Push Security is a London-based cybersecurity company that builds a browser-native platform to detect and respond to identity-based attacks (phishing, credential stuffing, session hijacking) by collecting browser telemetry, mapping an organization’s identity attack surface, and enforcing controls in real time[6][3].
High-Level overview
- Push Security’s product is a browser-focused Identity Threat Detection & Response (ITDR) platform that surfaces SaaS account and credential risks, detects active browser attacks, and enables remediation and policy enforcement across unmanaged apps[6][3].[2]
- It serves security teams at enterprises and small-to-medium organizations that need visibility into workforce logins, SaaS sprawl, and account takeover risk, and positions users as part of the defensive surface via lightweight browser agents[6][2].[4]
- The platform’s core value is preventing identity-driven breaches by detecting attacks earlier (in the browser) and reducing blast radius across SaaS apps, which addresses the rise in identity attacks as cloud and SaaS adoption increased[3][2].[5]
Origin story
- Push Security was founded in 2020 by Adam Bateman (CEO), Jacques Louw (CPO), and Tyrone Erasmus (CTO), who previously worked at MWR InfoSecurity and bring offensive/defensive research backgrounds to the product[2][7].[5]
- The idea emerged from observing that most modern breaches are identity-led and that placing detection and controls in the browser provides unique telemetry and a user-side vantage point for stopping attacks such as AiTM phishing and session hijacking[3][2].[6]
- Early traction included adoption by organizations across sizes (from small teams to enterprises), and investor backing including a Series A led by GV (formerly Google Ventures), reflecting endorsement from prominent security investors[2][5].
Core differentiators
- Browser-native telemetry: Push installs lightweight agents into major browsers to capture request/script behavior and user login events—data that traditional network or endpoint tools often miss[3][6].
- Identity-first mapping: The platform maps workforce identities, SaaS logins, and OAuth integrations to show attack surface and potential blast radius after an incident[3][6].
- Real-time detections and controls: Push detects techniques like AiTM phishing, credential stuffing, and session token theft in real time and can enforce inline controls or notify SecOps via SIEM/SOAR and collaboration tools[3][4].
- Low-friction deployment and user-driven model: Designed to be easy to deploy (few clicks) and free-to-try, enabling rapid rollout without heavy IT provisioning and empowering users to take defensive actions[2][4].
- Focus on usability and privacy: The product emphasizes frictionless UX for security teams and claims privacy-aware telemetry handling suitable for GDPR contexts[4][6].
Role in the broader tech landscape
- Trend alignment: Push rides the shift toward identity as the primary attack vector as SaaS proliferation and remote work expanded the perimeter; detecting attacks in the browser addresses threats that bypass traditional EDR and network controls[5][3].
- Timing: Increased SaaS sprawl, shadow IT, and the rise of sophisticated phishing (including AiTM) make a browser-centric ITDR approach timely and complementary to existing identity and EDR tooling[5][3].
- Market forces: Enterprises demand solutions that scale across unmanaged SaaS and offer fast time-to-value; investor interest in identity security (e.g., GV’s Series A) signals market appetite[5][2].
- Ecosystem influence: By providing visibility into ghost logins, MFA gaps, weak/reused passwords, and risky OAuth apps, Push can change how security teams prioritize identity remediation and integrate browser telemetry into SecOps playbooks[3][6].
Quick take & future outlook
- What’s next: Expect continued expansion of detection capabilities (more browser-based detections and automated remediation workflows), deeper SIEM/SOAR integrations, and broader enterprise adoption as identity attacks grow[3][6].
- Shaping trends: Push will likely benefit from increased regulatory and compliance focus on data protection and from organizations shifting security budgets to identity-centric defenses[4][5].
- Strategic evolution: The company may deepen partnerships with identity providers, CASBs, and EDR vendors or extend platform capabilities into prevention (inline blocking) and broader workforce security posture management[2][6].
- Bottom line: Push Security’s browser-first ITDR approach addresses a clear and growing gap between identity risk and traditional tooling; its early investor and customer traction suggest it’s well positioned to be a notable player in identity security as attacks continue to evolve[5][2].
If you want, I can:
- Produce a concise investor-style one-page (mission, traction, KPIs to track).
- Compare Push Security to leading ITDR/EDR/CASB vendors in a table.
