Wrangling Risk: Chrome Browser Security Management with скачать в хорошем качестве

Wrangling Risk: Chrome Browser Security Management with

80% of enterprise data accessed via browser with 50% of Chrome extensions accessing corporate data—Jamf's internal security team evolved from firefighting extension risks to architecting fireproof housing combining Chrome Enterprise Core enrollment via Jamf Pro, Google Security Operations (SecOps) SIEM ingestion, and Jamf Protect telemetry for continuous monitoring. Emily Kausalik (Manager Client Platform Engineering, Jamf) and Matt Armstrong (Senior Manager InfoSec, Jamf) demonstrate treating Chrome as managed micro-platform requiring automatic enrollment like Macs into Jamf Pro, enriching extension risk data with device telemetry for complete security posture visibility. What You'll Learn: ► Browser as platform paradigm: Chrome micro-platform on managed endpoints with extensions as installable apps requiring separate management layer ► Enterprise browser statistics: 80% enterprise data accessed via browser, 50% extensions accessing corporate data, 700,000 daily events at Jamf ► Threat actor techniques: baiting (SEO posing as legitimate extensions), masquerading (useful services hiding malware C2), supply chain compromises ► Redirection campaign 2024: 18 extensions compromised, 2.5-16.3 million devices infected across multiple browser stores ► Chrome Enterprise Core enrollment: organizational unit token generation, Jamf Pro configuration profile deployment, automatic browser enrollment ► Admin Console risk scoring: CRXcavator, LayerX, Spin.AI third-party assessments, 15% unique high-risk extensions, 1% high-risk install base ► Google SecOps multi-source ingestion: Google Workspace integration, Jamf Pro generic feed parser, Jamf Protect dual endpoints (telemetry v2, alerts) ► Webhook configuration: endpoint URL, header authentication (GCP API key, SecOps secret key), JSON content type, computer inventory completed trigger ► Jamf Protect action setup: two data endpoints with separate GCP keys/secrets, telemetry versus alerts checkboxes, test plan scoping to single device ► #SOAR playbook automation: Jamf marketplace integration, API client configuration, node-based automated response workflows correlating extension risk with device actions #browsersecurity #ChromeEnterprise #GoogleSecOps #JamfPro #JamfProtect #extensionrisk #SIEM #SOAR #threatdetection #continuousmonitoring #CRXcavator #MITERattack #securityoperations #ChromeEnterpriseCore #extensionmanagement 0:00 Introduction: Chrome Browser Security and Management Collaboration 2:10 Audience Poll: Chrome Usage, Browser Management, Chrome Enterprise Core Enrollment 3:20 Why Browser Security Matters: 80% Enterprise Data Access, Third-Party Breach Statistics 4:09 Browser as Platform: Chrome Micro-Ecosystem with Extensions as Applications 5:02 Enterprise Statistics: 80% Data Access, 50% Extensions Accessing Corporate Data, Verizon DBIR Insights 6:25 Threat Actor Techniques: Baiting, Masquerading, Supply Chain, Vulnerability Exploitation 7:26 Redirection Campaign 2024: 18 Extensions, 2.5-16.3 Million Devices Compromised 8:57 Three-Step Security Approach: Visibility, Management, Security 11:37 Chrome Enterprise Core Enrollment: Token Generation, Jamf Pro Configuration Profile Deployment 14:59 Admin Console Risk Scoring: Third-Party Assessments, Usage Reports, Immediate Extension Blocking 17:00 Discovery Work: 15% Unique High-Risk Extensions, 1% Install Base, Minimal-Impact Remediation 20:06 Google SecOps Integration: Google Workspace, Jamf Pro Device Data, Jamf Protect Telemetry 24:00 Jamf Pro Webhook Configuration: Endpoint URL, Header Authentication, Computer Inventory Completed 30:46 Jamf Protect Action Setup: Dual Endpoints for Telemetry v2 and Alerts 34:41 Dashboard Examples: OS Version Adoption, macOS Tahoe Rollout Trends 39:01 Jamf Protect Query Examples: Jamf Connect Admin Elevation, External Disk Mount Events 44:22 SOAR Playbook Automation: Jamf Marketplace Integration, Node-Based Response Workflows Who This Video Is For: Enterprise security teams managing Chrome browser security across Mac/Windows fleets, Jamf Pro administrators enrolling browsers into Chrome Enterprise Core for centralized management, InfoSec analysts building continuous monitoring with Google Security Operations SIEM, IT security architects correlating browser extension risk with device telemetry, organizations using Chrome as primary browser seeking extension governance, Key Technologies Covered: Chrome Enterprise Core, Google Security Operations (SecOps), Jamf Pro webhook ingestion, Jamf Protect telemetry v2 and alerts, Chrome extension risk scoring (CRXcavator, LayerX, Spin.AI), GCP API keys, SOAR playbooks, Jamf marketplace integration, MITER ATT&CK framework mapping, curated dashboards Related Topics: Browser security management, Chrome extension governance, SIEM integration strategies, continuous security monitoring, vulnerability exploitation mitigation, shadow IT discovery, extension risk assessment, automated security response, threat intelligence correlation