Glossary

This type of connection occurs when two applications (typically cloud-based) communicate with each other. App2app connections can potentially introduce a wide range of security risks, including data loss and exposure to malicious actors.

A technology that provides a layer of security when accessing cloud applications. CASBs act as a mediator between the cloud application and the user, verifying that users are authorized to access the cloud application, monitoring for suspicious activity, and enforcing security policies.

Cloud Security Posture Management (CSPM) encompasses tools and practices designed to enhance security and compliance within cloud environments. CSPM solutions continuously monitor cloud infrastructure, including Infrastructure-as-a-Service (IaaS) and Platform-as-a-Service (PaaS) configurations, to identify and address security risks, misconfigurations, and compliance issues. These tools empower organizations to maintain secure cloud operations by offering comprehensive visibility into…

A software component that enables two applications or services to communicate with each other. Connectors are typically used to connect cloud-based applications, allowing them to share data.

The unintended release of sensitive data due to security vulnerabilities or malicious actors. Data exposure can lead to serious privacy issues, as well as damage to a company’s reputation.

The process of locating and identifying all SaaS applications in use within an organization. SaaS discovery helps organizations gain visibility into their SaaS environment, enabling them to better manage their applications and identify potential security risks.

A type of cybersecurity technology that is used to detect, investigate, and respond to suspicious activity on endpoints.

Non-intrusive method of checking if an endpoint used a particular SaaS apps.

The actual devices that employees and users use to do their work, such as desktops, laptops, tablets, and mobile devices

A security practice used for controlling access to systems, applications and data by granting users access rights based on their assigned roles.

An insider threat is a risk posed by individuals within an organization who misuse their authorized access to systems, data, or resources, either negligently or maliciously.

The process of reducing or eliminating the potential impacts of a security breach. Mitigation can include implementing security measures to reduce the probability of an attack, training users on security best practices, and developing incident response plans.

An authorization protocol that allows users to securely access a website or application without having to provide their username and password.

A type of cloud-delivered security platform that offers a unified approach to secure access

An architecture for delivering security services from the cloud.

SSPM (SaaS Security Posture Management) ensures secure SaaS usage by monitoring, identifying vulnerabilities, and automating remediation to protect against data misuse and manage permissions, addressing issues like SaaS sprawl and shadow IT.

The accumulated entirety of all the SaaS apps and products that a business or organization utilizes at any capacity.

The process of planning, implementing and monitoring SaaS applications to ensure they are in compliance with industry best practices and organizational policies.

SaaS Security ensures the protection of SaaS applications and data through strategies like SSPM, addressing risks such as shadow IT and potential breaches to maintain compliance and safeguard organizational integrity.

The uncontrolled proliferation of SaaS use throughout an organization.

Shadow is the onboarding and usage of SaaS applications and services without approval from the organization’s IT department.

An interconnected software-based network that is gradually formed from sprawling use of Shadow IT.