2026年企业浏览器扩展安全报告

Enterprise BrowserExtension Security Real-world data on extension usage in enterpriseenvironments and the rising risk of AI browser extensions Introduction Browser extensions are everywhere. Even within enterprise environments, extensionusage is ubiquitous across organizations of every size. Moreover, the explosion in AIusage in enterprises has led to the emergence of a new class of AI extensions, some The problem, however, is that most enterprises have no idea who’s using extensions intheir environment, what extensions they have, or what capabilities these extensions can This research fills this gap:it provides hard data onbrowser extensions in the enterprise, based on real-lifetelemetry collected from LayerX’s customer base. In particular,this research focuses specifically on AI extensions to help What Makes LayerX’s Data Unique LayerX’s data set is unique because of where we collect our data and who we collect itfrom. LayerX is deployed on over 1 million devices in enterprise environments, meaningthat LayerX has unparalleled visibility to user activity and behavior. This allows us togain comprehensive insights into the usage of browser extensions and AI extensions. Executive Summary Even Though Extensions Usage Flies Under theRadar, Nearly Every Employee Uses Them, Creating #1 99% of enterprise users run at least one extension, withmore than one-in-four enterprise users having even 10+installed extensions. This means that the extension AI Extensions Have Become The AI Consumption Channel #2 AI extensions are rapidly emerging as a primary way employeesinteract with AI tools. Adoption is already widespread, with 1-in-6 enterprise users already using at least one AI extension. Theseextensions create a new and largely ungoverned channel for AI AI Extensions Are Disproportionately More #3 AI extensions are now among the fastest-growing categories, with 17%of enterprise users already adopting them. However, they also show asignificantly more dangerous risk profile: AI extensions are 60% morelikely to have a CVE than average, 3x more likely to have access tocookies, 2.5x more likely to have scripting permissions, and 2x more CISO’s Recommendations Continuous audit of all browser extensions across every With 99% of enterprise users running at least one extension, a fullinventory is a mandatory first step toward risk reduction. CISOs shouldrequire an organization-wide extension audit covering all browsers,managed and unmanaged endpoints, across all users. Without Implement strict, risk-adaptive policies focused on AI extensions AI extensions represent an outsized risk due to their elevated permissionsthat can expose SaaS sessions, identities, and sensitive in-browser data.CISOs should enforce targeted guardrails and continuous monitoring Don’t stop with static parameter assessment; actively analyze Browser extensions aren’t static. They change hands, get updated,and sometimes stop being maintained altogether. That makes theirtrustworthiness a moving target. CISOs should keep a close, ongoingeye on who’s behind each extension, how often it’s updated, and The overwhelming majority of users in enterprise environments haveextensions installed on their endpoints. Do you have a full picture 99% of enterprise users have extensions installed. These figures are almost identicalacross organizations of different sizes: 99% of users in small-to-medium (SME) Moreover, many enterprise users have a large number of browser extensions installed. Insmall and medium-sized organizations, more than 1-in-4 users have over 10 extensions While the rates of overall installation of extensions across organizations are fairly similar,users at large enterprises are less likely to have large numbers of extensions. This is Why it matters:Extensions are everywhere, in everyorganization of every size. This means that extension securityisn’t a niche IT concern anymore; it is a significant security AI Extensions Are Becoming aNew Channel for AI Usage AI extensions adoption is accelerating across enterprises, becominga key access point for interacting with AI services. AI extension usage is emerging across enterprises, with small and mid-sizeorganizations showing the highest adoption, about 1-in-6 users run at least one AIextension. Similar to overall extension usage, we see lower rates of AI extension Why it matters:AI extensions are now one of the fastest-growingextension categories that can access sensitive data, capture userinputs, or transmit information to unknown LLM providers, introducing Most Extensions Have ExtensiveAccess to Sensitive Data Most extensions request elevated permissions, and AI extensionsrequest them even more frequently, expanding the potential attack Nearly 75% of browser extensions request high or critical permission levels (40.83%high, 34.56% critical), while only 2.9% operate with low permissions. Over one-third of all browser extensions have critical permissions, and another 40%of