Closing security gaps in multi-cloud and SaaS environments
In this Help Net Security interview, Kunal Modasiya, SVP, Product Management, GTM, and Growth at Qualys, discusses recent Qualys research on the state of cloud and SaaS …
The hidden risk in SaaS: Why companies need a digital identity exit strategy
In the face of sudden trade restrictions, sanctions, or policy shifts, relying on SaaS providers outside your region for identity services is a gamble that companies can no …
Only 3% of organizations have a dedicated budget for SaaS security
Mid-market organizations are grappling with managing the large volume of SaaS applications, both sanctioned and unsanctioned, with actual numbers often exceeding expectations, …
Who handles what? Common misconceptions about SaaS security responsibilities
In this Help Net Security interview, James Dolph, CISO at Guidewire, addresses common misconceptions about security responsibilities in cloud environments, particularly in …
How to choose secure, verifiable technologies?
The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has published a guidance document titled Choosing Secure and Verifiable Technologies, …
Cross-IdP impersonation bypasses SSO protections
Cross-IdP impersonation – a technique that enables attackers to hijack the single sign-on (SSO) process to gain unauthorized access to downstream software-as-a-service …
Why companies are struggling to keep up with SaaS data protection
While businesses increasingly rely on SaaS tools, many leaders are not fully confident in their ability to safeguard their data, according to Keepit. Growing concerns over …
The case for enterprise exposure management
For several years, external attack surface management (EASM) has been an important focus for many security organizations and the vendors that serve them. EASM, attempting to …
Human firewalls are essential to keeping SaaS environments safe
Businesses run on SaaS solutions: nearly every business function relies on multiple cloud-based tech platforms and collaborative work tools like Slack, Google Workspace apps, …
A third of organizations suffered a SaaS data breach this year
While SaaS security is finally getting the attention it deserves, there’s still a significant gap between intent and implementation. Ad hoc strategies and other practices …
35% of exposed API keys still active, posing major security risks
Nightfall AI’s research revealed that secrets like passwords and API keys were most often found in GitHub, with nearly 350 total secrets exposed per 100 employees every …
Review: Action1 – Simple and powerful patch management
Although endpoint anti-malware and other security controls are now standard at the operating system level, keeping all endpoint software up-to-date and secure remains an open …