Category: Adaptive Shield

New capabilities help security teams secure the SaaS AI ecosystem amid increasing adoption of AI tools, functionalities

RSA Conference–Adaptive Shield, the leader in SaaS Security, today announced breakthrough SaaS Security Posture Management (SSPM) detection and response capabilities for AI-driven applications to enable enterprises to mitigate the risks introduced by the growing use of generative AI.

Adaptive Shield will demonstrate its SSPM AI capabilities and award-winning technology during the RSA Conference 2024 in San Francisco at booth #1455, Moscone South Expo. The event takes place from Monday, May 6 through Thursday, May 9, 2024.

The workforce is rapidly adopting SaaS applications with GenAI to increase efficiency, including AI apps such as ChatGPT and Google Gimni, and AI tools within existing SaaS apps such as GitHub Copilot, Salesforce Einstein, and Microsoft 365 Copilot. According to a recent PWC report, more than half of the companies surveyed (54%) have implemented GenAI in some areas of their business.

While increasing automation and improving productivity, the use of GenAI introduces new risks including data leakage, attack surface expansion, new areas of exploitation, and privacy concerns, as well as new challenges to meet compliance and government requirements.

“The GenAI revolution requires new security strategies and organizations recognize the need to make it a priority,” said Maor Bin, CEO and co-founder of Adaptive Shield. “Some organizations are working to ban GenAI because of their unfamiliarity with the risks. Rather than attempting to block this development, they should invest in security, as it’s just a matter of time until the technology becomes ubiquitous.”

Toward that end, Adaptive Shield is announcing a product suite within its SSPM platform to help Chief AI Officers and security teams manage and control GenAI tools, featuring:

  • Security Posture for AI Apps: Delve into the security posture of any AI application within the SaaS stack and prioritize addressing application configuration drifts. Adaptive Shield provides a security score for each application, enabling security teams to pinpoint those with heightened risk levels. This includes:
    • Hygiene/risk score based on the number of security checks passed, weighted by severity.
    • Detailed security checks, filterable by domain, severity, or compliance framework. This entails step-by-step guidance and remediation cycles through any ticketing system or SIEM/SOAR.
    • Risk management pertaining to the relationship between user devices and their access to the SaaS app.
  • AI Configurations: Control AI-related security settings within SaaS applications to prevent data leakage or any exposure. This includes identifying excessive user access and determining which users possess permissions to manage GenAI features.
  • Discovery and Management of AI Shadow Apps: Identify GenAI Shadow apps, including suspected malicious applications, to automatically revoke access based on their risk level.
  • Management of 3rd Party Longtail AI-Sanctioned Apps: Oversee interconnected GenAI applications and the level of risk they pose to the SaaS hubs, including reviewing permission scopes.
  • Secure Homegrown Applications: Shield homegrown GenAI-driven applications, restricting access and configuring them securely.
  • Data Management to Maintain Data Silos: AI potentially accesses sensitive data in a more sophisticated and comprehensive manner than traditional methods. The ability of AI to analyze and correlate information from multiple sources could lead to a more extensive data exposure. With Adaptive Shield you can govern security controls to avoid data leakage.

Adaptive Shield’s industry-leading platform for SSPM and ITDR supports 150+ out-of-the-box SaaS app integrations with leading business applications, as well as any custom app.

More information about Adaptive Shield’s platform and new SSPM AI capabilities online.

To meet with an executive on the team onsite at RSAC or remotely, please reach out here.

About Adaptive Shield

Adaptive Shield, leader in SaaS Security, enables security teams to secure their entire SaaS stack through threat prevention, detection and response. With Adaptive Shield, organizations continuously manage and control all SaaS apps, including 3rd-party connected apps, as well as govern all SaaS users and risks associated with their devices. Founded by Maor Bin and Jony Shlomoff, Adaptive Shield works with many Fortune 500 enterprises and has been named Gartner® Cool Vendor™ 2022.

Contacts

Media

Chloe Amante

Montner Tech PR

camante@montner.com

 

The post Adaptive Shield Launches SaaS Security for AI at RSA Conference 2024 to Mitigate GenAI Revolution Risks appeared first on Cybersecurity Insiders.

By Maor Bin, CEO, Adaptive Shield

One piece of advice I like to give security professionals is this – it’s often instructive to view cybersecurity from the threat actor’s perspective. In a SaaS world, that means understanding the behavior patterns of threat actors and then identifying the SaaS entry point they would likely prioritize.

What you’ll likely find is that bad actors often focus on highly coveted access points. Some examples include orphan accounts, unused local admin accounts, and other high-privilege, underutilized accounts that were involved in SaaS app setup.

In the early days of SaaS security, the tools were designed to protect access to SaaS apps, looking mostly at log-ins, passwords, and SSO. What many don’t realize is that SaaS security has evolved into a much more comprehensive security program.

The evolution of SaaS security is essential because businesses are becoming increasingly more SaaS driven—Fortune Business Insights reports that “the global SaaS market is projected to grow from $273.55 billion in 2023 to $908.21 billion by 2030.” This growth demands a holistic SaaS ecosystem security program that can help protect an organization by eliminating vulnerabilities and mitigating risk using the latest cybersecurity methodologies.

Now for the big question—where do you start?

Begin with Identity Fabric

Identity is one of the main barriers that threat actors must overcome. In fact, today, a person’s identity is often all that’s standing between a threat actor and a company’s most sensitive data. Identity fabric is a concept put forth by Gartner, which can be used to prevent this type of attack. This concept, which includes Identity and Access Management (IAM) and Identity Governance and Administration (IGA), requires centralized access control over decentralized applications and must be capable of tracking access from humans and machines, including access granted to third-party applications.

Speed is also important. Identity fabric must be fast, operating with near-imperceptible latency, so it doesn’t impact the user experience. The speed must be accompanied with an effective alert system that sounds the alarm in the event of suspicious activities, such as the creation of new admin accounts.

Complement with Endpoint Protection

Another important element is Endpoint Protection. Today this is rarely considered when teams strategize over SaaS security approaches. This is a big mistake. Computers and other devices that access the SaaS stack are often using outdated operating systems, web browsers, anti-virus software, or other outdated software. All of these can be exploited. For example, a keylogger on a computer used by a high-privileged SaaS admin can hand over the keys to valuable SaaS data.

Endpoint protection is vital to a holistic SaaS ecosystem security program because it allows teams to monitor device operating systems being used to access the SaaS stack, check compliance of the device to global standards and company policy and generate a user risk assessment.

By combining endpoint protection hygiene data with SaaS data and associating devices with users, security teams can manage SaaS risks. With this context, the organization can develop security policies and prioritize and manage the remediation of device vulnerabilities or limit access.

Deploy SaaS Threat Detection

The detection of SaaS threats requires an identity-centric approach. Identity Threat Detection & Response (ITDR) is defined as a set of security measures designed to detect and respond to identity-related Indications of Compromise (IoCs), suspicious activities and malicious applications that have accidentally been installed by users.

Once in the security team’s hands, they can investigate and respond to these threats.

Secure the Breadth and Depth of the Ecosystem

For most organizations, the SaaS stack covers a broad range of applications that touch every department. However, a major mistake many security teams make is that they tend to focus their efforts on the most critical applications, such as CRM or Workspace. As a result, while they protect data in these areas, they are exposing sensitive records stored within all the other applications.

Best practices do dictate that teams begin by securing the most important applications within the organization’s stack, but they don’t suggest stopping there. Securing the SaaS ecosystem requires an approach that is both broad in terms of covering every application and deep in terms of security checks.

The Attainment of SaaS Ecosystem Security

SaaS-enabled businesses are increasingly becoming the norm as companies experience the vast benefits that come with these new cloud offerings. Naturally, these new environments introduce new challenges, especially for security teams.

The best way to secure a growing SaaS stack is through a holistic approach that leverages the SaaS security tools that deliver a comprehensive approach to all SaaS apps in the stack. In addition, they must emphasize securing identity-based access points as well as endpoint devices that access SaaS applications, and review 3rd party applications that are connected to various SaaS hubs while maturing the organization’s ability to prevent threats.

This is how businesses can soar in the cloud while keeping this new and growing environment fully protected.

The post Kickstarting a Holistic SaaS Ecosystem Security Program appeared first on Cybersecurity Insiders.

Adaptive Shield, a leader in SaaS security, has made headlines with the announcement of its groundbreaking Identity Threat Detection and Response (ITDR) solution at Black Hat USA 2023. This new addition to its SaaS Security Posture Management (SSPM) solution marks a bold stride towards comprehensively safeguarding the SaaS ecosystem.

In a recent interview with Maor Bin, Co-Founder and CEO of Adaptive Shield, we explored the security implications of the shift to SaaS and Adaptive Shield’s ITDR capabilities for addressing identity-related risks.

The Challenges: Mapping the SaaS Shift

The rise of SaaS applications has reshaped the security landscape, adding complexity and decentralizing control. Integration with various systems expands the attack surface and creates opportunities for breaches. Compliance in the flexible SaaS framework becomes more intricate, and the rapid pace of innovation can outstrip security considerations. The interactions between systems and the shared responsibility model between providers and customers add even more layers of complexity. These evolving factors profoundly redefine SaaS security, requiring an innovative and multi-dimensional approach to anticipate and respond to the challenges.

According to Maor, the broader industry trends are clear: “As on-prem is shifting to SaaS, there’s an immediate need for robust security measures that can adapt to the new environment.”

The shift towards SaaS applications represents a transformative change in how organizations operate, offering flexibility, scalability, and cost-efficiency. However, this shift also introduces new security challenges that require a multifaceted approach. Understanding the factors driving these challenges is the first step in devising effective strategies to address them, ensuring that the benefits of SaaS adoption are not overshadowed by potential risks.

Adaptive Shield’s Innovative Approach to SaaS Security

“When speaking with our enterprise customers, CISOs highlight SaaS Security as a top priority, and ITDR has quickly become a critically needed capability as part of SSPM,” Maor states, aligning the company’s focus with customer needs.

Designed to tackle various SaaS-related threats, Adaptive Shield’s ITDR detects and responds to identity-related security threats based on key Indicators of Compromise (IOCs) and User and Entity Behavior Analytics (UEBA). These threats include password-based attacks, IP behavior anomalies, unauthorized document access, and more. Adaptive Shield’s platform goes beyond mere detection and response, offering a comprehensive model for securing the SaaS Identity Fabric. This includes:

  • Misconfiguration Management: Identification of security drifts across all security controls and receive detailed remediation plans to ensure proper configuration.
  • Identity and Access Governance: Consolidated visibility and risk management of user accounts, permissions, and activities across all SaaS applications.
  • SaaS-to-SaaS Access and Discovery: Visibility into connected apps and assessment of the risk posed to the SaaS environment.
  • Device-to-SaaS Risk Management: Management of risks from SaaS users and their associated devices.

Adaptive Shield offers a complete package that includes Misconfiguration Management, SaaS-to-SaaS Access and Discovery, Identity & Access Governance, Device-to-SaaS Risk Management, and, of course, the newly announced Identity Threat Detection & Response (ITDR). This comprehensive approach ensures that organizations can effectively prevent, detect, and respond to threats, offering unparalleled protection for their SaaS platforms.

Strategic Investment by Blackstone

The ITDR launch follows Adaptive Shield’s strategic investment from Blackstone, one of its Fortune 500 customers. This investment emphasizes the industry focus on SaaS security and the critical need for innovative solutions like ITDR.

Adaptive Shield’s announcement of ITDR capabilities at Black Hat USA 2023 marks a crucial milestone in the field of SaaS security. By providing an integrated solution that understands and addresses the complexities of the SaaS environment, Adaptive Shield is setting new standards for cybersecurity.

For professionals and organizations seeking to fortify their SaaS platforms, Adaptive Shield’s ITDR capabilities present a compelling option that aligns with the evolving demands of modern cybersecurity.

For more information about ITDR or to request a demo, please visit Adaptive Shield’s official blog post on Identity Threat Detection and Response.

The post Adaptive Shield Unveils Identity Threat Detection and Response (ITDR): A New Era in SaaS Security appeared first on Cybersecurity Insiders.

By Hananel Livneh, Head of Product Marketing, Adaptive Shield

Successful cyberattacks tend to hit companies with the force of an 80-foot wave. The initial damage is quickly apparent. Like ships that lose railings and experience instability, businesses are immediately faced with lost data, ransom payments, and revenue losses, depending on the nature of the attack.

It isn’t until later that the real damage can be assessed. Structural damage to the bow, aft, and bottom of the boat can render the ship unusable. Likewise, the damage to a company’s reputation can be severe.

Trust is one of the key elements in the customer relationship. When cyberattacks lead to data breaches and the publication of personal information, trust is eroded, resulting in additional fallout from the attack – the loss of customers.

These breaches can be a big deal. According to IBM’s Cost of a Data Breach Report 2022, the average company sees a $1.42M drop in business as a result of a breach. This lost business, ascribed to reputational damage, is often unrecoverable as customers move on to competitors who appear to be more careful with their data.

Most businesses understand that loss of confidence leads to eroding trust which turns into a loss of customers. What they fail to understand is that without proper security measures in place, the SaaS stack can be the target of an attack.

Breaching the SaaS App

SaaS applications are the darlings of the business world. They promise – and deliver – low-cost technology solutions that don’t require maintenance and can be used by anyone, anywhere. That’s why the SaaS market is projected to grow from $251 billion in 2022 to $883 billion by 2029.

However, there is a dark side to SaaS applications. The anytime, anywhere nature of SaaS apps coupled with collaborative tools makes them accessible to threat attackers and vulnerable to breaches.

There are a myriad of ways threat actors can access a SaaS application. Sophisticated phishing attacks on employees, keylogger malware on devices with poor hygiene, stealing session tokens from authenticated endpoints, and attempted entry via brute force attacks, to name just a few. Threat actors are constantly looking for new ways to gain access to the SaaS stack.

Malicious third-party applications can provide access to everything stored on the organization’s cloud-storage drive. Even non-malicious SaaS-to-SaaS access can be weaponized and provide threat actors with access.

Reputational Damage Impacts Every Vertical

Once SaaS applications are breached and data has been compromised, it is only a matter of time before the story hits the media because often, government mandates require disclosure. HIPAA laws require US healthcare facilities to notify prominent media outlets when breaches impact more than 500 patients. Financial Institutions are required to report certain data breaches within 36-72 hours. Proposed legislation would require publicly traded tech companies to disclose breaches within 4 business days.

The impact these disclosures have on companies is severe. Patients lose faith that their protected health information (PHI) is safe, while bank customers question their financial institution’s ability to secure their funds and tech stockholders invest their money in more reliable companies.

Customers often churn away from companies that are incapable of securing their data, leading to drops in market share and revenue. Vendors and partners tend to shy away from victimized companies, afraid to be associated with companies that are now notoriously poor with securing data and holding onto their secrets. Optus, Australia’s second largest telecom provider, saw 10% of their customers churn in the month after the attack, and surveys showed that 56% were considering changing their service provider in response to the attack.

Preventing a SaaS Disaster

Attempted SaaS breaches don’t have to end catastrophically. Most breaches are fully preventable. SaaS applications are remarkably secure, with an array of security settings fully capable of denying access to threat actors, but their security measures are only effective when deployed correctly.

Solutions like SaaS Security Posture Management (SSPM) platforms can prevent data breaches by identifying high-risk settings and alerting security teams when they need to be updated. They also review third-party connected apps, and detect threats before they become full-blown breaches. These automated platforms oversee the entire SaaS stack, rather than just a handful of top-priority SaaS apps.

While there are some activities that may limit the damage caused by a cyberattack, investing in SaaS security tools is the first step. SSPMs protect data as they detect threats, identify high-risk misconfigurations, and monitor risk from third party applications.

The post The Rush to SaaS Modernization Can Result in Reputational Damage appeared first on Cybersecurity Insiders.