Show HN: Weaklayer – open-source Browser Detection and Response
weaklayer.comThe term "Browser Detection and Response" is used because Weaklayer resembles Endpoint Detection and Response in architecture. The key difference being that instead of an endpoint agent, it uses a browser extension.
Having a presence in the web browser like this enables a novel source of security data. This gives you new capabilities and allows you to implements new controls in your IT environment.
Since Weaklayer gives a new data source, it isn't a replacement for any tools you currently use in your security stack. It's meant to be used along with your existing IT security stack.
A great example of the new capabilities you get is credential phishing detection. By monitoring user interaction with web pages, you can see when an employee enters their corporate password into a non-corporate website. The video on the Weaklayer homepage demos this.
Any and all feedback is appreciated! Send me an email if you prefer private communication or want a hand setting it up.
Finally, here is the source for the browser extension: https://github.com/weaklayer/sensor
Doesn’t Google offer an extension to safely check if you accidentally enter your Corp password into a 3p website without leaking the password itself? Certainly it’s what they do internally but I can’t seem to find the extension at the moment.
Is this the extension you are referring to? https://chrome.google.com/webstore/detail/password-alert/noo...
The core value added by Weaklayer is a new security data feed. Currently, I think credential phishing detection is the most important thing that can be done with this data feed.
However, this data should be more widely applicable to threat hunting, incident response, compliance and other security activities. The data is meant to provide visibility regarding what happens inside the web browser - something that I think a browser extension can do much better than an endpoint agent.