by Brian Fravel | Feb 4, 2025 | SaaS Security
If your 2025 New Year’s resolutions don’t include assessing SaaS-related risks, it’s time to rethink priorities. Over the past four years, we’ve analyzed the usage of 350,000+ SaaS applications, across hundreds of organizations and studied all publicly known...
by Brian Fravel | Jan 30, 2025 | Cloud, SaaS Security
BOD 25-01 and Misconfiguration Management BOD 25-01 (Binding Operational Directive 25-01) is a directive from CISA that requires U.S. federal agencies to harden and monitor SaaS security settings to reduce risks from misconfigurations. It mandates continuous...
by Brian Fravel | Dec 31, 2024 | SaaS Security
Cyber defenders are stretched to the limit in many organizations, as applications and users proliferate while threat actors become more sophisticated. New platforms and systems each have distinct security issues that must be addressed. To protect the business,...
by Brian Fravel | Nov 13, 2024 | SaaS Security
One word characterizes everything about the benefits and risks of using SaaS apps in your organization: speed. SaaS apps are faster to implement, scale, and deliver higher productivity and efficiency more quickly than traditional on-prem solutions. Yet, for all...
by Brian Fravel | Oct 18, 2024 | SaaS Security
Wing Security’s Threat Intelligence Team continuously analyzes data from hundreds of customers. A common misconfiguration we’ve identified is the assignment of excessive privileges to help desk administrators in Okta. In its default configuration, Okta...
by Brian Fravel | Oct 3, 2024 | SaaS Security
SaaS solutions keep growing in popularity, which means that SaaS security risks are also on the rise. SaaS applications aren’t inherently more vulnerable than other enterprise software; many of the same issues that impact locally hosted tools can also plague SaaS...