Security News > 2021 > April > SaaS Attacks: Lessons from Real-Life Misconfiguration Exploits

SaaS Security Posture Management takes an automated approach to tracking, and even remediating, the exploitable misconfigurations in organizations' SaaS apps.

It's unfortunate but true: SaaS attacks continue to increase.

You can't get around it, COVID-19 accelerated the already exploding SaaS market and caused industries not planning on making a switch to embrace SaaS. With SaaS apps becoming the default system of record for organizations, it has left many struggling to secure their company's SaaS estate.

An emerging category named by Gartner, SaaS Security Posture Management refers to solutions that take an automated approach to tracking, and even remediating, the exploitable misconfigurations in organizations' SaaS apps like Microsoft's 365, Google Workspace, Salesforce, Slack, Zoom, Box, Dropbox, among others.

Cloud Access Security Brokers are event-driven. When it comes to SaaS apps they are reactive, focusing on the detection of breaches once they have occurred. This doesn't help in preventing the SaaS misconfiguration from causing the breach in the first place. There are also Cloud Security Posture Management tools, yet they mostly address IaaS and PaaS security use cases. What's needed are strong and effective controls dedicated to monitor and remediate SaaS misconfigurations."

SSPM solutions, like Adaptive Shield, are built to help CISOs and security professionals handle the profound change to an expansive SaaS ecosystem and prevent misconfiguration vulnerabilities from leading to a leak or breach.

News URL

https://threatpost.com/lessons-from-real-life-misconfiguration-exploitations/165659/