Browser extensions have become integral to the daily operations of most users, from enhancing productivity with spell checkers to providing advanced GenAI tools. However, as more employees rely on these extensions, a growing threat to organizational security emerges—excessive extension permissions. LayerX has released the Enterprise Browser Extension Security Report 2025, the first comprehensive analysis combining public marketplace data with real-world enterprise usage telemetry. This report highlights browser extensions as an underestimated security vulnerability in modern enterprise cybersecurity.
Key Findings from the LayerX Enterprise Browser Extension Security Report 2025
- Browser Extensions are Everywhere
Nearly every employee in an enterprise environment (99%) has browser extensions installed, with 52% using more than 10.
Security Insight: Virtually all employees are at risk due to browser extensions. - Most Extensions Have Access to Sensitive Data
More than half (53%) of the extensions used by enterprise users can access critical data such as cookies, passwords, browsing history, and page content.
Security Insight: A compromise at the employee level could lead to widespread organizational vulnerabilities. - Unknown Extension Publishers Pose a Threat
Over 54% of extension publishers remain unverified, and 79% only offer one extension.
Security Insight: Identifying trustworthy publishers is a challenge for IT teams. - The Growing Threat of GenAI Extensions
Over 20% of employees use at least one GenAI extension, and 58% of these extensions have risky permission scopes.
Security Insight: Enterprises should establish clear guidelines for the use of GenAI extensions to minimize security risks. - Unmaintained and Unverified Extensions
Half (51%) of extensions haven’t been updated in over a year, and 26% of enterprise extensions are sideloaded, bypassing official vetting processes.
Security Insight: Extensions can be vulnerable to exploitation, even if they aren’t intentionally malicious.
5 Key Recommendations for IT and Security Teams
The report not only provides data but also actionable recommendations for mitigating browser extension risks:
- Conduct Extension Audits
The first step in securing against malicious browser extensions is to audit the extensions in use by employees. This helps to understand the full threat landscape. - Categorize Extensions
Certain extension types, like GenAI tools, can be especially vulnerable due to their popularity and granted permissions. Categorizing extensions helps assess risk. - Enumerate Permissions
Create a comprehensive list of the data and permissions that each extension can access. This will assist in mapping out potential attack surfaces and refining policies. - Assess Extension Risks
Evaluate the risk of each extension based on its permissions and the data it can access. Combine this with external factors such as the publisher’s reputation and installation method for a complete risk profile. - Implement Adaptive, Risk-Based Enforcement
Use your findings to apply tailored, risk-based enforcement policies that match your organization’s needs and security posture.
Why Browser Extensions Matter for Security
While browser extensions are crucial for productivity, they present significant risks that many organizations overlook. LayerX’s 2025 Enterprise Browser Extension Security Report provides data-driven insights to help CISOs and security teams address this often ignored threat and create secure browser environments for their organizations.
