u/dottiedanger

so for ref: we are re evaluating our threat intel and dark web monitoring stack and are down to the three options I mentioned above. But I feel like I am getting a whole lot of sales fluff or bs from the intel im finding from each.

So I was hoping for a bit of feedback from here.

If anyone has/is actually deploying any of these, and had the choice to change again today, which would you pick today .

considering dark web depth, DRP strength, ease of integration. No need for Short stories like “we chose X over Y and here is what we learned” or sales guys jumping in. just the straight up would be awesome. thanks in advance.

Sat through a security review last week and someone asked how many browser extensions are running across our org. Nobody could answer.

We track laptops, mdm, patch status. We monitor the network. But not the extensions, which I am starting to think is the worst attack vector yet. Each one a tiny privileged application with access to every page you visit. And now the ai ones can read your screen, click buttons, send emails on your behalf.

The claudebleed research showed a zero-permission extension can hijack a trusted AI assistant. One compromised extension becomes a c2 channel inside your browser. And most of us have zero policy, zero visibility, zero controls here.

Blocking them all isnt an option anymore, anyone got better extension governance strategy?