Google adds new risk assessment tool for Chrome extensions

Google has made available a new tool for Google Workspace admins and security teams to make an assessment of the risk different Chrome extensions may present to their users: Spin.AI App Risk Assessment.

The tool is available through the Chrome Browser Cloud Management console and provides admins with valuable insights into potential security threats.

The Spin.AI App Risk Assessment tool for Chrome extensions

The tool allows administrators to:

  • View app and extension usage details
  • Configure extension-related policies
  • Create approval workflows (for reviewing extensions requested by users)

As the previously available CRXcavator tool, Spin.AI Risk Assessment provides a risk assessment score for each extension.

Admins can click on it and view detailed information about the application, the permissions it requires to function, and the risk it may present to the company’s business operation, security, and compliance requirements.

risk assessment Chrome extensions

Spin.AI App Risk Assessment (Source: Google)

There are over 250,000 extensions available on the Chrome Web Store; with this information at hand, administrators can make informed decisions about the security risks of browser extensions and take appropriate actions to mitigate those risks.

Other security enhancements

In addition to the Spin.AI App Risk Assessment tool, Google released several other features to enhance information and browser security in enterprise settings.

The company has added new data loss prevention (DLP) features allowing admins to:

  • Customize their DLP rules based on the security posture of the device used
  • Filter URLs and restrict access to websites and services (e.g., popular file sharing websites)
  • Stop users from printing files that contain confidential data.

Finally, Google has also added new event notifications that alert IT and security teams when an extension is installed and when a browser crashes on a device (for further investigation).

Don't miss