The problem
Risky App2App connections
SaaS apps use App2App authentication, such as OAuth tokens or API Keys, to help users login as well as to integrate SaaS apps with each other.
While this interconnectedness comes in handy for users, its widespread usage creates a “Shadow Network” of App2App connections within the organization.
This presents a large attack surface for threat actors trying to “hack in” and also a path for “lateral movement” within this network once they’re in.
Risky aspects of App2App connections include:
App2App connectivity creates a ‘Shadow Network’ which presents many threats and risks.
If any SaaS app is compromised, the App2App connectivity can be used for lateral movement to reach other SaaS apps.
3rd party SaaS apps share similar App2App connectivity risks as regular SaaS apps, but are harder to control.
Threat actors see App2App connections as “low hanging fruit” as the responsibility to secure them is in limbo between the two apps.
Wing’s Solution:
Automatically Shutdown Risky App2App connections
Wing mitigates this problem by using App2App connectivity to find all App2App connections, including 3rd party apps. Wing then fixes any issues found using built-in automation, with minimal inconvenience to users.
Newly detected App2App issues are automatically resolved using Wing’s built-in auto-remediation.
Risky 3rd party app connections are also found & fixed.