Swift Security Docs
  • Introduction to Swift Security
  • Onboarding
    • Tenant Setup
    • Product Deployments
      • Browser Extension
      • LLM Guardrails
        • LLM Guardrails API Integration
      • VS Code IDE Extension
    • Directory Sync
      • Configuring Google Directory Sync
      • Configuring Microsoft Directory Sync
    • MDM
      • Extension Deployment Via Google Workspace
      • Extension deployment via google workspace + MDM at device level
      • Extension Deployment Via Microsoft Intune
        • Chromium Browsers in Windows
        • Edge Browsers in Windows
        • Firefox Browsers in Windows
      • Extension Deployment Via Kandji
        • Chromium Browsers in Mac
    • Infrastructure
      • SaaS Model
      • Hybrid deployment (coming soon)
  • SSO (Single Sign-On)
    • SSO Configurations identity provider - Google workspace
  • Administrative Guide
    • Console Users
      • Role Creation
      • RBAC General Settings for Login Methods (for the Console)
      • User Creation
      • SSO login(okta)
    • Swift Detection Engines
      • Data Identifiers
        • Custom Data Identifiers
      • EDM Dictionaries
        • EDM Rule
        • EDM Profile
        • EDM Extension Policy
      • Data Rules
        • Custom Rules
      • Data Profiles
      • LLM Guardrail Scanners
        • Data Protection Scanner
        • Gibberish Scanner
        • Ban Substrings Scanner
        • Invisible Text Scanner
        • Code Scanner
        • Language Scanner
        • Sentiment Analysis Scanner
        • Jailbreak Scanner
        • Toxicity Scanner
        • Prompt Injection Scanner
        • Token Limit Scanner
        • Reading Time Scanner
        • Language Same Scanner
        • No Refusal Scanner
        • Factual Consistency Scanner
        • Bias Detection Scanner
        • URL Reachability Scanner
        • Nudity Scanner
        • Gender Scanner
        • Celebrity Scanner
        • Face Scanner
        • Race Scanner
        • Performance and Benchmark
    • Browser Extension
      • Extension Installation
      • Granular Policies
        • Control URL access
        • Protect company data
        • Protect against Threats (Coming Soon)
      • Extension Alerts
      • Extension Events
      • Extension Popups
      • Browser Extension Coverage
    • LLM Guardrails
      • LLM Guardrails Policies
      • LLM Guardrails Alert
      • LLM Guardrails Events
    • Regulation Laws
  • Assets
    • Applications
    • Users
    • Extensions
  • Integration
    • Notification
      • Jira
      • ServiceNow
      • Slack
      • Splunk
    • Forensic
    • Feature
      • Rules Glossary
        • United States
        • Canada
        • Latin America
        • European Union
        • Australia
        • APAC (Asia-Pacific)
        • EMEA Countries
        • Others
      • Data identifiers Glossary
        • United States
        • Canada
        • Latin America
        • European Union
        • Australia
        • APAC (Asia-Pacific)
        • EMEA Countries
        • Others
      • Supported MIME Types
      • Supported OCR Format
    • Manage unauthorized access from unmanaged browser
  • Settings
    • Manage Reasons
    • Audit Log
  • Release Notes
    • Version - 1.27
    • Version - 1.26
    • Version - 1.25
    • Version - 1.24
    • Version - 1.23
    • Version - 1.16
    • Version - 1.15
    • Version - 1.14
    • Version - 1.13
    • Version - 1.12
    • Version - 1.11
    • Version - 1.10
    • Version - 1.09
    • Version - 1.08
    • Version - 1.07
    • Version - 1.06
    • Version - 1.05
    • Version - 1.04
    • Version - 1.03
    • Version - 1.02
    • Version - 1.01
Powered by GitBook
On this page
  1. Administrative Guide
  2. Browser Extension

Browser Extension Coverage

Version: 1.0 Last Updated: January 2, 2025

Overview

This document describes the policy enforcement capabilities of our browser extension. It outlines how different user actions across various websites are controlled, differentiating between actions that do not involve content inspection (URL Access Policy Actions) and those that do (Data Protection Policy Actions). These policies aim to enhance data security, ensure compliance with organizational standards, and maintain a secure browsing environment.

Policy Action Definitions

Block: Completely prevent the action. Allow: Let the action proceed normally. Warn: Show a warning before the action; user decides to continue or stop. Alert: Create an alert in Swift console, but the alert is “silent” from the perspective of the end user. Mask: Hide or obfuscate sensitive data before the action completes.

Supported Browsers

Chrome, Firefox, Brave, Edge

URL ACCESS POLICY ACTIONS (No content inspection). The following user actions can be controlled via the policy. Supported policy actions include block and allow. On the roadmap, we will add (a) alert, (b) warn.

  • Copy - Supported for all websites configured in the policy. Support includes ctrl+c and right click and copy. Site specific copy action functionality would need to be supported for each web application.

  • Cut - Supported for all websites configured in the policy. Support includes ctrl+x and right click and cut. Site specific cut action functionality would need to be supported for each web application.

  • Print - Supported for all websites configured in the policy. Support includes ctrl+p and right click and print (whole page and selected content), and also supports when the print goes through the normal browser behavior (such as print opens a preview). Site specific print action functionality would need to be supported for each web application.

  • Download - Supported for all websites configured in the policy. Download functionality is generic for any downloads that goes through browser download queue. Meaning when you download an item and you have that icon with download in the top right corner showing the download. We don’t yet support certain download functionality such as right-click → download image.

DATA PROTECTION POLICY ACTIONS (with content inspection). The following user actions can be controlled via the policy.

  • Upload - Supported on all websites. Support includes all generic inputs that have type=”file”, which includes file types such as txt, docs, pdf, excel, image, CSV. Certain applications that use non standard upload approaches may not work. Policy actions supported include: block, warn, alert, allow.

    • Current known limitations include Microsoft One Drive.

  • Paste - Supported for all websites. Support includes ctrl+p and right click and paste. Paste action buttons on the web page would need to be supported page by page. Policy actions supported include: block, warn, mask, alert, allow.

  • Prompt typing and submitting - We support both pressing Enter and clicking the Submit button. Supported for selected website (see below)

    • https://chatgpt.com

    • https://claude.ai

    • https://codeium.com

    • https://console.x.ai

    • https://copilot.microsoft.com

    • https://gemini.google.com

    • https://coral.cohere.com

    • https://dashboard.cohere.com

    • https://forms.office.com

    • https://groq.com

    • https://huggingface.co

    • https://onedrive.live.com

    • https://platform.openai.com

    • https://my.replika.com

    • https://www.askcodi.com

    • https://www.bing.com

    • https://www.perplexity.ai

    • https://you.com

    • https://atlassian.net

    • https://google.com

    • https://novelai.net

    • https://app.clickup.com

    • https://app.copy.ai

    • https://app.grammarly.com

    • https://app.hubspot.com

    • https://app.rytr.me

    • https://app.writesonic.com

    • https://caktus.ai

    • https://character.ai

    • https://chat.deepseek.com

    • https://chat.groq.com

    • https://chat.mistral.ai

    • https://outlook.live.com

PROMPT AND RESPONSE

This feature collects and stores prompts and responses from these websites, which can be viewed in events and alerts

  • https://atlassian.net

  • https://chatgpt.com

  • https://claude.ai

  • https://chat.mistral.ai

  • https://api.x.com

  • https://copilot.microsoft.com

  • https://gemini.google.com

  • https://meta.ai

LOGIN CAPTURE

This feature captures and stores login information from specified websites, which can be viewed in events and alerts

  • https://chatgpt.com

  • https://app.rytr.me

  • https://gemini.google.com

  • https://copilot.microsoft.com

  • https://www.perplexity.ai

  • https://chat.mistral.ai

  • https://claude.ai

  • https://groq.com

  • https://console.x.ai

  • https://chat.groq.com

  • https://onedrive.live.com

  • https://forms.office.com

  • https://www.office.com

  • https://www.microsoft365.com

  • https://outlook.live.com

  • https://www.bing.com

  • google.com

PreviousExtension PopupsNextLLM Guardrails

Last updated 1 month ago