Axonius releases two new capabilities within Axonius SaaS Management to help organizations better understand their overall SaaS application risk.
Behavioral Analytics and SaaS App-to-Device Correlation allow IT and security teams to gain added visibility and context into the users and devices accessing SaaS applications, and whether suspicious activity is occurring for critical SaaS apps.
SaaS continues to represent an ever-expanding component of an organization’s attack surface. Not only does the increase in adoption of SaaS applications change IT and security operations, it also adds new role and skill expectations for IT and security team members – like using already scarce resources to track organization SaaS app utilization and identify misconfigured SaaS settings potentially exposing sensitive data. All of this adds to more complexity and can have a profound impact on an organization’s security posture.
“A lot of sensitive data is stored in and shared between SaaS applications, and oftentimes, it’s very difficult to understand which users and devices have access to those applications,” said Amir Ofek, CEO of AxoniusX, the innovation unit of Axonius. “For IT and security teams tasked with protecting their organization’s entire SaaS app stack, they need the right information to help them better understand the who, the what, and the how of SaaS app usage. These new capabilities within our SaaS management solution will bring necessary context to the questions surrounding SaaS security.”
SaaS App-to-Device Correlation
SaaS App-to-Device Correlation helps understand if unmanaged and unauthorized devices are being used to access various SaaS apps. By leveraging Axonius Cybersecurity Asset Management and its hundreds of adapters across the technology stack, Axonius SaaS Management will now automatically correlate each SaaS user to their associated devices and provide a more comprehensive view of an organization’s security posture. Organizations will now have visibility into unmanaged or unauthorized devices accessing SaaS apps, and be able to decrease the risk of data loss.
“SaaS App-to-Device correlation ultimately helps organizations contextualize their SaaS application data,” continued Ofek. “Using both Axonius Cybersecurity Asset Management and SaaS Management products, organizations gain a more complete view of their device security posture than they might receive with standalone integrations. No other solution on the market today can offer this much comprehensive and rich data.”
Over the past year, we’ve seen an increase in data breaches originating from SaaS applications. For example, the Okta breach in early 2022 demonstrated how one compromised SaaS application can often have a domino effect throughout an entire organization.
By adding Behavioral Analytics capabilities within Axonius SaaS Management, organizations will gain visibility into user behavior within SaaS applications over time – and be able to detect any anomalies or suspicious activity that could pose organizational risk.
The solution aggregates log data across various sources, including Okta, Microsoft Azure AD, and Google Workspace, to identify suspicious activity, events, and complex behavioral patterns. As a result, Axonius helps facilitate in-depth investigations by the incident response and SOC teams within the organization.
Beyond identifying suspicious behavior, the behavioral analytics capability can help organizations investigate temporary privileges granted for existing users, identify anomalous login activities that deviate from the user’s normal activity and other baselines, minimize data theft or leakage of confidential data, and more.
“These latest developments and the integration of the Axonius Cybersecurity Asset Management and SaaS Management products ensure comprehensive visibility and further correlation across SaaS applications, devices, cloud services, and users in an organization’s environment, streamlining efforts to reduce the attack surface amidst an increasingly complex cyber landscape,” said Ofek.