As we gradually roll out HIBP’s Partner Program, we’re aiming to deliver targeted solutions that bridge the gap between being at risk and being protected. HIBP is the perfect place to bring these solutions to the forefront, as it’s often the point at which individuals and organisations first learn of their exposure in data breaches. The challenge for corporates, in particular, is especially significant as they’re tasked with protecting entire workforces, often against highly motivated and sophisticated attackers seeking to exploit organisational vulnerabilities. That’s why today, I’m especially happy to welcome Push Security to the program.
Push’s mandate is to “defend workforce identities in the browser” from attacks that put corporate assets at risk. Especially within the context of data breaches, this includes attacks that leverage reused credentials (which often appear in breaches), account takeovers, phishing and session hijacking. Protecting organisations directly in the browser makes a lot of sense given how many attacks originate in that environment (something I’m painfully familiar with myself), and as they’re fond of saying, “Push Security is like EDR but for the browser”.
Because Push is focused on business solutions, they now have placement within the business section of the HIBP dashboard, namely the overview and domains pages:
I’m really happy with how we’ve been able to position partners in a way that’s contextual, relevant and non-obtrusive. We’ve clearly marked Push as “Sponsored” and positioned them right at the heart of where those protecting organisatoins spend their time on HIBP.
Lastly, we’ve also now launched a dedicated partners page, which lists each relationship we have, including Push Security:
Regardless of where you are in the world, you’ll see each partner, the pages on which they are displayed, and any geolocation dependencies. This ensures both transparency and exposure for the organisations we’ve entrusted to help protect users of our service.
So, a big welcome to Push Security and one more piece in the puzzle of protecting organisations from the scourge of data breaches.