Google launches customizable Web Store for Enterprise extensions

Google has officially launched its Chrome Web Store for Enterprises, allowing organizations to create a curated list of extensions that can be installed in employees' web browsers.

Malicious Chrome extensions have long been a problem, with scammers and threat actors actively releasing or hijacking existing extensions to include malicious code.

Last month, thirty-five extensions were compromised after developers were targeted in a phishing attack, allowing the threat actors to upload hijacked versions containing information-stealing scripts.

Announced last October, the new Web Store for Enterprises allows companies to create a curated list of vetted web browser extensions, minimizing the risk of employees mistakenly installing harmful add-ons.

The Web Store can also be customized to display company logos and highlight specific extensions required for corporate tasks.

"Admins gain greater control over the Web Store experience with the ability to tailor per OU/organization," Google says in a new blog post.

"Now admins can add company logos, create custom imagery and announcements, curate extension collections, implement category-based controls and add new collections for allowlisted items."

Google has also introduced tools to give more visibility into security risks associated with extension by displaying risk scores provided by Spin.

Later this year, Google will introduce a feature that allows admins to remotely remove extensions from end-user browsers, further enhancing security.