Okta’s Business of Work study revealed that large organizations use an average of 175 different SaaS apps. Imagine how many different configuration settings, user- and role-level permissions, and API endpoints that represents. Enough to give any CISO a mild panic attack.
That’s why Varonis is excited to announce new functionality in DatAdvantage Cloud that pinpoints org-wide configuration risks and provides recommendations for how to resolve them.
Our new Insights Dashboard adds SaaS Security Posture Management (SSPM) functionality to DatAdvantage Cloud’s unmatched ability to find sensitive data across disparate SaaS apps, reveal who can access it, and monitor data activity for threats.
If you’re a current DatAdvantage Cloud customer, you already have access to the new Insights Dashboard and can start managing configuration risk today!
Varonis Threat Labs has discovered, disclosed, and documented countless SaaS vulnerabilities and misconfigurations to help strengthen the security of our favorite SaaS apps like Box, Zoom, Salesforce, and Jira.
The Insights Dashboard incorporates the findings from our elite cybersecurity research team, so that any time they find a potential SaaS configuration risk, DatAdvantage Cloud will scan your environment and alert you if we think you’re exposed.
Insights include dynamic findings, like an app with an abnormally high number of admins, or static risks, like the Einstein’s Wormhole risk in Salesforce or Jira’s No Time to REST misconfiguration.
This new functionality acts as a force multiplier—extending our security research expertise to your own SaaS environment so that you can eliminate security gaps before attackers find them.
Examples of org-wide settings that the Insights tab would highlight for you include:
As critical SaaS apps release new updates, we monitor how those changes could impact your organization’s security and surface those findings for you to review.
DatAdvantage Cloud doesn’t just show you security gaps, it also gives easy-to-follow recommendations to fix them.
Once an issue is addressed, users can resolve the issue, removing it from their queue. If new findings related to an Insight surface later, the issue will be updated to notify security teams of additional attention that might be needed.
The Insights Dashboard groups Insights from multiple accounts (or tenants) in each SaaS app for easy triaging. For example, issues with Salesforce production, staging, sandbox, and dev environments would all be grouped:
Misconfigurations are one way that cloud apps can potentially put your data at risk. When thinking about securing your data in SaaS apps, consider:
When building a SaaS and IaaS security strategy, it’s important to keep all of these vectors in mind. With the benefits of SaaS come some added risks, but with the right monitoring and attention, the benefits can easily outweigh the risks.
Curious to see where you may have gaps or exposures in your cloud environment? Schedule a time to discuss a free cloud risk assessment lead by our world-class SaaS security experts.
DatAdvantage Cloud is free to try and easy to setup. Simply point DatAdvantage Cloud at your existing cloud services and identity providers without any complex architecture changes or proxies.