Security News

Where SSO Falls Short in Protecting SaaS
2023-03-27 10:56

While SSO is an important step in securing SaaS apps and their data, having just SSOs in place to secure the SaaS stack in its entirety is not enough. SSO alone won't prevent a threat actor from accessing a SaaS app.

THN Webinar: Inside the High Risk of 3rd-Party SaaS Apps
2023-03-24 11:43

Employees don't realize that this SaaS-to-SaaS connectivity, which typically takes place outside the view of the security team, significantly increases risk. To handle the SaaS Security challenges, security teams need to address the entire SaaS ecosystem.

How to Apply NIST Principles to SaaS in 2023
2023-03-13 12:23

While NIST hasn't directly developed standards related to securing the SaaS ecosystem, they are instrumental in the way we approach SaaS security. They need to integrate seamlessly with SaaS applications and provide coverage for the entire SaaS stack.

Security and IT Teams No Longer Need To Pay For SaaS-Shadow IT Discovery
2023-03-04 11:33

"In today's economic reality, security budgets have not necessarily been cut down, but buyers are far more careful in their purchasing decisions and rightfully so. We believe that you cannot secure what you do not know, so knowing should be a basic commodity. Once you understand the magnitude of your SaaS attack layer, you can make an educated decision as to how you are going to solve it. Discovery is the natural and basic first step and it should be accessible to anyone." said Galit Lubetzky Sharon, Wing's Co-Founder and CTO. The company reported that within the first few weeks of launching, over 200 companies enrolled in their self-service free discovery tool, adding to the company's existing customer base. The challenge is that SaaS applications are often onboarded by employees without involving IT or security teams.

Security teams have no control over risky SaaS-to-SaaS connections
2023-02-28 04:30

While these SaaS-to-SaaS connections provide enhanced features that boost workflow efficiency, they also give permission for apps to read, update, create, delete, or otherwise engage with corporate and personal data. In its report, Adaptive Shield identifies how many SaaS apps are being connected to the core SaaS stack, specifically Microsoft 365 and Google Workspace and business-critical apps such as Salesforce and Slack, the types of permissions being granted to these applications, and the risk level these apps present.

How to Tackle the Top SaaS Challenges of 2023
2023-02-24 14:01

Are you prepared to tackle the top SaaS challenges of 2023? With high-profile data breaches affecting major companies like Nissan and Slack, it's clear that SaaS apps are a prime target for cyberattacks. Join us for an upcoming webinar that will equip you with the insights you need to overcome the top SaaS challenges of 2023.

Four steps SMBs can take to close SaaS security gaps
2023-02-20 05:30

Gartner forecasts a 16.8% growth for SaaS in 2023 as companies - including SMBs - add new SaaS platforms to their IT stack. Too often we find SMBs think security is all in the hands of the SaaS provider, when in fact the SaaS customer is always responsible for their data and their users.

Reimagining zero trust for modern SaaS
2023-02-13 05:30

While zero trust can be an effective approach to security, it can also present some challenges, particularly when it comes to implementing it for software as a service due to the fast pace of its adoption, distributed ownership of SaaS applications across organizations, and the shared responsibility model between a SaaS vendor and a customer. The traditional approach to SaaS security challenges has been to use a cloud access security broker and/or identity provider to manage access to SaaS applications.

SaaS in the Real World: Who's Responsible to Secure this Data?
2023-02-06 10:00

Today, most security and IT teams understand the shared responsibility model, in which the SaaS vendor is responsible for securing the application, while the organization is responsible for securing their data. SaaS data breaches and SaaS ransomware attacks can lead to the loss or public exposure of that data.

Eliminating SaaS Shadow IT is Now Available via a Self-Service Product, Free of Charge
2023-01-28 10:41

Wing Security recently announced that it is making its SaaS application discovery engine available as a free, self-service product. The risks associated with SaaS Shadow IT have become more prevalent in recent years due to the widespread use of SaaS within organizations.