Name: The Walk, Run, Fly Approach to SaaS Security
Start: 2024-12-05T16:00:00Z
End: 2024-12-05T16:00:30.000Z
Location: BrightTALK
Rating: 0

AppOmni is the leading provider of enterprise level SaaS security. Its patented technology continuously scans APIs, security controls, and configuration settings to compare the current state of enterprise SaaS deployments against best practices and business intent. AppOmni was founded by top security practitioners and is trusted by many of the world's largest enterprises across technology, healthcare, banking, and security. For more information, please visit https://appomni.com.

The composition of cloud services includes, IaaS, PaaS, and SaaS.  Recent market adoption of cloud security measures has been focused on the large-scale IaaS and PaaS vendors.  Meanwhile, with the explosion of business-critical SaaS applications, we find massive amounts of data including client and sensitive data reside in these SaaS systems.  The security teams remain unaware of the cyber risks that insecure SaaS and associated data represents. This risk blindness is largely due to the lack of cyber risk observability into critical SaaS apps. Many security risks in SaaS applications are not all that different than IaaS and PaaS services and center on misconfiguration, yet implementing security solutions to address them can require specific consideration based on the heterogeneity of SaaS apps.  

Come hear from industry experts from KPMG Canada and AppOmni to understand the commonalities of SaaS cybersecurity with other key cloud security use cases. Also learn best practice on how to mitigate the leading cyber threats facing SaaS, including end-user misconfiguration risk and the risk of an over-privileged data compromise.

SaaS Application Security | The Missing Component of Cyber Risk in the Cloud

SaaS breaches are on the rise—how prepared is your organization? Join us for a concise 30-minute webinar, "Pop, Lock, & Stop It," where you’ll learn how to proactively protect your critical SaaS applications and prevent breaches before they impact your business.

Why Attend? Learn to:

- Prioritize and Secure Key SaaS Apps: Learn how to assess and secure applications that pose the greatest risk, ensuring your focus is where it matters most.
- Build a Layered Defense Strategy: Explore effective approaches to integrating identity management and continuous monitoring across SaaS platforms.
- Strengthen Team Collaboration: Discover best practices for seamless collaboration between security and IT teams, leveraging shared insights and visibility to respond faster to vulnerabilities.

Pop, Lock, & Stop It | Building a program to stop SaaS breaches

SaaS is the operating system of business - organizations have come to rely on their SaaS applications to conduct business. But SaaS also now represents one of the largest attack surfaces that businesses have to defend. Why has SaaS become the new battleground in cybersecurity and how are attacks happening?  

Join AppOmni security researchers on this webinar to learn more about the SaaS threat landscape. You will learn: 
- What the modern SaaS attack surface and kill chain look like
- What Threat Actors are going after SaaS?
- Why are the attackers winning?
- What are the common TTPs in SaaS attacks
- Effective controls to reduce the likelihood of Threat Actor success

The webinar will also discuss the key aspects of how to construct a SaaS security program to gain control over your SaaS estate.

Presented by: 
Cory Michal, Vice President, Security & IT
Harold Byun, Chief Product Officer, AppOmni

Understanding and Protecting your SaaS Attack Surface - Threat Briefing Analysis

As organizations increasingly shift to SaaS applications, traditional security models struggle to protect critical assets such as user data, intellectual property, and IP. In this 30-minute webinar, we'll explore the essential foundations of SaaS security, uncover the gaps in traditional security approaches, and highlight the complexities of managing a sprawling SaaS ecosystem. We'll also introduce AppOmni's Centralized Security Platform and demonstrate how to advance from manual processes to automated security nirvana. Join us to learn how to navigate the challenges and enhance your SaaS security posture.

You will Learn:
- The limitations of traditional security in protecting the crown jewels in a SaaS landscape
- Addressing the expertise gap in managing numerous SaaS applications
- Overcoming complexity challenges with inconsistent security features across SaaS apps
- Managing the upkeep tax associated with constant SaaS updates and changes
- The impact of varying standards across SaaS providers on security practices
- How to evolve from manual security practices to automated solutions with AppOmni

Don’t miss this opportunity to elevate your SaaS security strategy. Register now to gain actionable insights and start your journey toward enhancing SaaS security!

SaaS Security | Core Areas and the Maturity Curve

The ubiquitous use of SaaS products has fundamentally changed the modern organization's attack surface. Organizations have moved critical business processes to SaaS tenants in search of agility, scalability and efficiency. In many cases, appropriate security controls have not followed. Attackers understand this change in attack surface and are increasingly taking advantage of the opportunity by targeting and breaching organizational SaaS tenants.

This talk will primarily focus on novel research of threat actor activity on one of the largest collections of disparate SaaS log data in the world. The presenter will detail a variety of real world SaaS tenant attacks observed in the wild by known and unknown threat actors and discuss associated TTPs and IoCs. In addition to attack research data, we'll provide historical context to understand how we've arrived in this situation and propose mitigation strategies to protect organizations from these attacks.

Modern Kill Chains: Real World SaaS Attacks and Mitigation Strategies

The proliferation of SaaS has led to an increase in both sophisticated and opportunistic attacks targeting SaaS vendors and end-customers alike.
Furthermore, ZTNA, SASE and Identity-based security strategies can be effective at establishing secure access channels to applications, but organizations cannot rely on these alone to establish their Zero Trust architecture.

Join this webinar where we’ll discuss:

The complexities of effectively hardening multiple large-scale SaaS deployments
How the traditional kill chain applies to SaaS, and the challenges SOC teams face
How SaaS Security Posture Management (SSPM) can be incorporated into existing security programmes like Zero Trust and CTEM

Securing SaaS in the era of Zero Trust

What you’ll learn
✓ How to assess the true value of your Salesforce data and prioritize protection efforts.
✓ Strategies for implementing robust access management to mitigate unauthorized access and insider threats.
✓ Effective techniques for managing data residency and sovereignty to ensure compliance and secure data location.
✓ The importance of clearly defined internal roles for streamlined and enhanced data security.
✓ How to adopt a risk-based security approach to stay ahead of evolving threats and vulnerabilities.

This webinar is tailor-made for Security and Salesforce professionals keen on strengthening the security of their platform. As a security leader, you understand the ever-evolving threat landscape for enterprise software, including SaaS platforms like Salesforce. This webinar delves into the “5 Knows of Data Security”, a foundational framework for evaluating and strengthening your Salesforce security posture.

Bonus! Learn how AppOmni and Odaseva work together to provide a defense-in-depth solution for your Salesforce ecosystem.

Fortress Your Salesforce Data and Posture: The 5 Knows of Effective Security

SaaS data breaches including those involving Snowflake, Microsoft, and Okta continue to impact businesses and security leaders are creating systematic strategies to manage their SaaS estate.  This year’s report, drawn from a survey of IT and cybersecurity experts globally, highlights shifts in SaaS security management. Explore how decentralizing security responsibilities across departments reshapes governance, address the gap in  implementation of security measures, and prioritize visibility into the SaaS attack surface and risks.

Key Takeaways:
-Security Maturity: How are organization’s rating their SaaS security programs and maturity.
-Responsibility vs Accountability Gap: How to thread the needle of distributed security responsibilities and accountability to reduce friction and SaaS security risk
-Visibility into SaaS Attack Surface: Gain crucial insights on how to mitigate mitigate risks associated with SaaS applications from customers who have managed SaaS at scale.
-SaaS Security Optimization: How to prioritize SaaS security initiatives and create a structured security program over the  next 1-3 years.

Join us to confront confusion over responsibilities and risks, and discover bold strategies to secure SaaS. Empower your CISO, security team, and application owners with actionable insights.

Grab the full report post-webinar to dive deeper into these critical findings.

State of SaaS Security Report 2024: Bold Moves Required to Secure SaaS

See How to Achieve
1. Standardized least privilege access across your SaaS applications
2. Continuous monitoring and closed loop ZT implementation
3. Granular access decisions to prevent privilege misuse
4. Dynamic policy enforcement to reauthorize users based on context and behavior
5. Configuration assurance to prevent drift and ensure compliance

Enterprises are accelerating cloud migrations, building business resilience, and enabling hybrid work by adopting zero trust (ZT) architectures. According to the “Security Outcomes for Zero Trust” report by Cisco, 86% of respondents report that they have already started a ZT implementation.

Zero Trust Posture Management (ZTPM) extends the zero trust architecture beyond the network to SaaS applications and data. Join AppOmni CTO, Brian Soby to learn the ZTPM principles that secure THROUGH applications to create an end-to-end ZT architecture.

Bolstering SaaS Security with Zero Trust Posture Management

Recent breaches, from Snowflake to Midnight Blizzard, have underscored the security in SaaS environments exploited by hackers. Safeguarding these environments demands a proactive, integrated approach to threat detection and posture management. This session will explore the intersection of these domains, offering actionable insights and strategies to enhance SaaS security.

Guarding the SaaS Landscape: Integrating Threat Detection and Posture Management

Enterprises are accelerating cloud migrations, building business resilience, and enabling hybrid work by adopting zero trust (ZT) architectures. According to the “Security Outcomes for Zero Trust” report by Cisco, 86% of respondents report that they have already started a ZT implementation. 

Traditional ZT implementations are focused on securing user access TO applications using zero trust network access (ZTNA). However, as businesses increasingly rely on SaaS applications for their operations, security teams find that traditional ZTNA implementation often overlook critical gaps at the application and data level. These gaps include misconfigurations in access controls, unchecked privileges, data leaks, and overlooked third-party integrations. 

Zero Trust Posture Management (ZTPM) extends the zero trust architecture beyond the network to SaaS applications and data. Join AppOmni CTO, Brian Soby on Tuesday, June 18, 2024 to learn the ZTPM principles that secure THROUGH applications to create an end-to-end ZT architecture. See how to achieve:

1. Standardized least privilege access across your SaaS applications 
2. Continuous monitoring and closed loop ZT implementation
3. Granular access decisions to prevent privilege misuse
4. Dynamic policy enforcement to reauthorize users based on context and behavior
5. Configuration assurance to prevent drift and ensure compliance

Bolstering SaaS security with Zero Trust Posture Management

Presented By:
Joseph Thacker, Principal AI Engineer, AppOmni
Chad Knipschild, Senior Product Marketing Manager, AppOmni

AI certainly brings incredible benefits to businesses and security professionals. But there’s a balance to ensure businesses and SaaS applications remain secure. In this session we will explore the balance between leveraging AI for enhanced security postures and recognizing the inherent risks it may bring. 

Join us for the discussion to harness AI’s potential responsibly while securing an organizations’ digital ecosystems as we:

- Debunk AI security myths to foster a balanced understanding.
- Identify risk assessment strategies for AI-powered features and applications.
- Navigate third-party security implications of AI-powered third-party services.
- Discuss a forward-thinking approach to AI governance and compliance.

AI Security: Balancing Business and SaaS Risks

SaaS applications store sensitive data for everyday operations, but their complexity creates visibility and control challenges for security and app teams. Join us for a practical session where we’ll guide you from foundational steps to advanced strategies for securing your SaaS environments.

Why Attend? Learn:

Walk: How to identify and address common SaaS security risks and vulnerabilities

Run: Building visibility and control with tailored security metrics, and tracking your security posture

Fly: Leveraging AI and innovative strategies to proactively prevent breaches and optimize security

Get the right strategies for every stage of your SaaS security journey. Sign up now to learn how to secure your digital vault and elevate your SaaS security approach!

The Walk, Run, Fly Approach to SaaS Security

Cyber Defence

Cyber Security

SaaS

SaaS Security

AppOmni

SSPM

Security Metrics

Security

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

The Walk, Run, Fly Approach to SaaS Security

Presented by

About this talk

More from this channel