":248},{},[],{"data":1408,"marks":1409,"value":29,"nodeType":248},{},[],{"data":1411,"content":1412,"nodeType":249},{},[1413],{"data":1414,"marks":1415,"value":1416,"nodeType":248},{},[],"Enhanced dashboard for easier monitoring",{"data":1418,"content":1419,"nodeType":263},{},[1420,1424,1429],{"data":1421,"marks":1422,"value":1423,"nodeType":248},{},[],"We’ve improved the data and design of the Push admin console ",{"data":1425,"marks":1426,"value":1428,"nodeType":248},{},[1427],{"type":350},"Dashboard",{"data":1430,"marks":1431,"value":1432,"nodeType":248},{},[]," so you can keep track of the important developments in your environment.",{"data":1434,"content":1435,"nodeType":263},{},[1436],{"data":1437,"marks":1438,"value":1439,"nodeType":248},{},[],"A few of the changes:",{"data":1441,"content":1442,"nodeType":325},{},[1443,1461,1475],{"data":1444,"content":1445,"nodeType":264},{},[1446],{"data":1447,"content":1448,"nodeType":263},{},[1449,1453,1457],{"data":1450,"marks":1451,"value":1452,"nodeType":248},{},[],"A snapshot of recent ",{"data":1454,"marks":1455,"value":1146,"nodeType":248},{},[1456],{"type":350},{"data":1458,"marks":1459,"value":1460,"nodeType":248},{},[]," activity",{"data":1462,"content":1463,"nodeType":264},{},[1464],{"data":1465,"content":1466,"nodeType":263},{},[1467,1471],{"data":1468,"marks":1469,"value":1470,"nodeType":248},{},[],"An overview of all events on the platform, including activity related to ",{"data":1472,"marks":1473,"value":492,"nodeType":248},{},[1474],{"type":350},{"data":1476,"content":1477,"nodeType":264},{},[1478],{"data":1479,"content":1480,"nodeType":263},{},[1481],{"data":1482,"marks":1483,"value":1484,"nodeType":248},{},[],"Performance improvements so the page load is fast for even very large deployments",{"data":1486,"content":1490,"nodeType":431},{"target":1487},{"sys":1488},{"id":1489,"type":428,"linkType":429},"4kqqwOPsN7VhLeQdrV15bH",[],{"data":1492,"content":1493,"nodeType":249},{},[1494],{"data":1495,"marks":1496,"value":1118,"nodeType":248},{},[],{"data":1498,"content":1499,"nodeType":263},{},[1500],{"data":1501,"marks":1502,"value":1503,"nodeType":248},{},[],"You can now configure how long activity data will be retained in Push by configuring a data retention period. ",{"data":1505,"content":1506,"nodeType":263},{},[1507,1511,1516],{"data":1508,"marks":1509,"value":1510,"nodeType":248},{},[],"From the admin console, go to ",{"data":1512,"marks":1513,"value":1515,"nodeType":248},{},[1514],{"type":350},"Settings > Organization > Data retention",{"data":1517,"marks":1518,"value":1519,"nodeType":248},{},[]," and select the data retention period in years.",{"data":1521,"content":1522,"nodeType":263},{},[1523,1526,1535],{"data":1524,"marks":1525,"value":29,"nodeType":248},{},[],{"data":1527,"content":1531,"nodeType":448},{"target":1528},{"sys":1529},{"id":1530,"type":428,"linkType":429},"4esJSEUrMN2hpbghIkXjDG",[1532],{"data":1533,"marks":1534,"value":447,"nodeType":248},{},[],{"data":1536,"marks":1537,"value":29,"nodeType":248},{},[],{"data":1539,"content":1540,"nodeType":249},{},[1541],{"data":1542,"marks":1543,"value":1544,"nodeType":248},{},[],"Easier debugging for webhook or integration error messages",{"data":1546,"content":1547,"nodeType":263},{},[1548],{"data":1549,"marks":1550,"value":1551,"nodeType":248},{},[],"We’ve added a debug log to make it easier to see what’s not working when you receive an error related to your Push webhooks or SIEM integrations.",{"data":1553,"content":1554,"nodeType":263},{},[1555,1559,1564,1567,1572],{"data":1556,"marks":1557,"value":1558,"nodeType":248},{},[],"You can access the debug log by opening the details slideout in the Push admin console for the webhook or integration you’ve created. Go to ",{"data":1560,"marks":1561,"value":1563,"nodeType":248},{},[1562],{"type":350},"Settings > Webhooks",{"data":1565,"marks":1566,"value":1286,"nodeType":248},{},[],{"data":1568,"marks":1569,"value":1571,"nodeType":248},{},[1570],{"type":350},"Settings > Integrations",{"data":1573,"marks":1574,"value":620,"nodeType":248},{},[],{"data":1576,"content":1577,"nodeType":263},{},[1578,1581,1590],{"data":1579,"marks":1580,"value":29,"nodeType":248},{},[],{"data":1582,"content":1586,"nodeType":448},{"target":1583},{"sys":1584},{"id":1585,"type":428,"linkType":429},"2naceBODKDL3iw72wrce6E",[1587],{"data":1588,"marks":1589,"value":447,"nodeType":248},{},[],{"data":1591,"marks":1592,"value":29,"nodeType":248},{},[],"Product release: September 2025","Here’s what’s new on the Push platform for September 2025.","2025-09-08T00:00:00.000Z","product-release-september-2025",{"items":1598},[1599],{"sys":1600,"name":1602},{"id":1601},"5jk0kqjSdSK2L0YiistQjY","Release notes",{"items":1604},[1605],{"fullName":232,"firstName":233,"jobTitle":234,"profilePicture":1606},{"url":236},{"__typename":975,"sys":1608,"content":1610,"title":2086,"synopsis":2087,"hashTags":62,"publishedDate":2088,"slug":2089,"tagsCollection":2090,"authorsCollection":2094},{"id":1609},"20xOvhmIKW7E0e1g5q7D2h",{"json":1611},{"data":1612,"content":1613,"nodeType":962},{},[1614,1620,1693,1699,1715,1722,1728,1746,1752,1768,1775,1782,1807,1813,1819,1835,1842,1848,1866,1872,1888,1895,1902,1908,1926,1932,1947,1954,1960,1977,1983,2015,2031,2037,2053,2059,2074,2080],{"data":1615,"content":1616,"nodeType":249},{},[1617],{"data":1618,"marks":1619,"value":247,"nodeType":248},{},[],{"data":1621,"content":1622,"nodeType":325},{},[1623,1633,1643,1653,1663,1673,1683],{"data":1624,"content":1625,"nodeType":264},{},[1626],{"data":1627,"content":1628,"nodeType":263},{},[1629],{"data":1630,"marks":1631,"value":1632,"nodeType":248},{},[],"Streamline investigations with Detections page",{"data":1634,"content":1635,"nodeType":264},{},[1636],{"data":1637,"content":1638,"nodeType":263},{},[1639],{"data":1640,"marks":1641,"value":1642,"nodeType":248},{},[],"New Labs feature: Employee verification codes",{"data":1644,"content":1645,"nodeType":264},{},[1646],{"data":1647,"content":1648,"nodeType":263},{},[1649],{"data":1650,"marks":1651,"value":1652,"nodeType":248},{},[],"Enforce strong passwords with in-browser guardrails",{"data":1654,"content":1655,"nodeType":264},{},[1656],{"data":1657,"content":1658,"nodeType":263},{},[1659],{"data":1660,"marks":1661,"value":1662,"nodeType":248},{},[],"Merge related employee records",{"data":1664,"content":1665,"nodeType":264},{},[1666],{"data":1667,"content":1668,"nodeType":263},{},[1669],{"data":1670,"marks":1671,"value":1672,"nodeType":248},{},[],"Customize your webhook events",{"data":1674,"content":1675,"nodeType":264},{},[1676],{"data":1677,"content":1678,"nodeType":263},{},[1679],{"data":1680,"marks":1681,"value":1682,"nodeType":248},{},[],"Create rules for phishing tool detection and MFA enforcement",{"data":1684,"content":1685,"nodeType":264},{},[1686],{"data":1687,"content":1688,"nodeType":263},{},[1689],{"data":1690,"marks":1691,"value":1692,"nodeType":248},{},[],"New integration for Microsoft Sentinel",{"data":1694,"content":1695,"nodeType":249},{},[1696],{"data":1697,"marks":1698,"value":1632,"nodeType":248},{},[],{"data":1700,"content":1701,"nodeType":263},{},[1702,1706,1711],{"data":1703,"marks":1704,"value":1705,"nodeType":248},{},[],"You can now receive and triage detections in the Push admin console (or get them via the Push REST API, webhooks or ChatOps), giving you a ",{"data":1707,"marks":1708,"value":1710,"nodeType":248},{},[1709],{"type":350},"single view of all the security events that Push has detected",{"data":1712,"marks":1713,"value":1714,"nodeType":248},{},[],", such as AiTM phishing, stolen creds, or blocked URLs being visited by employees.",{"data":1716,"content":1717,"nodeType":263},{},[1718],{"data":1719,"marks":1720,"value":1721,"nodeType":248},{},[]," Use the additional telemetry about each detection, such as timestamp, detection URL, type of phishkit detected, Push response action, etc., to understand how to triage the incident. ",{"data":1723,"content":1727,"nodeType":431},{"target":1724},{"sys":1725},{"id":1726,"type":428,"linkType":429},"53BOccCQ72Yo3oCSUWVFXn",[],{"data":1729,"content":1730,"nodeType":263},{},[1731,1734,1743],{"data":1732,"marks":1733,"value":29,"nodeType":248},{},[],{"data":1735,"content":1739,"nodeType":448},{"target":1736},{"sys":1737},{"id":1738,"type":428,"linkType":429},"6jbLw9Wi2JuddCXL6ncrCV",[1740],{"data":1741,"marks":1742,"value":447,"nodeType":248},{},[],{"data":1744,"marks":1745,"value":29,"nodeType":248},{},[],{"data":1747,"content":1748,"nodeType":249},{},[1749],{"data":1750,"marks":1751,"value":1642,"nodeType":248},{},[],{"data":1753,"content":1754,"nodeType":263},{},[1755,1759,1764],{"data":1756,"marks":1757,"value":1758,"nodeType":248},{},[],"Employees can now get a 6-digit verification code via the Push browser extension that you can use to ",{"data":1760,"marks":1761,"value":1763,"nodeType":248},{},[1762],{"type":350},"validate that your help desk is speaking to someone from your organization",{"data":1765,"marks":1766,"value":1767,"nodeType":248},{},[],".  ",{"data":1769,"content":1770,"nodeType":263},{},[1771],{"data":1772,"marks":1773,"value":1774,"nodeType":248},{},[],"The verification code is the same for all employees at a given organization, and resets every 24 hours. If your help desk needs to verify that they’re speaking to an employee, they can ask them to open the details tray for their Push extension and verify the code.",{"data":1776,"content":1777,"nodeType":263},{},[1778],{"data":1779,"marks":1780,"value":1781,"nodeType":248},{},[],"Employee verification codes is a Labs feature, which means it’s available on an early-access basis and we're particularly interested in hearing from you if this is a problem you're interested in solving using Push. ",{"data":1783,"content":1784,"nodeType":263},{},[1785,1789,1794,1798,1803],{"data":1786,"marks":1787,"value":1788,"nodeType":248},{},[],"You can enable Labs features by going to the ",{"data":1790,"marks":1791,"value":1793,"nodeType":248},{},[1792],{"type":350},"Settings",{"data":1795,"marks":1796,"value":1797,"nodeType":248},{},[]," page of the Push admin console and choosing the ",{"data":1799,"marks":1800,"value":1802,"nodeType":248},{},[1801],{"type":350},"Labs",{"data":1804,"marks":1805,"value":1806,"nodeType":248},{},[]," tab.",{"data":1808,"content":1812,"nodeType":431},{"target":1809},{"sys":1810},{"id":1811,"type":428,"linkType":429},"19Baqh5QwbonzsR0EcaDS8",[],{"data":1814,"content":1815,"nodeType":249},{},[1816],{"data":1817,"marks":1818,"value":1652,"nodeType":248},{},[],{"data":1820,"content":1821,"nodeType":263},{},[1822,1826,1831],{"data":1823,"marks":1824,"value":1825,"nodeType":248},{},[],"Prompt your employees to change an insecure password using Push’s new in-browser guardrail, ",{"data":1827,"marks":1828,"value":1830,"nodeType":248},{},[1829],{"type":350},"Strong password enforcement",{"data":1832,"marks":1833,"value":1834,"nodeType":248},{},[],". ",{"data":1836,"content":1837,"nodeType":263},{},[1838],{"data":1839,"marks":1840,"value":1841,"nodeType":248},{},[],"You can select which password security issues you want to remediate, and which apps you want to target using the configuration rules for this control. Then, when Push observes a password issue, it will automatically display a banner to end-users prompting them to change their password.",{"data":1843,"content":1847,"nodeType":431},{"target":1844},{"sys":1845},{"id":1846,"type":428,"linkType":429},"6ZcsdzYPxLAE1K170mQPHE",[],{"data":1849,"content":1850,"nodeType":263},{},[1851,1854,1863],{"data":1852,"marks":1853,"value":29,"nodeType":248},{},[],{"data":1855,"content":1859,"nodeType":448},{"target":1856},{"sys":1857},{"id":1858,"type":428,"linkType":429},"2dAP36chda6ZDGKzw0Itfs",[1860],{"data":1861,"marks":1862,"value":447,"nodeType":248},{},[],{"data":1864,"marks":1865,"value":29,"nodeType":248},{},[],{"data":1867,"content":1868,"nodeType":249},{},[1869],{"data":1870,"marks":1871,"value":1662,"nodeType":248},{},[],{"data":1873,"content":1874,"nodeType":263},{},[1875,1879,1884],{"data":1876,"marks":1877,"value":1878,"nodeType":248},{},[],"If you have employees using multiple email addresses, you can ",{"data":1880,"marks":1881,"value":1883,"nodeType":248},{},[1882],{"type":350},"now merge those records in the Push platform",{"data":1885,"marks":1886,"value":1887,"nodeType":248},{},[]," so they can be treated as a single employee. ",{"data":1889,"content":1890,"nodeType":263},{},[1891],{"data":1892,"marks":1893,"value":1894,"nodeType":248},{},[],"A common use case for merging employee records is when you have employees with a user account and an administrator account. By merging records in cases like this, you can resolve incorrect shared account findings and correct your license usage so only the primary employee record consumes a license. ",{"data":1896,"content":1897,"nodeType":263},{},[1898],{"data":1899,"marks":1900,"value":1901,"nodeType":248},{},[],"You can also merge records programmatically via the Push REST API. This is helpful if you have a predictable pattern for usernames you're mapping.",{"data":1903,"content":1907,"nodeType":431},{"target":1904},{"sys":1905},{"id":1906,"type":428,"linkType":429},"3xcEqhSUZ1VmZTsgSOS4xH",[],{"data":1909,"content":1910,"nodeType":263},{},[1911,1914,1923],{"data":1912,"marks":1913,"value":29,"nodeType":248},{},[],{"data":1915,"content":1919,"nodeType":448},{"target":1916},{"sys":1917},{"id":1918,"type":428,"linkType":429},"3RIMjhmhJcHC2V7Lkrhvj2",[1920],{"data":1921,"marks":1922,"value":447,"nodeType":248},{},[],{"data":1924,"marks":1925,"value":29,"nodeType":248},{},[],{"data":1927,"content":1928,"nodeType":249},{},[1929],{"data":1930,"marks":1931,"value":1672,"nodeType":248},{},[],{"data":1933,"content":1934,"nodeType":263},{},[1935,1938,1943],{"data":1936,"marks":1937,"value":1277,"nodeType":248},{},[],{"data":1939,"marks":1940,"value":1942,"nodeType":248},{},[1941],{"type":350},"select which events you want when creating a webhook",{"data":1944,"marks":1945,"value":1946,"nodeType":248},{},[]," in the Push platform. For example, if you want to build an automation around specific Push events or send only Push detection alerts to your SIEM, you can elect to send just those events to your configured destinations. ",{"data":1948,"content":1949,"nodeType":263},{},[1950],{"data":1951,"marks":1952,"value":1953,"nodeType":248},{},[],"You can select which events you want to consume when configuring a new webhook via the Push admin console.",{"data":1955,"content":1959,"nodeType":431},{"target":1956},{"sys":1957},{"id":1958,"type":428,"linkType":429},"755nABuK9KGdHHwWNqDtmS",[],{"data":1961,"content":1962,"nodeType":263},{},[1963,1966,1974],{"data":1964,"marks":1965,"value":29,"nodeType":248},{},[],{"data":1967,"content":1969,"nodeType":1973},{"uri":1968},"https://pushsecurity.redoc.ly/webhooks-v1",[1970],{"data":1971,"marks":1972,"value":447,"nodeType":248},{},[],"hyperlink",{"data":1975,"marks":1976,"value":29,"nodeType":248},{},[],{"data":1978,"content":1979,"nodeType":249},{},[1980],{"data":1981,"marks":1982,"value":1682,"nodeType":248},{},[],{"data":1984,"content":1985,"nodeType":263},{},[1986,1990,1995,1999,2004,2007,2012],{"data":1987,"marks":1988,"value":1989,"nodeType":248},{},[],"We’re continuing to ",{"data":1991,"marks":1992,"value":1994,"nodeType":248},{},[1993],{"type":350},"add configuration rule capabilities to security controls",{"data":1996,"marks":1997,"value":1998,"nodeType":248},{},[]," in the Push platform, including for ",{"data":2000,"marks":2001,"value":2003,"nodeType":248},{},[2002],{"type":350},"phishing tool detection",{"data":2005,"marks":2006,"value":877,"nodeType":248},{},[],{"data":2008,"marks":2009,"value":2011,"nodeType":248},{},[2010],{"type":350},"MFA enforcement",{"data":2013,"marks":2014,"value":1834,"nodeType":248},{},[],{"data":2016,"content":2017,"nodeType":263},{},[2018,2022,2027],{"data":2019,"marks":2020,"value":2021,"nodeType":248},{},[],"With these config rules, you can scope a control to specific employees or employee groups, and carve out exemptions if you like. You can also set the control to apply to specific apps, or set the ",{"data":2023,"marks":2024,"value":2026,"nodeType":248},{},[2025],{"type":350},"Mode",{"data":2028,"marks":2029,"value":2030,"nodeType":248},{},[]," (e.g. Monitor, Warn, or Block), where applicable.",{"data":2032,"content":2036,"nodeType":431},{"target":2033},{"sys":2034},{"id":2035,"type":428,"linkType":429},"2eKYcSet4tkd6UEffzdaaa",[],{"data":2038,"content":2039,"nodeType":263},{},[2040,2043,2050],{"data":2041,"marks":2042,"value":29,"nodeType":248},{},[],{"data":2044,"content":2046,"nodeType":1973},{"uri":2045},"/help/10121/#how-to-create-a-configuration-rule",[2047],{"data":2048,"marks":2049,"value":447,"nodeType":248},{},[],{"data":2051,"marks":2052,"value":29,"nodeType":248},{},[],{"data":2054,"content":2055,"nodeType":249},{},[2056],{"data":2057,"marks":2058,"value":1692,"nodeType":248},{},[],{"data":2060,"content":2061,"nodeType":263},{},[2062,2066,2070],{"data":2063,"marks":2064,"value":2065,"nodeType":248},{},[],"Push now offers a Microsoft Sentinel integration to make it easier to send Push data to your Sentinel SIEM. You can start setting up your integration by going to ",{"data":2067,"marks":2068,"value":1571,"nodeType":248},{},[2069],{"type":350},{"data":2071,"marks":2072,"value":2073,"nodeType":248},{},[]," in the Push admin console and selecting the Sentinel tile.",{"data":2075,"content":2079,"nodeType":431},{"target":2076},{"sys":2077},{"id":2078,"type":428,"linkType":429},"5l5TIPvbOoNgauV7gUj7fy",[],{"data":2081,"content":2082,"nodeType":263},{},[2083],{"data":2084,"marks":2085,"value":29,"nodeType":248},{},[],"Product release: June 2025","Here’s what’s new on the Push platform for June 2025.","2025-06-09T00:00:00.000Z","product-release-june-2025",{"items":2091},[2092],{"sys":2093,"name":1602},{"id":1601},{"items":2095},[2096],{"fullName":232,"firstName":233,"jobTitle":234,"profilePicture":2097},{"url":236},"product-release-november-2025","blog/product-release-november-2025",{"json":2101},{"data":2102,"content":2103,"nodeType":962},{},[2104],{"data":2105,"content":2106,"nodeType":263},{},[2107],{"data":2108,"marks":2109,"value":2110,"nodeType":248},{},[],"Browser extension visibility, ClickFix detection, RBAC and more.","Here’s what’s new on the Push platform for November 2025.",{"id":2113,"publishedAt":2114},"3ygDMHnTN58Lyb3W3k969w","2025-11-07T21:07:26.267Z",{"items":2116},[2117],{"sys":2118,"name":1602},{"id":1601},"e-sAvoUlYJQKt4p2tevZpw6DjHZwLNeNpONL0aYAPj0",1784196726148]