by Brian Fravel | Feb 18, 2025 | SaaS Security, Shadow IT
Shadow IT is an unfortunate reality in most organizations. Employees downloading SaaS apps onto their work devices without IT’s knowledge may believe these tools make them more productive. However, these apps can expose the organization to the same kinds of threats...
by Brian Fravel | Feb 4, 2025 | SaaS Security
If your 2025 New Year’s resolutions don’t include assessing SaaS-related risks, it’s time to rethink priorities. Over the past four years, we’ve analyzed the usage of 350,000+ SaaS applications, across hundreds of organizations and studied all publicly known...
by Brian Fravel | Jan 30, 2025 | Cloud, SaaS Security
BOD 25-01 and Misconfiguration Management BOD 25-01 (Binding Operational Directive 25-01) is a directive from CISA that requires U.S. federal agencies to harden and monitor SaaS security settings to reduce risks from misconfigurations. It mandates continuous...
by Brian Fravel | Dec 31, 2024 | SaaS Security
Cyber defenders are stretched to the limit in many organizations, as applications and users proliferate while threat actors become more sophisticated. New platforms and systems each have distinct security issues that must be addressed. To protect the business,...
by Brian Fravel | Nov 13, 2024 | SaaS Security
One word characterizes everything about the benefits and risks of using SaaS apps in your organization: speed. SaaS apps are faster to implement, scale, and deliver higher productivity and efficiency more quickly than traditional on-prem solutions. Yet, for all...
by Brian Fravel | Oct 18, 2024 | SaaS Security
Wing Security’s Threat Intelligence Team continuously analyzes data from hundreds of customers. A common misconfiguration we’ve identified is the assignment of excessive privileges to help desk administrators in Okta. In its default configuration, Okta...
