Social Media Accounts: The Weak Link in Organizational SaaS Security

October 9, 2024 at 07:39AM Organizations often neglect social media account security, risking reputational damage and financial losses. With multiple access layers and stakeholders, proper governance is critical. Utilizing SaaS Security Posture Management (SSPM) tools can enhance oversight, mitigate risks, and ensure only authorized users engage on behalf of the brand. ### Meeting Takeaways – … Read more

Shining a Light on Shadow Apps: The Invisible Gateway to SaaS Data Breaches

September 10, 2024 at 07:39AM Shadow apps, a subset of Shadow IT, are SaaS applications procured without the security team’s knowledge. They may lack essential security measures and compliance standards, posing risks such as data leaks and regulatory violations. Standalone and integrated shadow apps both expand the company’s attack surface. SaaS Security Posture Management (SSPM) … Read more

Suspicious Minds: Insider Threats in The SaaS World

August 6, 2024 at 08:06AM The text discusses the challenges of insider threats in SaaS security and the importance of detecting and responding to these threats. It introduces the concept of Identity Threat Detection & Response (ITDR) and its role in monitoring and responding to suspicious behavior, emphasizing the need for a comprehensive SaaS security … Read more

The Annual SaaS Security Report: 2025 CISO Plans and Priorities

June 18, 2024 at 07:30AM Organizations are increasingly prioritizing investment in SaaS security, with 70% establishing dedicated teams and boosting budgets and headcount, according to the Cloud Security Alliance’s “2025 CISO Plans and Priorities” survey. The report highlights improved security capabilities but also challenges in achieving visibility into business-critical apps. The adoption of SaaS Security … Read more

Cloud Security Alliance Survey Finds 70% of Organizations Have Established Dedicated SaaS Security Teams

June 5, 2024 at 04:08PM The Cloud Security Alliance released the fourth Annual SaaS Security Survey Report, highlighting that 70% of organizations are prioritizing investment in SaaS security. It revealed the establishment of dedicated SaaS security teams and increased budgets. Despite challenges, companies investing in SaaS security are experiencing fewer security incidents, signaling a positive … Read more

Unpacking 2024’s SaaS Threat Predictions

June 5, 2024 at 07:54AM Wing Security’s 2024 SaaS Security Report identified emergent threats and best practices for SaaS security. The report’s predictions have already manifested halfway through the year. Breach frequency is rising, demanding timelier threat alerts. Notably, Shadow AI, Supply Chain, Credential Access, and MFA Bypassing threats were outlined, all combatable with Automated … Read more

The Ultimate SaaS Security Posture Management Checklist, 2025 Edition

May 22, 2024 at 06:49AM The Ultimate SaaS Security Posture Management (SSPM) Checklist, updated for 2025, addresses the growing challenge of securing the corporate SaaS sprawl. It emphasizes the need for a comprehensive SSPM solution covering misconfiguration management, identity security, permissions management, device-to-SaaS relationship, GenAI security posture, data leakage protection, and threat detection & response … Read more

A SaaS Security Challenge: Getting Permissions All in One Place 

May 8, 2024 at 11:07AM SaaS platforms like Salesforce, Workday, and Microsoft 365 offer precise permissions, dictating user access to data. However, managing these permissions can be complex and challenging, leading to security vulnerabilities. A centralized Permissions Inventory enables organizations to reduce their attack surface, improve regulatory compliance, and streamline SaaS security, with future tools … Read more

How the New NIST 2.0 Guidelines Help Detect SaaS Threats

March 18, 2024 at 09:54AM The SaaS ecosystem has rapidly expanded since NIST’s cybersecurity framework 1.1 and SaaS is now the main way businesses use software. The just-released NIST Cybersecurity Framework (CSF) 2.0 seem to prioritize SaaS security needs. Recent breaches highlight the importance of adhering to NIST standards. Applying NIST 2.0 guidelines through SSPM … Read more

Human vs. Non-Human Identity in SaaS

March 7, 2024 at 06:27AM In today’s SaaS environment, security efforts primarily focus on human users, using tools like MFA and RBAC. However, non-human access from apps and integrations poses a security challenge. Managing non-human accounts varies across apps and SaaS platforms, requiring specific security measures and continuous monitoring to detect anomalies and prevent unauthorized … Read more