Research reveals Shadow Identities blind organizations to 80% of SaaS logins

TEL AVIV, Israel, Feb. 06, 2025 (GLOBE NEWSWIRE) -- LayerX, a pioneer in user-first browser extensions for enterprise security, today announced advanced identity security features to protect enterprises against the pervasive risks of Shadow Identities.

In today’s world of anywhere-work and cloud apps, most work is done on browser-based SaaS applications. Startling new research, however, reveals that 40% of SaaS access in organizations use personal credentials and 67% sidestep SSO. Aggregated, the data shows organizations are "blind" to about 80% of SaaS login events. These findings and more are presented in the LayerX "2025 Identity Security Report” based on real-life usage data collected from LayerX’s customer base.

To protect organizations from Shadow Identity risks and enforce SaaS security, LayerX has added new capabilities to its browser extension-based security platform that directly address identity security concerns, including:

Enhanced AI-based anti-phishing protection engine that blocks zero-hour external identity attacks and prevents them from penetrating the organization

Granular identity governance controls enable organizations to fully audit all SaaS identities in the organization, including corporate, non-corporate and non-SSO identities

Enhanced controls over malicious browser extensions that steal identity details such as the attack vectors used in the recent Cyberhaven data breach incident

Cross-identity protections for file-less data transfers to detect and stop data transfers between corporate and non-corporate accounts within the same browser or SaaS application, thereby protecting against common risks such as data transfer between corporate and personal accounts on multi-tenant SaaS applications such as Google Docs or Microsoft OneDrive.

The new capabilities extend the current LayerX identity security features such as:

Discovery of all SaaS identities, including both known and unknown (“Shadow”) identities

Enforcement of SSO and SaaS login security policies

Application of identity governance and password control over all SaaS accounts, including non-corporate ones

Adaptive, risk-based access control policies

Enhance identity protection by using the browser extension as an additional authentication factor



“If identity is the new perimeter, then the corporate identity is the only thing that stands between keeping organizational data safe and having it exposed,” said Or Eshed, co-founder and CEO of LayerX. “Encryption and the proliferation of entry points have rendered legacy approaches to security ineffective for modern IT infrastructures. Our approach provides a new, identity-first, single control at the point where users interact with everything—the browser—to secure enterprise access.”

About the LayerX Security Platform

The new identity security capabilities are extremely effective because they are built on the LayerX platform, designed to protect corporate identities directly in the browser, where the majority of modern identity threats occur.

Delivered as an enterprise security browser extension, LayerX provides unprecedented visibility and control for enterprise SaaS security, because it sees everything a user does on the internet.

The platform analyzes web sessions at the utmost granular elements to prevent attacker-controlled webpages from performing malicious activities. It also blocks users from putting enterprise resources at risk, without disrupting their legitimate interactions with websites, data and applications.

As a browser extension, LayerX works with any browser users choose while still protecting the enterprise. This provides a significant advantage in user acceptance and SaaS coverage over browser replacement solutions that are inconvenient for and easily sidestepped by employees and subcontractors.

LayerX monitors all in-browser user activities, webpage behavior and user activities. All events are analyzed in real time and enriched by LayerX’s threat intel cloud to reveal the risk context and enforce protective action within the web session.

By monitoring events directly at the user endpoint, LayerX is not impacted by session or in-app encryption, does not add latency and does not disrupt the native browsing experience, unlike traditional network-layer security solutions such as secure web gateways (SWGs) or CASBs.

LayerX enables organizations to:

Gain visibility into web activity and SaaS usage

Discover all sanctioned and non-sanctioned workforce SaaS applications uses and high-resolution usage visibility

Unveil any Shadow Identities and apps that were impossible to detect before

Reduce browsers’ attack surfaces via a centralized management interface

Monitor and configure all browsers from a single interface

Govern browser hygiene by controlling the installations of extensions by users

Ensure consistent security posture and hygiene across all browsers

Enforce browser security updates and vulnerability patching

Prevent risk to data, apps and devices with access and activity policies

Dynamically scan every web page to disclose malicious code, content and files

Monitor user activities to detect potential compromise or data loss

Create adaptive or rule-based policies that respond to detected risk with a wide range of protective actions

In addition to Shadow Identity protection, other use cases for LayerX include:

GenAI data leakage prevention

Prevention of web/SaaS data leakage

Protection against malicious browser extensions

SaaS security

Safe browsing

Secure remote access by third-party contractors and BYOD

“LayerX is an all-in-one solution for our online browsing security issues,” said Cliff Frazier, CISO, WCF Insurance. “Whether it’s protecting against phishing or malicious extensions or data leaks, LayerX ensures our employees can access anything they need without risking our customer and company data.”

Experience firsthand the benefits of LayerX and discover hidden browsing threats in your enterprise with a complimentary risk assessment for GenAI, identity, web and SaaS risks.

Learn more with a demo or by visiting LayerX Security - The Enterprise Browser Extension.

About LayerX

LayerX Security offers an all-in-one, agentless security platform that protects enterprises against the most critical risks and threats of the modern web, including GenAI data leakage, SaaS risks, identity threats, web vulnerabilities, DLP and more. LayerX is deployed as an enterprise browser extension that integrates with any browser and provides organizations with full last-mile visibility and enforcement without disrupting the user experience. Enterprises use LayerX to secure their hybrid workforce in a SaaS-first world. For more information, visit the LayerX website at https://www.layerxsecurity.com.

