Articles about SaaS

As enterprises embrace hybrid work, SaaS applications, and AI tools at unprecedented scale, one critical access point is being increasingly targeted by attackers: the browser.

To better understand the risks and what can be done to secure the browser, we spoke with Alon Levin, vice president of product management at Seraphic Security, and an expert in enterprise browser security.

Continue reading →

A recent study from IBM revealed that insider threats were the costliest data breaches of 2024, averaging $4.99 million per incident.

Andrius Buinovskis, cybersecurity expert at security platform NordLayer, says that as more companies adopt a browser-first approach, mitigating insider threats will become even more challenging because of the limited visibility security administrators have into employee activity taking place within the browser.

Continue reading →

Thanks to a growth in remote working and the use of SaaS applications enterprise reliance on browsers is growing, but this leaves them open to risks stemming from dangerous employee web behavior.

According to a cybersecurity expert at network security platform NordLayer, some employee activity that may go undetected by security teams can result in confidential data and industry secrets leaks or violations of GDPR.

Continue reading →

Organizations are often using 50 or more different security tools and, even with the help of AI, they need to manually interact with each when investigating cybersecurity incidents.

A new SaaS security Model Context Protocol (MCP) server launched by AppOmni at this week's RSA Conference is designed to let security teams spend less time investigating incidents and more time taking action to fix them.

Continue reading →

New research commissioned by Valence Security from the Cloud Security Alliance looks at the current state of SaaS security to uncover key challenges and explore how organizations are securing and managing their SaaS environments.

It finds SaaS security is a top priority for 86 percent of organizations, with 76 percent of respondents saying they are increasing their budgets this year.

Continue reading →

Do you trust your SaaS vendor with the keys to your kingdom? The agent running on your systems is only as secure as your cloud vendor’s security posture. It’s a security risk that should keep every organization’s IT and security teams up at night.

Many vendors will cite pen testing, bug bounty programs, and certifications like SOC 2 and ISO 27001 as a testament to their security. But the reality is that breaches still happen.

Continue reading →

While 51 percent of organizations rely on their security teams to manage AI risks, 33 percent say that they either lack a dedicated role or are unsure who holds responsibility for AI risk management.

A new report from Wing Security and the Cloud Security Alliance also highlights that only 44 percent of organizations prioritize protecting all their sanctioned applications, while a mere 17 percent include unsanctioned ones as a priority.

Continue reading →

A new survey from Flexera shows that 42 percent of IT leaders say they believe if they could integrate AI, it would make the most difference to their organizations.

The study surveyed 800 IT leaders from the US, UK, Germany and Australia to determine how IT decision makers' priorities have evolved over the past 12 months and outline their focus for next year.

Continue reading →

A new report reveals that 90 percent of SaaS applications and 91 percent of AI tools within enterprises remain unmanaged, suggesting a widespread vulnerability that continues to grow.

The study from Grip Security highlights the limitations of traditional security strategies in combating 'SaaS risk creep' the number of SaaS applications used in an enterprise increased by 40 percent over the last two years.

Continue reading →

The ease with which employees can sign up for unsanctioned cloud services continues to haunt security operations teams. Call it cloud sprawl, SaaS sprawl, or identity sprawl -- all variations on the same theme: Workers or departments signing up for unmanaged cloud services that businesses might not even know about, resulting in redundant services, unmanaged subscriptions, and security debt. In 2023, companies used an average of 112 different software-as-a-service (SaaS) applications, down slightly from the 2022 peak of 130, and those are conservative estimates.

SaaS sprawl is both an IT management and security problem -- it complements Shadow IT. Increasingly, CISOs recognize the issue but often take steps that turn their employees into adversaries, not allies.

Continue reading →

The average company uses 342 SaaS apps prompting B2B software buyers to consider integrations a top priority in their purchasing decisions. However, simply providing connections between platforms is not enough for SaaS companies to deliver a good user experience. Customers should be able to discover, activate and monitor integrations without calling customer support.

An integration marketplace offers an elegant solution to software connectivity challenges. This feature provides a centralized, self-service hub for integrations that delivers a seamless experience for customers connecting your application to their other tools. Users can create a more cohesive tech stack with just a few clicks. Marketplaces save customers time and resources and position your company as a more flexible, scalable and indispensable partner, driving higher product adoption and customer retention.

Continue reading →

A new survey finds 73 percent of security professionals admit to using SaaS applications that have not been provided by their company's IT team in the past year.

This is despite the fact that they are acutely aware of the risks, with respondents naming data loss (65 percent), lack of visibility and control (62 percent) and data breaches (52 percent) as the top risks of using unauthorized tools.

Continue reading →

There's an abundance of apps and SaaS solutions readily available these days to make the lives of employees easier and perform many work-related tasks. And the list keeps growing, with the likes of ChatGPT and Gemini paving the way for more AI-driven virtual assistants.

This is all well and good, unless your organization doesn't sanction the use of the software in question, turning something seemingly innocuous into shadow SaaS -- and a security risk. We spoke to John Stringer, head of product at data loss prevention specialist Next DLP, to learn more.

Continue reading →

Organizations have prioritized investment in SaaS security, with 70 percent establishing dedicated SaaS security teams, despite economic uncertainty and workforce reductions.

A new report from the Cloud Security Alliance (CSA), commissioned by cloud security specialist Adaptive Shield, also finds 39 percent of organizations are increasing their SaaS cybersecurity budgets compared to last year.

Continue reading →

For banks, know-your-customer (KYC) measures amount to 40 percent of all anti money laundering (AML) compliance costs, totaling $5.7 million each year. This sum is tiny, however, compared to what is paid for non-compliance. In 2022, global fines for inadequate AML grew by 50 percent, almost reaching $5 billion.

We spoke to Vaidotas Šedys, head of risk management at web intelligence platform Oxylabs, to discover that KYC-related challenges are not just faced by banks but are an issue for proxy and web scraping service providers too.

Continue reading →