Setting up the Chrome extension
The extension adds Guard.ch to Chrome's right-click menu: choose Open in Guard.ch on a link and the page loads in a disposable browser in our cloud instead of yours. This guide covers the install, the launch flow and the team rollout.
The extension replaces the risky click on a suspicious link with a safe one: the page opens in a throwaway, instrumented browser in our cloud, streamed to your tab, while Guard.ch tallies every request, cookie and fingerprint attempt it makes.
Nothing changes about how you browse: the extension does nothing until you invoke it, and then it only hands the link to an investigation. This guide covers what it adds, what a launch does, the team rollout, what it can and cannot do, and troubleshooting.
What it adds to Chrome
- Open in Guard.ch, in the right-click menu of every link. It also works on selected text, so a phishing URL pasted as plain text can go straight into an investigation without touching your clipboard. When a link and a selection are both in play, the link wins.
- A toolbar button, with a paste box for URLs. Its small menu holds the extension's only two extras: a Workspace SSO field for teams (more on that below) and a Settings shortcut into your Guard.ch dashboard.
- A keyboard shortcut. Ctrl+Shift+G (Cmd+Shift+G on a Mac) sends the page in the current tab into an investigation. Rebind it anytime at chrome://extensions/shortcuts.
Install it
The extension is a free install from the Chrome Web Store:
- Open the Guard.ch extension on the Chrome Web Store.
- Click Add to Chrome and confirm with Add extension.
- Optional: click the puzzle icon in the toolbar and pin Guard.ch Companion, so the paste-a-URL button stays within reach.
- Right-click any link and choose Open in Guard.ch. That is the whole workflow; there is no account step and no settings screen.
Prefer to inspect what you install? Download the packed build, unzip it, open chrome://extensions, switch on Developer mode and choose Load unpacked with the unzipped folder. A manual install does not update itself; the store one does.
What happens when you launch
However you trigger it, the extension does exactly one thing: it opens a new tab on guard.ch and hands over the target address in encoded form. The suspicious page itself never loads in your Chrome. What loads is Guard.ch's launcher, which starts a disposable browser in our cloud, streams it into the tab, and switches to the live report. The extension makes no network requests of its own and holds no account; the tab simply runs in your normal signed-in Guard.ch session.
That session is the only requirement. Signed out, the tab lands on the Guard.ch sign-in first; on managed company installs it goes straight to your company's own sign-in instead (see the team section below). And investigations are part of the paid product, so the account needs an active plan or trial; the tab says so plainly if it does not.
What counts as a link
The extension is deliberately strict about what it will launch, so a slip of the mouse cannot start an investigation of nonsense. It accepts:
- Full addresses with http:// or https://.
- Bare domains such as example-shop.com; https:// is assumed in front.
- IP addresses and localhost, with or without a port.
- Selected text that spells one of the above; surrounding spaces are ignored.
Deploying to a team
The extension is built to be pushed. IT can force-install it through Chrome's usual management channel and hand it the workspace's sign-in name in the same policy. From then on, every launch on a managed device routes through the company's Microsoft sign-in: a colleague with a live Microsoft session never sees a form at all, and even opening the Guard.ch sign-in page directly signs them in silently. New members can get their Guard.ch account created on their first sign-in.
The exact rollout steps for every browser and management tool live in your workspace settings under Configure extensions, and the single sign-on behind it has its own step-by-step guide. No IT involved? The same routing can be set by hand: open the toolbar popup's menu, choose Workspace SSO and enter your workspace's sign-in name. A policy-pushed value always wins over the hand-set one; the popup then shows it read-only.
Incognito windows
Extensions stay out of Incognito until you let them in, so the right-click item will not appear there at first. Open chrome://extensions, choose Details on Guard.ch Companion and switch on Allow in Incognito. Installs are per profile, too: each Chrome profile carries its own copy of the extension with its own settings.
What it can and cannot do
The extension holds no keys to your browsing. It has no permission to read the pages you visit; it acts only when you invoke it, on the link or page you invoked it for. Its permission list is short and boring: the right-click menu, notifications for its two error messages, momentary access to the current tab at the instant you fire the shortcut, and local storage for its single setting, the optional workspace sign-in name.
The investigation itself runs entirely in our cloud. The suspicious page never loads in your Chrome, nothing downloads to your machine, and the extension phones nobody: no analytics, no requests of its own. The only thing it ever does to the network is open a guard.ch tab.
- Works with
- Google Chrome
- Install
- Chrome Web Store, free
- Permissions
- Right-click menu, notifications, the current tab only when invoked, one stored setting
- Languages
- English and German, following the browser language
- Network calls
- None of its own. It only ever opens guard.ch tabs.
- Runs
- In a disposable browser in our cloud, never on your machine
Troubleshooting
Almost everything the extension can run into has a one-line answer:
“That isn't a URL Guard can open.” The launch was rejected before any tab opened: what you right-clicked or pasted does not parse as an address. Full URLs, bare domains, IPs and localhost pass; anything else does not. A stray word in the selection is the usual culprit.
“There's no page to investigate in this tab.” The keyboard shortcut needs an actual page in the active tab. On a blank new tab or a browser-internal page there is nothing to hand over; use the toolbar popup instead.
The right-click item is missing. Three usual causes: an Incognito window without Allow in Incognito (see above), a different Chrome profile (each profile installs its own extensions), or a managed browser whose policy blocks store installs; in that case your IT rolls the extension out centrally.
The shortcut does nothing. Another extension probably claimed Ctrl+Shift+G first, or the binding was cleared. chrome://extensions/shortcuts shows who owns which key and lets you rebind it.
The tab lands on a sign-in screen. Expected when you are signed out: sign in once and relaunch. On a managed company install it should not happen; it usually means the pushed workspace name does not match the workspace's sign-in link. The rollout wizard in the dashboard shows the exact value to push.
The tab shows an upgrade screen. The account is signed in but carries no active plan or trial. Extension launches are part of the paid product; start the trial, or ask your workspace manager for a seat.
Other entry points
However a link reaches Guard.ch, it lands in the same capture and the same report. Browse the other ways in on the integrations page, or see what an investigation actually captures on the product page.