I wanted to share product feedback based on what I am seeing with SMB and mid-market clients. Huntress already covers a major part of the risk stack with EDR, ITDR, SAT, SIEM, and now ESPM/ISPM. The gap I see is the browser. A growing amount of compromise is happening before traditional endpoint tools get a clean signal. The main use cases are: ClickFix-style attacks where users are tricked into copying and running malicious commands from fake CAPTCHA, fake Cloudflare, fake browser update, or fake document pages. Malicious browser extensions that collect credentials, hijack sessions, inject scripts, exfiltrate data, or abuse permissions after being installed by the user. SaaS and identity abuse where users approve rogue OAuth apps, reuse passwords, enter corporate credentials into unmanaged apps, or upload sensitive data into shadow SaaS and AI tools. This feels like a natural Huntress expansion because these attacks sit between endpoint, identity, and SaaS. Today, the practical answer is to use Intune/GPO/Chrome Enterprise/Edge policies for extension governance and a separate browser-native tool such as Push Security for in-browser user protection. That creates another tool, another agent/extension, and another dashboard for MSPs. The ideal Huntress capability would be a lightweight managed browser extension or browser-security module that can: Detect ClickFix behavior, including malicious copy/paste instructions, fake verification flows, and suspicious browser-to-command execution paths. Inventory Chrome and Edge extensions across managed endpoints. Score extensions by risk based on permissions, publisher reputation, install source, update behavior, and known malicious indicators. Alert on risky extensions, new high-permission extensions, sideloaded extensions, and suspicious extension changes. Help enforce extension allowlists or integrate with Intune/Chrome/Edge policy management. Detect corporate password reuse or credential entry into unapproved sites. Detect risky OAuth grants and connect that back to Huntress ITDR. Warn users in-browser before they enter credentials, approve OAuth access, copy malicious commands, or upload sensitive data into risky SaaS/AI tools. Give MSPs simple client-facing reporting: risky extensions, risky SaaS usage, browser-driven phishing exposure, and user behavior trends. The business reason is simple: attackers are moving into the browser because it is where identity, SaaS, credentials, AI tools, and user decision-making all meet. Huntress already has strong coverage after compromise. A browser-native protection layer would help move Huntress closer to prevention without losing the managed detection value that makes the platform useful for SMBs. My ask: please consider adding browser extension governance and ClickFix/browser-native protection to the roadmap, either as part of ITDR, ESPM, ISPM, or as a dedicated managed browser security module. This would be highly valuable for MSPs and small security teams that want Push Security-like browser protection without adding another standalone platform.