Detect verified stolen credentials, enforce MFA directly in the browser, and more
Detect verified stolen credentials, enforce MFA directly in the browser, and more
What's new this month:
Detect verified stolen credentials without false positives
Enforce MFA directly in the browser
Detect internal apps and request support for unrecognized apps
Managed deployment support for Safari
Cut through false positives and find verified stolen credentials
Push now flags verified stolen credentials in use across your workforce identities by comparing threat intelligence data to fingerprints of passwords actively in use.
This comparison allows us to discard all false positives from the TI sources, leaving you just with the verified true positives.
With the rise in identity attacks stemming from stolen credentials, we’re especially excited to get this feature into your hands to provide a reliable and high-fidelity source of information about which accounts are at critical risk of account takeover.
You can enable Stolen credential detection on the Controls page of the Push admin console. Get alerted to findings via ChatOps notification, webhook event, or in the UI.
To learn more about how we securely compare stolen cred reports to your employee credentials, check out our blog post.
Enforce MFA directly in the browser
You can now use Push to prompt employees to register for MFA using our new MFA enforcement control.
End-users will see a banner in their browser when they use accounts that lack MFA protection. As an administrator, you can select which apps you want to enforce MFA on, including apps not on SSO — or unmanaged apps you don’t even know about.
You can configure MFA enforcement on the Controls page of the admin console.
Detect internal apps and request support for unrecognized apps
Push can now detect internal corporate apps on non-publicly-accessible domains, such as apps with a domain of “.internal,” “.intranet,” or “.corp.”
You can find internal apps listed in the Other apps slideout on the Apps page in the Push admin console.
You can also now request support for any apps in the Other apps list that you use for work but which Push doesn’t immediately recognize as a commonly used work app. From the slideout, select Request app review. Our team will take a look and add support as soon as possible.
Managed deployment support for Safari
With the release of macOS 15, Push now supports managed deployment of the Push browser extension on Safari.
Using your MDM, you can now deploy and activate the Push agent seamlessly without any end-user interaction.
Push already provides managed deployment support for other major browsers, including Chrome, Edge, Firefox, Brave, and Arc.