Adaptive Shield Extends SaaS Entitlement Management to Drive SaaS Security Consolidation

May 29, 2024 0 By David

To secure emerging SaaS attack surfaces, Adaptive Shield has extended the capabilities of its SaaS Security Posture Management (SSPM) unified platform to cover complex Permissions and Shared Data. This announcement follows the company’s recent launch of GenAI Posture Management at the 2024 RSA Conference.

“SaaS security impacts the entire organization, affecting security teams, auditors and app owners. Our platform consolidates and unifies all threat prevention and detection efforts, allowing enterprises to safely rely on both out-of-the-box and homegrown SaaS applications,” said Maor Bin, CEO and co-founder of Adaptive Shield.

One of the major challenges in securing SaaS applications is the unique way each app provisions entitlements. With complex and dispersed permission structures, along with different terminology and UIs within and between apps, it is almost impossible for security teams and app owners to facilitate security and compliance audits. Such structures are highly complex in environments such as Salesforce, Workday, M365, Zendesk, Google Workspace and more. Managing data entitlements, such as detecting external sharing of documents, boards and repositories, is also a major concern for security teams, as this can lead to inadvertent or malicious data disclosure.

This is why Adaptive Shield has prioritized these emerging use cases:

The Permission Inventory gives customers deep visibility into permission structures at the SaaS stack level through an automated approach. Core capabilities include:

  • Permissions consolidation from multiple areas within the application
  • Normalization of permissions across multiple tenants and applications
  • Centralized discovery of roles and aggregated permissions

The Data Inventory feature enables customers to prevent data leakage. Key among the benefits:

  • Identify all publicly shared data from SaaS apps such as Microsoft OneDrive, Google Drive and more, and determine which need to be further protected
  • Find outlived data or those no longer being used and revoke
  • Recognize which resources are shared externally and sort by user, date, department and former employees
  • Receive alerts to suspicious connections from external domains