Security News

Business teams increase cybersecurity risk due to poor SaaS management
2022-04-14 19:18

A new survey from the Cloud Security Alliance found that IT teams don't have a complete picture of SaaS in use by business units. Too many departments with access to SaaS security settings: 35%. Lack of visibility into changes into the SaaS security settings: 34%. Forty percent of respondents said that business departments, such as legal, marketing and sales, have access to security settings.

The perils of SaaS misconfigurations
2022-04-14 04:00

"Many recent breaches and data leaks have been tied back to misconfigurations. Whereas most research related to misconfigurations has focused strictly on the IaaS layers and entirely ignores the SaaS stack, SaaS security and misconfigurations are equally, if not more, important when it comes to an organization's overall security." "We wanted to gain a deeper understanding of the use of SaaS applications, how security assessments are conducted and the overall awareness of tools that can be used to secure SaaS applications," said Hillary Baron, lead author and research analyst, Cloud Security Alliance.

Into the Breach: Breaking Down 3 SaaS App Cyber Attacks in 2022
2022-04-07 06:00

Security from Device to SaaS - securing a SaaS environment isn't enough when it comes to protecting against a breach. SSO does not go far enough, and organizations that take SaaS security seriously must also include MFA security measures.

SaaS revenue declined by 46% in 2021
2022-03-15 04:00

Software-as-a-service companies saw their revenue growth slow by 46% in 2021 compared to 2020, according to a study by Paddle. In 2020, SaaS businesses' revenue grew on average by 78%, and showed no sign of slowing, and as a result, the market is now worth an estimated $145bn - up from $85bn in 2018.

Getting Your SOC 2 Compliance as a SaaS Company
2022-02-17 05:36

Having SOC 2 compliance means you have implemented organizational controls and practices that provide assurance for the safeguarding and security of client data. After beginning our SOC 2 journey we realized that we did not have a great way to track the reasoning behind a required emergency change, and this was required for our SOC 2 audit.

Contextualizing supply chain risks in a SaaS environment
2022-02-07 06:12

In the wake of the SolarWinds and Kaseya attacks, third-party cybersecurity risks remain top of mind for security leaders. Third-party SaaS vendors have permeated every facet of our workflows and enmeshed itself across enterprise environments.

How SSPM Simplifies Your SOC2 SaaS Security Posture Audit
2022-02-03 02:19

As part of a SOC2 audit, it is necessary to conduct security checks across the company's SaaS stack that will look for misconfigured settings such as detection and monitoring to ensure continued effectiveness of information security controls and prevent unauthorized/ inappropriate access to physical and digital assets and locations. If you're beginning or on a SOC2 audit journey, then an SSPM solution can streamline the process and shorten the time it takes to pass a SOC2 audit successfully, fully covering your SaaS Security posture.

How to Secure Your SaaS Stack with a SaaS Security Posture Management Solution
2022-01-27 13:11

Not to mention the fact that often the SaaS app owner sits outside of the security team in the department that most uses the app, and they are untrained and not focused on the security upkeep of the app. It all amounts to just how unrealistic it is to expect security teams to be able to stay in control of the organization's SaaS stack.

Product showcase: Adaptive Shield SaaS Security Posture Management
2022-01-19 05:30

Not to mention the fact that often the SaaS app owner sits outside of the security team in the department that most uses the app, and they are untrained and not focused on the security upkeep of the app. That's why Gartner named SaaS Security Posture Management as a MUST HAVE solution to continuously assess security risks and manage the SaaS applications' security posture in the "4 Must-Have Technologies That Made the Gartner Hype Cycle for Cloud Security, 2021".

NIST Cybersecurity Framework: A Quick Guide for SaaS Security Compliance
2022-01-06 08:11

The framework enables organizations to improve the security and resilience of critical infrastructure with a well-planned and easy-to-use framework. Although the CSF was written and updated while SaaS was on the rise, it is still geared towards the classic legacy critical infrastructure security challenges.