Nudge Security Unveils AI Agents to Mitigate Escalating Risks from Hidden OAuth Grants and Browser Extensions

PR Newswire
Today at 10:00am UTC

Nudge Security Unveils AI Agents to Mitigate Escalating Risks from Hidden OAuth Grants and Browser Extensions

PR Newswire

New agentic capabilities scale security governance across the exploding attack surface created by shadow AI, SaaS sprawl, and non-human identities.

AUSTIN, Texas, July 15, 2026 /PRNewswire/ -- Nudge Security, the leader in AI and SaaS security governance, today announced new agentic capabilities to help security and IT teams find and remediate malicious and high-risk OAuth grants and browser extensions, two of the fastest-growing and hardest to manage attack surfaces in the enterprise.

The Nudge Security Browser Extension Risk Analyst surfaces risky and malicious third-party browser extensions installed on employee devices and helps prioritize remediation.

The new agents continuously analyze OAuth grants and browser extensions discovered by Nudge Security, flag what's risky, and automate remediation with human-in-the-loop decisions. The new agents join Nudge Security's Vendor Risk Analyst agent, which automatically builds vendor security profiles for newly discovered AI and SaaS apps, cutting manual security review time by up to 90%.

Closing the gap between discovery and action
Modern enterprises have more apps, more extensions, and more third-party connections than traditional security programs can manually assess. As the breaches of Klue and Salesloft Drift illustrated, OAuth grants can provide broad, persistent access to sensitive data, which attackers are increasingly exploiting. Browser extensions can introduce supply chain risk directly into employees' daily workflows. Shadow AI and SaaS sprawl mean new vendors and new exposures can appear faster than any ticket queue can keep up with.

Nudge Security's agentic capabilities address sources of risk that have long outpaced manual human review:

  • OAuth Grant Risk Analyst analyzes OAuth grants, flags anomalies, and recommends specific revocations based on the organization's security policies.
  • Browser Extension Risk Analyst surfaces risky and malicious third-party browser extensions installed on employee devices and helps prioritize remediation.
  • Vendor Risk Analyst (existing) automatically generates and maintains SaaS and AI vendor security profiles for every AI and SaaS app, including compliance attestations, security posture indicators and AI data privacy policy insights.

"Security teams are buried under manual reviews while the business keeps moving. AI is accelerating adoption and expanding the attack surface at the same time," said Jaime Blasco, CTO at Nudge Security. "Unvetted OAuth grants, risky browser extensions, and unknown AI and SaaS apps can operate in the shadows for months or even years, creating thousands of access paths into corporate data. These new agents help teams immediately surface what's hidden, prioritize what matters, and take action at machine speed so governance and enforcement can finally operate at the pace of modern work."

Built for defenders across the surfaces others still miss
Nudge Security uniquely combines multiple discovery signals across the browser, inbox, identity provider, and connected apps to provide the most complete and timely view of AI, SaaS, OAuth, and browser extension risk. This broader context helps the agents make higher-confidence recommendations and deliver targeted, policy-driven remediation guidance that reduces noise and increases throughput for overburdened IT and security teams.

Availability
Nudge Security's new agentic capabilities are currently available to select customers. Join the waitlist https://www.nudgesecurity.com/nudge-agents-waitlist.

About Nudge Security
Nudge Security transforms AI and SaaS security and governance at the Workforce Edge, where employees make thousands of technology decisions daily. Automated, policy-driven guardrails reach employees when and where they work, enabling rapid technology adoption while minimizing risk and sprawl. Through unrivaled discovery capabilities, AI-driven risk insights, and behavioral science–based engagement, Nudge makes security a natural part of how modern work gets done rather than an obstacle to innovation. Nudge Security was founded in 2021 by Russell Spitler and Jaime Blasco and is backed by Cerberus Ventures, Ballistic Ventures, Forgepoint Capital, and Squadra Ventures.

Learn more at www.nudgesecurity.com and follow Nudge Security on LinkedInReddit, XBlueSky, and Instagram.

Media Contact:
Michelle Kearney
Hi-Touch PR
Kearney@Hi-TouchPR.com

Nudge Security logo

Cision View original content to download multimedia:https://www.prnewswire.com/news-releases/nudge-security-unveils-ai-agents-to-mitigate-escalating-risks-from-hidden-oauth-grants-and-browser-extensions-302824148.html

SOURCE Nudge Security