SaaS Security
CISA Unveils Guidelines to Combat AI-Driven Cyber Threats
AI in SaaS is unavoidable. The top half of ServiceNow’s homepage is dedicated to putting AI to work. Salesforce has 17 mentions of AI or Einstein on its homepage. Copilot dominates the ...
Majority of SaaS Applications, AI Tools Unmanaged
Unmanaged software as a service (SaaS) applications and AI tools within organizations are posing a growing security risk as vulnerabilities increase, according to a report from Grip Security ...
Securing Financial Operations: Know Your SaaS
Regulatory concerns may have slowed initial SaaS adoption for financial services companies, but today, many rely heavily on apps like Salesforce, Microsoft 365, and ServiceNow to manage their operations. Now, fully invested, ...
Sophisticated Spear Phishing Attack Falls Flat Against ITDR
Last month, a threat actor used stolen credentials in an unsuccessful attempt to access a client’s One Drive account. On the surface, this was just another threat actor attempting an account takeover ...
Safeguarding Corporate Social Presence In a SaaS World
In today’s digital landscape, social media platforms stand at the heart of a brand’s identity, reputation, and customer engagement. Despite this, many organizations overlook the security of their social media accounts when ...
Adaptive Shield Puts Complex Permissions on Full Display
Permissions in platform apps, such as Salesforce, Microsoft 365, and Workday, are remarkably complex. While the terminology differs within each application, they are essentially composed of user profiles based on roles, additional ...
Two Lies, One Truth in Securing Your SaaS Stack
Mythology surrounding technology is pervasive. Although ideas like Macs can’t get viruses, charging a phone overnight destroys the battery, and private browsing prevents tracking have all been debunked, they continue to inform ...
A Powerful Approach to SaaS ITDR – Avoiding False Positives on Improbable Travel
In the world of SaaS ITDR, the journey taken matters. There are solutions that began from an ITDR perspective. They built threat-hunting capabilities to parse through any data set, look for anomalies, ...
Guarding the No Code Kingdom: Securing LCNC Applications
Low-code/no-code (LCNC) programming is incredibly powerful. It enables non-programmers to develop microprograms that once took months to develop, all at a fraction of the cost. Created using drag-and-drop tools, LCNC applications are ...
Detecting Externally Facing Resources
In November 2009, as coach of a youth baseball team, I received a Google Sheet with the names, birthdays, contact information, and team names for about 30 kids born between 1997 and ...
