Nudge Security Unveils AI Agents to Mitigate Escalating Risks from Hidden OAuth Grants and Browser Extensions

Nudge Security today announced new agentic capabilities to help security and IT teams find and remediate malicious and high-risk OAuth grants and browser extensions, two of the fastest-growing and hardest to manage attack surfaces in the enterprise.

The new agents continuously analyze OAuth grants and browser extensions discovered by Nudge Security, flag what’s risky, and automate remediation with human-in-the-loop decisions. The new agents join Nudge Security’s Vendor Risk Analyst agent, which automatically builds vendor security profiles for newly discovered AI and SaaS apps, cutting manual security review time by up to 90%.

Closing the gap between discovery and action

Modern enterprises have more apps, more extensions, and more third-party connections than traditional security programs can manually assess. As the breaches of Klue and Salesloft Drift illustrated, OAuth grants can provide broad, persistent access to sensitive data, which attackers are increasingly exploiting. Browser extensions can introduce supply chain risk directly into employees’ daily workflows. Shadow AI and SaaS sprawl mean new vendors and new exposures can appear faster than any ticket queue can keep up with.

Nudge Security’s agentic capabilities address sources of risk that have long outpaced manual human review:

  • OAuth Grant Risk Analyst analyzes OAuth grants, flags anomalies, and recommends specific revocations based on the organization’s security policies.
  • Browser Extension Risk Analyst surfaces risky and malicious third-party browser extensions installed on employee devices and helps prioritize remediation.
  • Vendor Risk Analyst (existing) automatically generates and maintains SaaS and AI vendor security profiles for every AI and SaaS app, including compliance attestations, security posture indicators and AI data privacy policy insights.

Built for defenders across the surfaces others still miss

Nudge Security uniquely combines multiple discovery signals across the browser, inbox, identity provider, and connected apps to provide the most complete and timely view of AI, SaaS, OAuth, and browser extension risk. This broader context helps the agents make higher-confidence recommendations and deliver targeted, policy-driven remediation guidance that reduces noise and increases throughput for overburdened IT and security teams.

Availability

Nudge Security’s new agentic capabilities are currently available to select customers.

Leave a Reply

Discover more from The IT Nerd

Subscribe now to keep reading and get access to the full archive.

Continue reading