Get your copy of the SaaS Attacks Report: 2024 edition

Ready to help

What can I use the app banner for? Templates and examples

You can add a custom message that will appear when employees log in to or sign up for specific apps using Push’s app banner feature.

App banners provide guardrails for communicating with employees so that they can follow your security policies and SaaS management preferences, reducing the risk of security issues and SaaS sprawl.

You can use an app banner to:

  • Encourage employees to use a preferred app over an alternative.

  • Remind employees not to enter sensitive information or company data into ChatGPT or other AI tools.

  • Ask employees not to use an app until it can be reviewed by the security team.

  • Require that employees submit a reason to use a sensitive app before using it.

  • Block employees from using an unapproved app.

  • Or anything else you want!

How does it work?

You can configure app banners from the Controls page by selecting the App banners tile and then choosing which app you want to set a banner for, as well as its mode, and then entering your custom message.

Note: You can set a banner both for apps in your inventory (meaning that Push has observed employees using them) or for apps not yet seen by Push. When configuring an app banner, use the Accounts column on the app selection slideout to identify apps that do not have any known accounts.

App banner configuration - accounts column - KB 10106

Then select the Mode. You can create an app banner in the following modes:

  • Inform: End-users will see a banner message at the top of the page.

  • Acknowledge: End-users will see a large banner covering the center of the page that requires them to acknowledge the message in order to continue.

  • Reason: End-users will see a large banner covering the center of the page that requires them to submit a reason for using the app before continuing to use it. Their submitted reason will be emitted as part of a webhook event.

  • Block: End-users will see a larger banner covering the center of the page that prevents them from logging in or signing up to the app. Optionally, you can allow them to ask for an exception using a request field on the banner. Their request will be emitted as part of a webhook event.

The banner message text and button text is customizable. Banners appear on an app's login or signup pages, and end-users must have the Push browser extension installed in order to see the message.

App banner published example - KB 10106
App banner in Inform mode
App banner - Acknowledge mode - KB 10106
App banner in Acknowledge mode
App banner - Reason mode - KB 10106
App banner in Reason mode
App banner - Block mode - KB 10106
App banner in Block mode

Markdown for styling custom message

App banners are configured on a per-app basis, so you can have a custom message for each. The text field supports link and email syntax using markdown, but no other formatting.

Example markdown:

  • [Push Security](https://pushsecurity.com)
  • [Steph](mailto:steph@ctrlaltsecure.com)
App banner - config slideout - KB 10106

As an administrator, you can preview the banner in your browser before you save it. Select Preview banner in browser from the banner configuration slideout panel. You’ll see a preview of the banner right in the Push admin console.

Managing banners

You can identify which apps have app banners by opening the App banners tile on the Controls page and reviewing the list, or by filtering the Apps page. Go to the filters icon in the top right corner, then select App banner > Apps with banner.

Webhooks for app banners are also available, with an event for when a banner is displayed, acknowledged, when a reason is submitted, or when a block is performed. Refer to our developer documentation for details.

Templates and examples

Here are a few examples of how you can use app banners.

This app is not approved for use at CtrlAltSecure App A is not approved for company use. If you need a file storage tool, use App B instead. Contact steph@ctrlaltsecure.com to request access.

Do not enter company data into this app It’s fine to use this AI tool for simple brainstorming tasks, but do not enter any company data, such as customer lists, intellectual property, or project information. Please acknowledge your compliance with this policy.

This app is under review — ask before you use it The Acme security team is reviewing this app to decide if it’s suitable for company use. If you need to use it in the meantime, please provide a reason first.

This app is not approved for company use Acme security policy prevents use of this app. If you have a business reason to use it, please provide an explanation using the box below.