PhishCatch: Detecting Password Reuse from the Inside Out

Does fear of a password leak keep you awake at night? Worried that your MFA implementation might not be comprehensive, that passwordless authentication remains out of reach for your org, or that your best-in-class network traffic inspection platform does nothing while off VPN? Concerned your users will remain prone to phishing regardless of how much training they receive? Spurred by the global shift to remote work, the Palantir InfoSec team set out to address these issues in a robust, scalable, low-friction, and highly-actionable new tool.

PhishCatch is an open-source, identity-provider-agnostic browser extension for both Chrome and Edge, which evaluates use of corporate passwords on non-corporate resources in a more robust and versatile manner than similar tools that have come before. PhishCatch features both local and remote alerting (via an optional API server), enterprise management via Group Policy and/or Jamf Pro profiles, no admin dashboards, consistent detections regardless of VPN status, and – most importantly – an invisible, no-action-required addition to the end user’s web browsing experience. PhishCatch has revolutionized Palantir’s password reuse detection, and we believe it will revolutionize yours too.