Name: Modern Kill Chains: Real World SaaS Attacks and Mitigation Strategies
Start: 2024-09-19T15:00:00Z
End: 2024-09-19T15:00:29.000Z
Location: BrightTALK
Rating: 0

AppOmni is the leading provider of enterprise level SaaS security. Its patented technology continuously scans APIs, security controls, and configuration settings to compare the current state of enterprise SaaS deployments against best practices and business intent. AppOmni was founded by top security practitioners and is trusted by many of the world's largest enterprises across technology, healthcare, banking, and security. For more information, please visit https://appomni.com.

SaaS is the operating system of business - organizations have come to rely on their SaaS applications to conduct business. But SaaS also now represents one of the largest attack surfaces that businesses have to defend. Why has SaaS become the new battleground in cybersecurity and how are attacks happening?  

Join AppOmni security researchers on this webinar to learn more about the SaaS threat landscape. You will learn: 
- What the modern SaaS attack surface and kill chain look like
- What Threat Actors are going after SaaS?
- Why are the attackers winning?
- What are the common TTPs in SaaS attacks
- Effective controls to reduce the likelihood of Threat Actor success

The webinar will also discuss the key aspects of how to construct a SaaS security program to gain control over your SaaS estate.

Presented by: 
Cory Michal, Vice President, Security & IT
Harold Byun, Chief Product Officer, AppOmni

Understanding and Protecting your SaaS Attack Surface - Threat Briefing Analysis

What you’ll learn
✓ How to assess the true value of your Salesforce data and prioritize protection efforts.
✓ Strategies for implementing robust access management to mitigate unauthorized access and insider threats.
✓ Effective techniques for managing data residency and sovereignty to ensure compliance and secure data location.
✓ The importance of clearly defined internal roles for streamlined and enhanced data security.
✓ How to adopt a risk-based security approach to stay ahead of evolving threats and vulnerabilities.

This webinar is tailor-made for Security and Salesforce professionals keen on strengthening the security of their platform. As a security leader, you understand the ever-evolving threat landscape for enterprise software, including SaaS platforms like Salesforce. This webinar delves into the “5 Knows of Data Security”, a foundational framework for evaluating and strengthening your Salesforce security posture.

Bonus! Learn how AppOmni and Odaseva work together to provide a defense-in-depth solution for your Salesforce ecosystem.

Fortress Your Salesforce Data and Posture: The 5 Knows of Effective Security

SaaS data breaches including those involving Snowflake, Microsoft, and Okta continue to impact businesses and security leaders are creating systematic strategies to manage their SaaS estate.  This year’s report, drawn from a survey of IT and cybersecurity experts globally, highlights shifts in SaaS security management. Explore how decentralizing security responsibilities across departments reshapes governance, address the gap in  implementation of security measures, and prioritize visibility into the SaaS attack surface and risks.

Key Takeaways:
-Security Maturity: How are organization’s rating their SaaS security programs and maturity.
-Responsibility vs Accountability Gap: How to thread the needle of distributed security responsibilities and accountability to reduce friction and SaaS security risk
-Visibility into SaaS Attack Surface: Gain crucial insights on how to mitigate mitigate risks associated with SaaS applications from customers who have managed SaaS at scale.
-SaaS Security Optimization: How to prioritize SaaS security initiatives and create a structured security program over the  next 1-3 years.

Join us to confront confusion over responsibilities and risks, and discover bold strategies to secure SaaS. Empower your CISO, security team, and application owners with actionable insights.

Grab the full report post-webinar to dive deeper into these critical findings.

State of SaaS Security Report 2024: Bold Moves Required to Secure SaaS

See How to Achieve
1. Standardized least privilege access across your SaaS applications
2. Continuous monitoring and closed loop ZT implementation
3. Granular access decisions to prevent privilege misuse
4. Dynamic policy enforcement to reauthorize users based on context and behavior
5. Configuration assurance to prevent drift and ensure compliance

Enterprises are accelerating cloud migrations, building business resilience, and enabling hybrid work by adopting zero trust (ZT) architectures. According to the “Security Outcomes for Zero Trust” report by Cisco, 86% of respondents report that they have already started a ZT implementation.

Zero Trust Posture Management (ZTPM) extends the zero trust architecture beyond the network to SaaS applications and data. Join AppOmni CTO, Brian Soby to learn the ZTPM principles that secure THROUGH applications to create an end-to-end ZT architecture.

Bolstering SaaS Security with Zero Trust Posture Management

Recent breaches, from Snowflake to Midnight Blizzard, have underscored the security in SaaS environments exploited by hackers. Safeguarding these environments demands a proactive, integrated approach to threat detection and posture management. This session will explore the intersection of these domains, offering actionable insights and strategies to enhance SaaS security.

Guarding the SaaS Landscape: Integrating Threat Detection and Posture Management

Enterprises are accelerating cloud migrations, building business resilience, and enabling hybrid work by adopting zero trust (ZT) architectures. According to the “Security Outcomes for Zero Trust” report by Cisco, 86% of respondents report that they have already started a ZT implementation. 

Traditional ZT implementations are focused on securing user access TO applications using zero trust network access (ZTNA). However, as businesses increasingly rely on SaaS applications for their operations, security teams find that traditional ZTNA implementation often overlook critical gaps at the application and data level. These gaps include misconfigurations in access controls, unchecked privileges, data leaks, and overlooked third-party integrations. 

Zero Trust Posture Management (ZTPM) extends the zero trust architecture beyond the network to SaaS applications and data. Join AppOmni CTO, Brian Soby on Tuesday, June 18, 2024 to learn the ZTPM principles that secure THROUGH applications to create an end-to-end ZT architecture. See how to achieve:

1. Standardized least privilege access across your SaaS applications 
2. Continuous monitoring and closed loop ZT implementation
3. Granular access decisions to prevent privilege misuse
4. Dynamic policy enforcement to reauthorize users based on context and behavior
5. Configuration assurance to prevent drift and ensure compliance

Bolstering SaaS security with Zero Trust Posture Management

Presented By:
Joseph Thacker, Principal AI Engineer, AppOmni
Chad Knipschild, Senior Product Marketing Manager, AppOmni

AI certainly brings incredible benefits to businesses and security professionals. But there’s a balance to ensure businesses and SaaS applications remain secure. In this session we will explore the balance between leveraging AI for enhanced security postures and recognizing the inherent risks it may bring. 

Join us for the discussion to harness AI’s potential responsibly while securing an organizations’ digital ecosystems as we:

- Debunk AI security myths to foster a balanced understanding.
- Identify risk assessment strategies for AI-powered features and applications.
- Navigate third-party security implications of AI-powered third-party services.
- Discuss a forward-thinking approach to AI governance and compliance.

AI Security: Balancing Business and SaaS Risks

Presented by: 
Alec Peiffer, Senior Director of Product Management, AppOmni
Aaron Costello, Principal SaaS Security Engineer, AppOmni 
John Filitz, Head of Product Marketing, AppOmni

SaaS is now the de facto IT operating model, hosting critical data and workflows across 500 to 1,000 apps for the average enterprise organization. Security teams and app owners alike have faced challenges with a lack of visibility into the cyber risk that each SaaS app and SaaS-to-SaaS connection presents.

Now, solutions like SaaS Security Posture Management (SSPM) enable unparalleled observability, continuous monitoring, and control over an entire SaaS estate. By adopting SSPM as part of a broader security program, enterprises can move to a risk-based approach to SaaS security.

Join AppOmni’s SaaS security experts as they dive into:
- The growing adoption of SaaS as the leading driver of public cloud growth
- The criticality of SaaS data, the cornerstone of many enterprise operations
- Insights on the Salesforce Community data leak risks
- The reality of a SaaS breach, highlighting key SaaS breaches
- Best practices for SaaS cyber risk prioritization
- Recommendations for securing your SaaS estate

A Risk-Based Approach to SaaS Security

Presented By: 
Brian Soby, Founder and CTO, AppOmni
Rachel Beard, Security Technical Architect, Salesforce
John Filitz, Group Product Marketing Manager, AppOmni
 
Sign up to listen to this insightful webinar in collaboration with AppOmni and Salesforce, tailored for security and Salesforce professionals keen on strengthening the security of their platform. In an era where data breaches and cyber threats are on the rise, safeguarding your Salesforce environment has never been more critical.
 
AppOmni’s CTO, Brian Soby, and Salesforce’s Security Technical Architect, Rachel Beard, address the following topics:
 
✓ How to build a robust SaaS cybersecurity security program around Salesforce
✓ Technology challenges and impacts
✓ The importance of a Salesforce SaaS Security program
✓ The evolution of the Salesforce ecosystem and its challenges

The Importance of Building and Scaling a Salesforce SaaS Cybersecurity Program

The major breaches of 2023 were primarily associated with SaaS applications. Despite the critical role SaaS apps play in numerous businesses, many security teams do not have the expertise and tools to safeguard against these breaches. This is where SaaS Security Posture Management (SSPM) can help.

Join us for a review of the SaaS breaches of 2023 as we:

• Highlight methods and mitigations used in 2023 SaaS breaches
• Assess tactics for breaches in 2024
• Discuss the significance of a posture-centric approach to SaaS Security

I Just Can't Wait to be Secure: 2023's SaaS Breaches

Well-orchestrated spear phishing campaigns targeted at SaaS super admins are swiftly becoming a leading cyber threat. Threat actors are finding new ways to steal credentials from highly privileged accounts to “live off the land.”

Threat actors exploited a novel attack method in the recent Okta HAR compromise, where they targeted an identity provider (IdP) with the intent to exploit its customer organizations. In addition to Okta being compromised, this compromise successfully targeted several Okta customer organizations.

Learn step-by-step how this identity-centric breach occurred, the common attacker tactics, techniques, as well as procedures, and why managing your SaaS identity security without SaaS security posture management (SSPM) places organizations at risk for compromise and data loss. 

In this webinar, presented by AppOmni, we’ll discuss:
• The common attacker tactics used in the Okta HAR breach
• Why proactively securing and continuously monitoring the SaaS attack surface and ensuring appropriate security configurations of an Okta instance is essential
• How SSPM conducts event monitoring to detect anomalous activity from a customer’s Okta instance, including being able to detect and alert on rogue IdP registrations

Okta Compromise in Focus: How to Safeguard SaaS Identities with SSPM

Mergers and Acquisitions (M&A) are increasingly encountering a reality that a significant proportion of either the merged or acquired entity is constituted by a virtual, Software-as-a-Service (SaaS) footprint. The SaaS-fication of business includes many of the core business processes and proprietary data, with large enterprises having hundreds or thousands of SaaS apps deployed. 

Until recently, observability into the SaaS estate has been limited, the equivalent to buying a house sight unseen. This is because existing cloud security solutions such as Cloud Access Security Brokers (CASBs) are unable to provide insight to the SaaS app configuration and permission settings, including SaaS-to-SaaS connections. Only by leveraging a SaaS Security Posture Management (SSPM) solution can security and risk leaders effectively perform the necessary SaaS cybersecurity due diligence to understand and manage the cyber risks associated with the M&A process. 

A SSPM solution provides SaaS cyber risk observability from a single pane of glass, effectively shining a light onto current and potential future state SaaS cyber risks, including over-permissioned end-users and exposed sensitive data.

Boost your M&A Program with SSPM

In the current state of SaaS cybersecurity, there’s a disconnect between security practitioners’ perceptions of their SaaS cybersecurity maturity and the actual reality. A majority feel overconfident in their SaaS cybersecurity strategies, but our findings paint a different picture, revealing that organizations aren’t effectively managing SaaS cybersecurity risk at scale as much as they perceive.

From our survey of over 600 security practitioners for our report, we learned that 79% of organizations suffered a SaaS cybersecurity incident in the last year. We find that one of the key challenges organizations face is obtaining risk visibility into their SaaS attack surface. But we see a silver lining: Organizations are aware of risks posed by unsecured SaaS and are now prioritizing SaaS cybersecurity as a top 3 initiative.

In this webinar, presented by AppOmni, we will discuss:

The latest trends and findings from The State of SaaS Cybersecurity Posture 2023 Report
• How to gain actionable end-user-centric insights
• Actions to take to reduce your SaaS attack surface

CISOs Overestimate SaaS Cybersecurity Posture — How to Secure Your SaaS Data

The ubiquitous use of SaaS products has fundamentally changed the modern organization's attack surface. Organizations have moved critical business processes to SaaS tenants in search of agility, scalability and efficiency. In many cases, appropriate security controls have not followed. Attackers understand this change in attack surface and are increasingly taking advantage of the opportunity by targeting and breaching organizational SaaS tenants.

This talk will primarily focus on novel research of threat actor activity on one of the largest collections of disparate SaaS log data in the world. The presenter will detail a variety of real world SaaS tenant attacks observed in the wild by known and unknown threat actors and discuss associated TTPs and IoCs. In addition to attack research data, we'll provide historical context to understand how we've arrived in this situation and propose mitigation strategies to protect organizations from these attacks.

Modern Kill Chains: Real World SaaS Attacks and Mitigation Strategies

Threat Detection

Threat Defence

Cyber Security

SSPM

AppOmni

Threat Landscape

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Modern Kill Chains: Real World SaaS Attacks and Mitigation Strategies

Presented by

About this talk

More from this channel