by Dana T | Jan 30, 2025 | Cloud, SaaS Security
BOD 25-01 and Misconfiguration Management BOD 25-01 (Binding Operational Directive 25-01) is a directive from CISA that requires U.S. federal agencies to harden and monitor SaaS security settings to reduce risks from misconfigurations. It mandates continuous...
by Dana T | Sep 14, 2024 | Cloud, SaaS Security
On September 13, 2024, Fortinet confirmed they had experienced a data breach where someone claimed to have stolen 440GB of data from Fortinet’s Sharepoint instance. The perpetrator then reportedly posted the stolen data, including user credentials, on the dark web....
by Dana T | Feb 15, 2023 | Cloud
In the fields of app security and cloud security, there is a relatively new term called ‘Shift Left.’ The concept is that if you examine the development cycle from left to right (planning and design, implementation, testing and fixes, deployment, and...
by Galit Lubetzky Sharon | Feb 13, 2023 | Cloud
“You can’t secure what you can’t see” is a well-known saying in the cybersecurity community. The idea is that in order to keep your organization secure, you need to have visibility, or discovery, into what you have so that you know what you...
by Dana T | Jan 11, 2023 | Cloud
While the term “Shadow IT” can include everything from employee-owned mobile devices to the ubiquitous Internet of Things (IoT), it typically refers to browser-based cloud applications and similar services, often simply referred to as “SaaS”. As organizations...
by Dana T | Nov 3, 2022 | Cloud
A lot of time I get asked by customers, contractors, and even co-workers about our multi-tenancy architecture. Here at Wing Security we have a unique architecture, and when I present it I usually get raised eyebrows and the question of “Why did you do that”? From the...
