Proofpoint Browser Extension

Proofpoint Browser Extension is an optional module that does not require an additional license. It is built as a Chromium-based extension utilizing the Chrome API.

Proofpoint Browser Extension is supported for Windows Agent 3.6 or higher and Mac Agent 4.2 or higher.

You can install the Browser Extension on a single endpoint or deploy on multiple endpoints (GPO).

From Windows version 3.6, the following are provided:

• Detection and prevention when submitting text prompts to Generative AI (GenAI) websites. (See GenAI Prompt Submit Detection and Prevention.)

• New method to detect web browsing activities. (See Browser Activities .)

Installing and Enabling Proofpoint Browser Extension

Proofpoint Browser Windows Installation

You must install Proofpoint Browser Extension from Chrome Web store to use this feature. Link to download.

For instructions to install Proofpoint Browser Extension on a single endpoint and on multiple endpoints, see Proofpoint Browser Extension Installation.

Detection and Prevention of Submitting Text Prompt to GenAI Websites

In version 3.6 the supported GenAI websites are ChatGPT (by OpenAI) and Gemini (by Google).

GenAI websites are an additional exit point from which data can be leaked unintentionally by users.

Supported Browsers and GenAI

For details about Proofpoint Browser Extension supported Browsers and GenAI see Proofpoint Browser Extension Support.

Examples

Some examples include:

• Employees submit text to be rephrased, such as grammar or translation improvements

• Employees submit meeting notes to summarize them

• Developers submit code snippets to find bugs

When Proofpoint Browser Extension is installed and enabled, it can be used to:

Detect and prevent text submitted to GenAI websites based on content scanning of the text prompt.

Enabling the Browser

You must enable the Proofpoint Browser Extension from the Agent Realm. To enable, from the Administration application, select Endpoints > Agent Realms. In the Advanced Settings of the Agent Realm, in the Browser Extension area, turn on Enable Interaction with Agent. Select Detect Text Submit in Websites (GenAI) (for detection) and/or Prevent Text Submit in Websites (GenAI) for prevention.

Other exfiltration methods to GenAI website such as, File Upload or Pasting Text Clipboard are already supported by previous agent versions.

Any text prompt is scanned when it is submitted, and a new activity categorized as GenAI Prompt Submit is sent to the back end and is used in Explorations and DLP Detectors found in snippets (if enabled) as shown in the example.

Detection Rules can be created based on this new category to get Alerts.

Prevention Rules based on the User Name, Group Name, Indicator/Detector Name. In this version, only Block action is supported. Prompt and Allow actions are planned for future versions.

Browser Activities

Proofpoint Browser Extension is a method used to detect and prevent browsing activities.

You must enable the Proofpoint Browser Extension from the Agent Realm. To enable, from the Administration application, select Endpoints > Agent Realms. In the Advanced Settings of the Agent Realm in the Browser Extension area, turn on Enable Interaction with Agent. When turned on, select the activities you want: 

• Detect File Upload Activity (Windows Agent 3.6.0 and higher and Mac Agent 4.2.0 and higher)

• Detect Web Browsing Activity (Windows Agent 3.6.0 and higher and Mac Agent 4.2.0 and higher)

• Detect Text Submit in Websites (GenAI) (Windows Agent 3.6.0 and higher)

• Prevent Text Submit in Websites (GenAI) (Windows Agent 3.6.0 and higher)

• Detect Download Activity (Mac Agent 4.2.0 and higher)

• Prevent File Upload Activity (Mac Agent 4.2.0 and higher)

File Upload is limited to 1000 files.

Currently, without Browser Extension, Proofpoint Agent initially tries to extract the URL during Web activity from Web Accessibility.

If Web Accessibility cannot be used, URL is extracted directly from the Browser Address Bar. Extraction from the Browser Address Bar is less accurate and may contain a partial URL if it currently being typed - and not the actual URL that was opened. This can cause latency to the browser experience.

Proofpoint Browser Extension provides a new and accurate and independent method using Web Accessibility. When the Proofpoint Browser Extension is installed and enabled, URL is extracted accurately and independently during Web activity using Web Accessibility.

Incognito Mode

Browser extensions cannot work in Incognito mode without explicit permission by the user. If there’s no need to maintain privacy when employees are using Incognito mode, then one of the following can be done:

• Ask the monitored employees to approve Proofpoint Browser Extension each time they get such request prompt.

• Block users from using Incognito mode based on policy set by organization’s IT