Push Security, the most powerful AI-native security tool in the browser, today announced browser-native capabilities that directly address the use cases organizations have traditionally used secure we...

As proxy-based security shows its limits, Push Security offers a browser-native alternative built for the attacks that live inside the session
BOSTON: Push Security, the most powerful AI-native security tool in the browser, today announced browser-native capabilities that directly address the use cases organizations have traditionally used secure web gateways (SWGs), cloud access security brokers (CASBs) and security service edge (SSE) platforms to solve, including URL blocking, domain categorization, phishing protection, malicious file detection, shadow SaaS discovery and AI usage governance.
The announcement challenges a market projected to reach $42 billion by 2030, at a moment of growing doubt about its core architecture. Research indicates that gateways and next-generation firewalls miss approximately 60% of malicious web pages, not because of implementation failures, but because of a structural limitation: Network tools see where traffic went, but they cannot see what the user actually saw and did.
“SWGs were designed for a world where the threat was malware crossing the wire, however that world is gone,” said Adam Bateman, CEO of Push Security. “Today’s attacks, like AitM phishing kits, ClickFix lures, session hijacking and OAuth abuse, play out entirely inside the browser session, long after the network proxy has decided to allow the traffic. We built Push to detect and stop attacks at the layer where they actually happen.”
The structural flaw in proxy-based security
Traditional SWG, CASB and SSE architectures intercept and inspect traffic between users and the internet, enforcing URL categorization and policy at the network layer. This requires routing all user traffic through a cloud proxy which introduces latency, creates a single point of failure, and generates friction that consistently surfaces as the top end-user complaint in SWG deployments. More fundamentally, it leaves the browser session itself unmonitored.
Modern credential-harvesting attacks are specifically engineered to defeat the network layer. Adversary-in-the-middle (AitM) phishing kits use infrastructure rotation, trusted CDNs, and bot protection to stay off blocklists. Many now detect when they are executing inside a gateway sandbox environment and disable their malicious behavior during inspection, appearing benign to the network tool, then re-activating when the real user lands on the page.
By the time a phishing domain is categorized, it has typically already been decommissioned. In fact, 89% of phishing domains are active for fewer than two days. Increasingly, adversaries are also abusing trusted services to deliver attacks, bypassing known-bad detections in legacy solutions like network proxies.
Meanwhile, 82% of attack detections are now malware-free, meaning attackers operate entirely within legitimate browser sessions through credential theft, session hijacking and identity abuse generating no network-layer signal for a proxy to act on.
Push recently discovered and blocked ConsentFix, a novel attack technique that takes over Microsoft accounts with no password entry, no MFA prompt and no anomalous sign-in event for network or identity tools to detect. It was invisible to every proxy-based control in the stack. It was only detectable at the browser layer.
Browser-native detection and policy enforcement without breaking traffic
Push operates as a lightweight browser extension deployed to users’ existing browsers, with no traffic rerouting, no proxy infrastructure, and no browser migration required.
Push observes the live browser session from the inside via the rendered DOM, including credential entry events, script behavior, clipboard contents, OAuth consent flows, and file uploads and downloads. Because Push observes client-side network requests from within the browser before encryption, it captures the data that network tools can only access by decrypting and re-encrypting traffic - without the deployment complexity or session-breaking risks of inline TLS interception.
This architecture enables Push to:
Consolidation without disruption
Push does not require organizations to abandon existing network investments to realize value. For security teams looking to consolidate, Push provides a browser-native alternative for the use cases that SWG and CASB deliver imperfectly, at a fraction of the cost of enterprise SSE tiers, which can exceed $375 per user per year. For teams running SSE platforms they intend to keep, Push layers on top, adding behavioral detection, AI visibility and control, and browser extension blocking that proxy-based tools cannot provide by design.
“We’re not asking security teams to do a feature comparison,” said Bateman. “We’re asking them to look at the outcomes they’re actually paying for, and whether a proxy that can't see inside the session is the right tool to deliver them.”
Learn more about Push’s SWG capabilities at https://pushsecurity.com/solution/tool-replacements/secure-web-gateways
About Push Security
Push Security is the secure enterprise browser extension for security teams. Founded by red team and blue team experts, Push combines high-fidelity browser telemetry, real-time control, and autonomous agents to stop advanced attacks, secure AI usage, harden identities, and prevent data loss, all from your users’ existing browsers, no migration required. Push is backed by Decibel, GV (Google Ventures), Redpoint Ventures, Datadog Ventures, B3 Capital and other notable angel investors. For more information, visit https://pushsecurity.com or follow @pushsecurity.
Fonte: Business Wire
Alaa Abdul Nabi, Vice President, Sales International at RSA presents the innovations the vendor brings to Cybertech as part of a passwordless vision for…
G11 Media's SecurityOpenLab magazine rewards excellence in cybersecurity: the best vendors based on user votes
Always keeping an European perspective, Austria has developed a thriving AI ecosystem that now can attract talents and companies from other countries
Successfully completing a Proof of Concept implementation in Athens, the two Italian companies prove that QKD can be easily implemented also in pre-existing…
Global management and technology consultancy Capco, a Wipro company, has been recognized by OpenAI for both AI innovation and responsible AI leadership.…
Securonix, Inc., a six-time Leader in the Gartner® Magic Quadrant™ for SIEM, today announced the appointment of Toby Weiss as Chief Executive Officer.…
Brera Holdings PLC (Nasdaq: SLMT) (the “Company” or “Solmate”) today announced the voting results in respect of Proposal No. 1 and Proposal No. 2 of its…
Blackline Safety Corp. (“Blackline” or the “Company”) (TSX:BLN), a global leader in connected safety technology, today announced that it has received…