Query Details
Browser Extension Top100most Permissive Extensions Installed
Query
# Top 100 critical browser extensions with the most permissions required ---- ### Defender For Endpoint ``` DeviceTvmBrowserExtensions | where ExtensionRisk == "Critical" | summarize TotalExtentions = count(), ExtentionNames = make_set(ExtensionName) by DeviceId | join DeviceInfo on DeviceId | project DeviceName, TotalExtentions, ExtentionNames | top 100 by TotalExtentions ```
Explanation
This query retrieves the top 100 browser extensions that require the most permissions and are considered critical. It gathers information about these extensions, such as the total number of extensions and their names, for each device. The query then joins this information with device details and selects the device name, total extensions, and extension names. Finally, it sorts the results based on the total number of extensions and returns the top 100.
Details
Bert-Jan Pals
Released: February 14, 2023
Tables
DeviceTvmBrowserExtensionsDeviceInfo
Keywords
DeviceTvmBrowserExtensions,ExtensionRisk,Critical,TotalExtentions,ExtentionNames,DeviceId,DeviceInfo,DeviceName
Operators
wheresummarizecount()make_set()byjoinprojecttop 100 by