Patent attributes
Presented herein are techniques for automatically generating information about risks associated with browser extensions used by browsers in an enterprise network for purposes of determining whether to whitelist a browser extension in response to a request from a user. A request to install a browser extension is obtained from a user device of a plurality of user devices associated with an organization, wherein the request comprises an extension identifier for the browser extension. A risk score is generated for the browser extension based on risk values for each of one or more permissions requested by the browser extension. The risk score is compared to a threshold value to determine whether the browser extension satisfies risk standards of the organization, and if so, the browser extension is automatically added to a whitelist of permitted extensions for future installation on the plurality of user devices.
