Obsidian Safety, chief in SaaS safety, introduced the business’s first end-to-end SaaS provide chain safety answer, empowering organizations to observe, management and include the safety threat hiding inside interconnected SaaS ecosystems. Firms rely upon a whole lot of SaaS purposes to function their enterprise. The safety menace posed by these interconnected SaaS purposes is rising exponentially with main breaches just like the Salesloft-Drift Provide Chain assault that impacted over 700 organizations final 12 months. Obsidian Safety is launching a brand new answer that secures the SaaS provide chain throughout its full lifecycle, bringing collectively integration threat visibility, proactive prevention, early breach detection and impression forensics, all in a single, unified platform.
Additionally Learn: AiThority Interview with Zohaib Ahmed, co-founder and CEO at Resemble AI
“With the brand new SaaS-to-SaaS safety capabilities, we’re deepening our dedication to assist clients innovate with velocity and agility with out sacrificing safety.” – Hasan Imam, CEO, Obsidian Safety.
“When a SaaS vendor or integration is compromised, SOC groups usually be taught of those incidents by way of delayed vendor disclosures,” stated Joseph Gothelf, VP, Cybersecurity, Wyndham Motels and Resorts. “Within the absence of steady visibility into the complete SaaS ecosystem, particularly unauthorized exercise between SaaS purposes, we’re an enormous knowledge breach ready to occur. The brand new end-to-end SaaS Provide Chain safety capabilities from Obsidian are a much-needed answer to an rising threat most organizations are unprepared for.”
“In interconnected setting, replying to retroactive alerts is a significant threat,” stated Grace Liu, SVP and CIO, Seagate Expertise. “We want steady, deep visibility into our complete SaaS ecosystem, together with the identified and notably the ‘shadow’ integrations transferring knowledge between apps. Obsidian’s end-to-end SaaS Provide Chain safety supplies the proactive visibility organizations want to remain forward of those rising threats and assist guarantee our digital infrastructure stays resilient.”
Fashionable SaaS environments are deeply interconnected by way of OAuth grants, API keys, automation platforms, and more and more, autonomous AI brokers embedded throughout enterprise workflows. Each integration extends belief, usually far past what safety groups can simply see. When even one SaaS app, integration or AI agent is compromised, that threat can propagate throughout the complete setting, turning a single weak hyperlink into broad knowledge publicity. Present safety and compliance instruments give attention to community safety, endpoint brokers or identification suppliers and depend on point-in-time assessments that don’t account for permission drift, increasing scopes, or how integration exercise modifications over time. That is the place Obsidian Safety has been a market chief providing the distinctive functionality to constantly uncover SaaS-to-SaaS integrations in contrast to any of its rivals.
With launch, Obsidian expands into the following part of SaaS provide chain defence, delivering three new capabilities:
Full visibility into SaaS integration threat: In comparison with endpoint or human to SaaS distributors, Obsidian unifies identification, permissions, OAuth scopes and exercise knowledge right into a single coherent mannequin, permitting organizations to not solely see what an app can entry however the way it behaves throughout customers, geographies and companies. With this readability, groups can shortly determine dangerous or inactive integrations, prioritize integrations so as of criticality, and safely take motion like revoking entry or blocking integrations earlier than they’re abused. Organizations can now cut back publicity on the supply by figuring out and limiting which customers are capable of grant and authorize new SaaS integrations, implementing least privilege and limiting the introduction of dangerous connections earlier than they unfold.
Early detection and mitigation of SaaS provide chain compromise: Powered by the Obsidian Data Graph and menace intelligence drawn from proprietary analysis and real-world incident response throughout our buyer base, Obsidian extends its community results to SaaS integrations, enriching detection with shared intelligence on the IP addresses utilized by integrations and shortly baselining regular versus suspicious knowledge motion throughout SaaS environments. By baselining regular conduct throughout identities, APIs and integrations, Obsidian surfaces assaults in actual time, exposing abuse that conventional instruments miss.
Speedy breach containment and remediation: With launch, Obsidian introduces custom-made provide chain breach notifications tailor-made to every buyer’s SaaS setting. When an integration is implicated in an incident, groups obtain clear impression summaries displaying affected tenants, downstream publicity, and suspicious exercise tied on to their knowledge and purposes. Safety groups can shortly see what was accessed, include publicity earlier than it spreads, and remediate with confidence, dramatically lowering time to decision with out pointless disruption.
“SaaS environments have been by no means designed to function as sprawling provide chains of automated integrations and AI brokers,” stated Hasan Imam, Chief Govt Officer, Obsidian Safety. “What began as easy app connections have turn into important enterprise pathways and attackers are exploiting that belief. As AI brokers acquire autonomous entry and hyperlink a number of SaaS purposes collectively, the blast radius of a single compromised integration grows exponentially. With the brand new SaaS-to-SaaS safety capabilities, we’re deepening our dedication to assist clients innovate with velocity and agility with out sacrificing safety.”
Additionally Learn: The Demise of the Questionnaire: Automating RFP Responses with GenAI
[To share your insights with us, please write to psen@itechseries.com]
