March 7, 2024 at 06:27AM In today’s SaaS environment, security efforts primarily focus on human users, using tools like MFA and RBAC. However, non-human access from apps and integrations poses a security challenge. Managing non-human accounts varies across apps and SaaS platforms, requiring specific security measures and continuous monitoring to detect anomalies and prevent unauthorized … Read more
February 20, 2024 at 06:27AM The NIST cybersecurity framework is crucial for securing SaaS applications. Challenges arise due to varied settings in each application. Universal configurations, RBAC, limited redundancy, elimination of external admins, Admin MFA, and preventing data leaks are important. Strengthen passwords, prevent password spray attacks, and ensure proper configurations to align SaaS security … Read more
January 24, 2024 at 09:45AM A critical loophole named Sys:All in Google Kubernetes Engine (GKE) has been discovered by cybersecurity researchers, allowing threat actors with a Google account to take control of GKE clusters. Around 250,000 active GKE clusters are susceptible. Google has taken steps to address the issue in GKE versions 1.28 and later. … Read more