by Dana T | Jul 3, 2025 | SaaS Security, Supply Chain
The Qantas cyber-attack: when third-party risk becomes a frontline threat The recent cyberattack on Qantas Airlines is more than a headline – it’s a clear warning that supply chain attacks are real, dangerous, and increasingly common. By targeting a third-party...
by Dana T | Feb 18, 2025 | SaaS Security, Shadow IT
Shadow IT is an unfortunate reality in most organizations. Employees downloading SaaS apps onto their work devices without IT’s knowledge may believe these tools make them more productive. However, these apps can expose the organization to the same kinds of threats...
by Dana T | Feb 4, 2025 | SaaS Security
If your 2025 New Year’s resolutions don’t include assessing SaaS-related risks, it’s time to rethink priorities. Over the past four years, we’ve analyzed the usage of 350,000+ SaaS applications, across hundreds of organizations and studied all publicly known...
by Dana T | Jan 30, 2025 | Cloud, SaaS Security
BOD 25-01 and Misconfiguration Management BOD 25-01 (Binding Operational Directive 25-01) is a directive from CISA that requires U.S. federal agencies to harden and monitor SaaS security settings to reduce risks from misconfigurations. It mandates continuous...
by Dana T | Dec 31, 2024 | SaaS Security
Cyber defenders are stretched to the limit in many organizations, as applications and users proliferate while threat actors become more sophisticated. New platforms and systems each have distinct security issues that must be addressed. To protect the business,...