Glossary

This type of connection occurs when two applications (typically cloud-based) communicate with each other. App2app connections can potentially introduce a wide range of security risks, including data loss and exposure to malicious actors.

A technology that provides a layer of security when accessing cloud applications. CASBs act as a mediator between the cloud application and the user, verifying that users are authorized to access the cloud application, monitoring for suspicious activity, and enforcing security policies.

A set of processes and technologies used to ensure cloud security is in accordance with industry best practices, as well as a company’s internal policies. CSPM helps organizations identify, address, and reduce vulnerabilities in their cloud environments.

A software component that enables two applications or services to communicate with each other. Connectors are typically used to connect cloud-based applications, allowing them to share data.

The unintended release of sensitive data due to security vulnerabilities or malicious actors. Data exposure can lead to serious privacy issues, as well as damage to a company’s reputation.

The process of locating and identifying all SaaS applications in use within an organization. SaaS discovery helps organizations gain visibility into their SaaS environment, enabling them to better manage their applications and identify potential security risks.

A type of cybersecurity technology that is used to detect, investigate, and respond to suspicious activity on endpoints.

Non-intrusive method of checking if an endpoint used a particular SaaS apps.

The actual devices that employees and users use to do their work, such as desktops, laptops, tablets, and mobile devices

A security practice used for controlling access to systems, applications and data by granting users access rights based on their assigned roles.

A threat that originates from within an organization. Insiders can have malicious intent, or they can be careless and unintentionally cause damage to an organization.

The process of reducing or eliminating the potential impacts of a security breach. Mitigation can include implementing security measures to reduce the probability of an attack, training users on security best practices, and developing incident response plans.

An authorization protocol that allows users to securely access a website or application without having to provide their username and password.

A type of cloud-delivered security platform that offers a unified approach to secure access

An architecture for delivering security services from the cloud.

An approach to managing and monitoring the security posture of a SaaS environment.

The accumulated entirety of all the SaaS apps and products that a business or organization utilizes at any capacity.

The process of planning, implementing and monitoring SaaS applications to ensure they are in compliance with industry best practices and organizational policies.

Securing the multiple attack surfaces that are created by organizational-wide SaaS use

The uncontrolled proliferation of SaaS use throughout an organization.

Information Technology systems deployed by departments other than the central IT department of an organization.

An interconnected software-based network that is gradually formed from sprawling use of Shadow IT.