Introducing the AppOmni SaaS Identity Fabric – Source: securityboulevard.com

As the pioneer in SaaS security, we are excited to announce the launch of the AppOmni SaaS Identity Fabric. Five years ago, AppOmni created the SaaS Security Posture Management (SSPM) category based on our expertise as platform security practitioners that have resulted in several innovative offerings.

The AppOmni SaaS Identity Fabric represents another cybersecurity industry-first. Given the rise in SaaS threats and data breaches, and the nature of remote and zero trust access to applications, the AppOmni SaaS Identity Fabric builds upon AppOmni’s existing identity-centric capabilities to deliver a comprehensive identity fabric that secures and manages end-users, entitlements, and threat-based activity for all of SaaS, comprehensively and consistently.

Our SaaS data access modeling methodology provides an identity-centric entitlement to data mapping. This mapping gives us the ability to identify the data leakage of sensitive data records in SaaS, and to this day, AppOmni remains the only SSPM vendor that has identified hundreds of millions of exposed data records for enterprise companies to help them better protect their customers’ data.

AppOmni’s research continues to be cited by leading industry experts concerning recurring and broad-scale SaaS data leakages, and we continue to offer free scanning tools to the community to help companies secure their exposed SaaS data.

Through our relentless innovation, AppOmni has also built the largest SaaS Identity Threat Detection and Response (ITDR) activity monitoring pipeline, where we process over one billion events daily serving for over 20% of the Fortune 100.

It’s a misnomer to state that breach sophistication continues to increase in lock-step as costs of cybercrime, expected to reach $10.5 trillion by 2025, continue to spike. The reality is that many organizations have their customer data, IP, and PII unknowingly exposed by the SaaS apps they use on a day-to-day basis on the public internet.

Over privileged account access is one of the most common and concerning findings we see across industries. This means both authorized and unauthorized end-users — including temporary or terminated employees — having excessive access permissions to business critical SaaS apps and associated data.

We often hear from CISOs say “We have multi factor authentication (MFA) and single sign-on (SSO) in place, so we’re secure.” Yet, our platform continuously identifies scenarios where application owners have configured a SaaS application with MFA as unenforced. This opens multiple backdoors, without MFA, directly into a SaaS application despite investments in an enterprise identity provider.

Organizations that do not have a dedicated SaaS security solution in place are more likely than not to have varying degrees of SaaS identity and access management risk that they are not fully aware of.

This risk manifests as a result of a lack of visibility into end-user identity risk within apps and across the SaaS estate. This can be unauthorized end-users having excessive access permissions and privileges, which represent low-hanging fruit to threat actors, more often than not resulting in a data breach.

The need for SaaS Security Posture Management (SSPM) solutions exists due to the new reality where end-users can now access business critical apps directly, circumventing corporate networks and the legacy approaches to cloud access security such as cloud access security brokers (CASBs) or secure web gateways (SWGs).

The AppOmni SaaS Identify Fabric initiative enables a new level of identity cyber risk and threat detection capability and ability for security and risk teams to proactively manage the SaaS attack surface through the following capabilities:

• Providing consistent and context-aware identity security governance across all SaaS apps, including custom, in-house apps
• Identification of end-users with excessive identity access and permission entitlements or over-permissioning that introduce excessive cyber risk across all SaaS applications
• Analysis and reporting of end-user permissions and roles that provide excessive permission scopes
• Role-Based Access Control (RBAC) based on least privilege principles
• End-User data access model analysis to help security and identity governance teams assess: Who can access specific data in complex SaaS data models
• Comprehensive end-user activity monitoring and identity threat detection and response (ITDR) across all SaaS environments to identify compromised accounts, insider threat, and advanced threat actors, and guided risk and threat remediation
• Out-of-the-box integration with SIEM, SOAR, and security data lakes to enable SaaS activity correlation with broader threat data

By weaving an identity fabric into a comprehensive SSPM solution, AppOmni provides a proactive identity attack surface management and threat detection capabilities to manage and mitigate SaaS security risks.

With AppOmni, customers can now gain unparalleled observability into the identity security risk profile for the entire organization’s SaaS estate, down to the end-user level. For example, for a given Identity, you can drill down on each of their user accounts, discover whether they’re active in those accounts, determine their permissions within those accounts (admin, elevated, standard), and identify the underlying RBAC roles that result in those permissions. This new product capability also alerts security teams in-the-moment to potential SaaS app identity and permission risk through AppOmni’s continuous monitoring capability.

The Identity Fabric enables security and risk leaders to address and remediate SaaS identity cyber risk at scale across some of the most commonly used apps in the enterprise, including custom apps, as well as in SaaS-to-SaaS connections. The richness of the offering can only be provided from comprehensive end-user discovery, permissions analysis, continuous SaaS posture monitoring, and activity monitoring for identity governance.

Organizations are now able to profile and understand the blast radius risk represented by end-users from a SaaS app access and permission vantage point, as well as from an organization’s SaaS estate vantage point. As a result, AppOmni users can now answer questions such as: “Where do I have inactive admins in production environments?” or “What’s the blast radius of this end-user if they were compromised?” and take the required remediation steps to mitigate risk from over provisioned end-users. It also has the capability to address Identity related threats as they arise, such as an identity-based attack before serious harm can result.