Security News

As an answer to this emerging challenge, XDR provider Cynet has added a new SaaS Security Posture Management tool to its existing platform. Regardless of the size of an organization or its security team, managing the security policy and posture of dozens to hundreds of SaaS applications is a complex task, and one that requires the right tools to expedite and optimize.

Cloud security is the umbrella that holds within it: IaaS, PaaS and SaaS. Gartner created the SaaS Security Posture Management category for solutions that continuously assess security risk and manage the SaaS applications' security posture. While the native security controls of SaaS apps are often robust, it falls on the responsibility of the organization to ensure that all configurations are properly set - from global settings, to every user role and privilege.

A new guide from XDR and SSPM provider Cynet, titled The Guide for Reducing SaaS Applications Risk for Lean IT Security Teams, breaks down exactly why SaaS ecosystems are so risky, and how security teams can mitigate those dangers. The risk of a digital disaster is impossible to ignore - especially given the security paradigms that govern most SaaS applications.

A BetterCloud survey of more than 500 IT and security professionals reveals the latest challenges of managing SaaS at scale, particularly as digital transformation catapulted forward in 2021 - and IT kept the momentum going. SaaS security is top of mind for IT. 69 percent of respondents worry about unsanctioned SaaS apps.

These are categorized into four according to their type of security issues, namely virtualization level, application level, network level, and physical level security issues. One security firm released a report in February this year, revealing that 91 percent of companies experienced API security problems while over 80 percent were uncertain if their APIs were compromised.

Enterprises worldwide continue to migrate from proprietary, licensed software to software-as-a-service subscriptions as they seek innovation, better user experience and lower cost, according to a report published by Information Services Group. The report on the global market finds enterprise SaaS demand rebounding from a slowdown caused by the COVID-19 crisis.

Business investment in SaaS applications continues to climb despite widespread underutilization of app licenses by employees. The data also shows 56% of all apps are Shadow IT, or owned and managed outside of IT. The SaaS market has been growing ever since Amazon built the first public cloud and is projected by Gartner to be nearly $140B by 2022.

Based on customer data, the findings clearly illustrate there is a magnitude of SaaS data exposure, with 40% of all SaaS assets unmanaged, providing internal, external and public data access. Although cloud-based applications dramatically increase the efficiency and productivity throughout an enterprise, there is a significant threat that is often underestimated by CIOs and CISOs - unchecked and unmanaged data access by the SaaS provider.

Intrigue's attack surface management technology will be integrated into the Mandiant Advantage platform, enabling organizations to discover, monitor, and manage risk across their entire attack surface. By offering Intrigue's technology through the Mandiant Advantage platform, customers will be able to address critical gaps in their security programs by leveraging the latest attack surface management capabilities in an easy-to-use software-as-a-service platform.

Today, most companies rely on manual processes and good intentions to ensure proper SaaS security management, but that is not enough. The AppOmni SaaS Security Management platform, which offers a full suite of SaaS security posture, protection, and monitoring capabilities, covers the most widely adopted and business-critical SaaS applications on the market including Salesforce, ServiceNow, Microsoft 365, Microsoft Teams, GitHub, Workday, Box, Slack, and Zoom.