Malicious browser extensions pose a significant threat to organizations, exploiting vulnerabilities to access sensitive information on websites visited through the browser. The Elastic Infosec team leverages osquery and the Elastic Stack to maintain a real-time inventory of installed browser extensions, allowing them to detect compromised extensions and alert the team if necessary. Osquery operates as an open-source agent that treats operating systems like relational databases, enabling queries about various system states, including browser extensions. Elastic Security integrates osquery within Kibana, simplifying deployment and management of queries, with results stored in Elasticsearch for historical analysis. The system can execute live queries or scheduled query packs to gather data, and Elastic’s approach facilitates the creation of detection rules for known malicious extensions using threat intelligence reports. This method provides enterprises with a comprehensive strategy to manage browser extensions, mitigating potential risks from both corporate and personal profiles without additional licensing costs, as demonstrated through Elastic's free trial offering.