Obsidian’s SSPM solution enables organizations to increase their SaaS security

Obsidian Security released its latest suite of SaaS security solutions. This suite of solutions comprising Obsidian Compliance Posture Management, Obsidian Integration Risk Management, and Obsidian Extend will together enable security and GRC teams to increase their SaaS security and compliance posture measurably.

“For far too long, Security and GRC teams have been working in the dark. We hear from security leaders time and again that they have no control over their ever-expanding mesh of SaaS applications and that they worry about every new integration posing an exponentially increased organizational risk,” said Glenn Chisholm, CPO of Obsidian Security.

“On the other hand, GRC and compliance teams today lack basic tooling and often take several months to gather the evidence they need in SaaS to demonstrate and verify compliance with local and industry regulations,” added Chisholm.

Additionally, despite sharing the same overarching goal—to keep business running smoothly—security and GRC teams have not had a common language to communicate and collaborate in.

Obsidian Security’s Next-Gen platform aims to change that by filling a void in the marketplace that has been underinvested in for the last decade with the first set of deeply integrated solutions that will together help organizations reduce third-party SaaS integration risk by over 80% and map technical controls in SaaS to regulatory requirements 90% faster.

Obsidian’s Next-Generation SSPM will include three key modules:

Obsidian Compliance Posture Managemen

Enables organizations to measure and maintain compliance across SaaS environments to both internal security policies and third-party standards including SOC 2, NIST 800-53, ISO 27001, CSA Cloud Controls Matrix (CCM), and more.

By mapping complex frameworks to individually manageable SaaS controls, Obsidian gives teams clear and continuous assurance that the applications their business relies on are in compliance with the legal and regulatory obligations they must uphold. On average, customers can expect to reduce the cost and complexity associated with SaaS compliance from months to minutes.

Obsidian Integration Risk Management

Surfaces risk exposure introduced by SaaS integrations and helps security teams minimize that risk by over 80%. This starts with a deep understanding of complex interconnections between applications, mapping permissions and different levels of access, analyzing integration activity, and uncovering areas of excessive risk.

Obsidian’s Integration Risk Management is the industry’s first solution that will give security teams not just visibility into their integrations across the entire SaaS estate, but also automatically remediate SaaS third-party integration threats in real-time via centrally defined security policies.

Obsidian Extend

Security teams today struggle with protecting sensitive business data across an enterprise IT ecosystem that comprises dozens of SaaS platforms such as Salesforce, Workday, Google Workspace, and Microsoft 365. This challenge isn’t limited to just these central platforms, either—there can be any number of niche cloud applications deployed across an organization specific to a team, an industry, or custom-developed in-house.

Obsidian Extend solves this problem by providing a consolidated, automated, and scalable solution for organizations to assess and monitor security risk across their entire SaaS estate.

All modules of Obsidian’s Next-Gen Posture are generally available to customers now.