Pax8’s Post

The CAIQ version 4.0 for our Fusion #CloudApplications is a valuable resource, offering in-depth insights into our security practices and programs. Learn more here: https://lnkd.in/eEy6p5mp

Sisense was recently hit by a data compromise, resulting in terabytes worth of stolen customer data. How are you leveraging Sisense today? Do you know which business-critical SaaS applications Sisense is connected to in your environment? Many BI apps like Sisense streamline business operations through complex SaaS-to-SaaS connections, but also introduce unique security considerations. Bad actors target these SaaS platforms because of their interconnected nature, exploiting trusted relationships between SaaS vendors and their customers. Learn more about what you need to do to mitigate this risk: https://hubs.la/Q02sTSSB0

Salesforce is a repository of your most important customer, prospect, and partner data - it's vital for a business's success.  With the sensitivity of the data stored within Salesforce, it’s crucial that you have the proper controls in place to ensure risky data is not exposed outside the organization, and that internal employees can only access data points they should have privilege to. Imagine if a Sales Representative downloads customer data the day before leaving the company. Can you track what data was taken from Salesforce for each customer? Are you able to identify if there is a suspicious login to Salesforce from an outdated contractor? We're thrilled to share our expanded capabilities within Salesforce, offering real-time monitoring, detection, and remediation of potential threats within the Salesforce ecoysystem. With this launch, DoControl continues to invest in providing a centralized solution to manage security concerns across an organization's entire suite of SaaS applications. Read below to find out more! https://lnkd.in/e6naWwcg #ssp #saassecurity #salesforce #datasecurity

We are excited to announce our exclusive inclusion in CrowdStrike's recently launched Marketplace! This not only provides CrowdStrike customers a streamlined way to purchase our SaaS Security Platform, but also enhances visibility into our advanced product integration with CrowdStrike. DoControl seamlessly integrates with the CrowdStrike's Falcon platform, utilizing its lightweight agent to ingest valuable endpoint telemetry. This enables us to effortlessly cross-reference CrowdStrike detections with files present in the corporate SaaS applications that employees rely on every day. When a compromised file match is detected, our automated DoControl workflows kick into action, providing a range of remediation options. Users have the flexibility to set up push alerts, webhooks, or automate the file deletion process, ensuring swift and effective response to security threats. Click below to find out more! #SSP #saassecurity #crowdstrike #partners https://lnkd.in/esAWgC6k

As businesses adopt multiple SaaS solutions — ranging from email and communication tools to customer relationship management (CRM) and enterprise resource planning (ERP) systems — the need for these applications to share data and functionality increases. However, each integration point can potentially serve as a vector for security breaches, data leaks, and compliance violations. So, how do you know if your SaaS-to-SaaS interconnections are getting a bit too sassy? 💁♀️ Today on our blog, Aquia Senior Security Architect, Daniel Wallace, explores the importance of SaaS-to-SaaS security, identifies some key challenges, and outlines best practices for organizations to implement. Check it out >> https://lnkd.in/exSmjbAk #saas #saassecurity #cybersecurity #cloudsecurity #riskmanagement #compliance

In the fast-paced landscape of business technology, Dynamics 365 Supply Chain Management users are confronted with the evolution of service-based authentication methods. As older methods phase out, it's crucial to proactively prepare for these changes. In this blog post, we'll explore the significance of deprecated authentication methods in Dynamics 365 and outline key strategies for a seamless transition, ensuring your operations remain secure and efficient. Let's dive into the essentials of navigating this technological shift. Read the full article here: https://lnkd.in/df8huSdE #Dynamics365Transition #AuthenticationEvolution #TechInnovation #SecureOps #DigitalTransformation #bizcommits #TechTransition #BusinessTechUpdate #Cybersecurity #FutureOfAuth #StayCurrent #D365Security #InnovateWithConfidence #SafeguardOperations #AdaptAndThrive #TechUpgradeTips

Home improvement retailer Home Depot confirmed with multiple publishers that it suffered a data break due to a third-party SaaS vendor inadvertently exposing a subset of employee data. IntelBroker, the threat actor behind the attack claims it has the information of 10,000 Home Depot employees. “SaaS applications are now the operating system and system of record for business since they handle sensitive, business-critical data. SaaS is a critical part of cloud infrastructure and applications that businesses need to pay attention to and implement controls around to prevent data breaches. At a basic level, it’s important to get visibility into SaaS risks and preventable data exposures. Beyond this, enterprises should watch out for SaaS identities, user behaviors, and connected applications that can introduce additional risks.” Full article ➡ https://lnkd.in/e7AaXaMZ #saassecurity #databreach #securityrisk

🌐 #IAM: Embracing the new use case of the #ExtendedEnterprise 🚀 The #IAM ecosystem is maturing, and with it comes a new use case: the #ExtendedEnterprise. Not focusing solely on customers, this use case looks upstream to include #suppliers, #subcontractors, and other key players as information systems opens up. 🔍 Join us for an in-depth look at this new challenge for #IAM. We'll explain different #governance models and their features, provide an overview of available #vendor solutions, and explore new technologies enabling #processdecentralization. 📢 Eloïse Le Franc and Maryeme BOUSSOUIS invite you to explore #IAM from the perspective of the #ExtendedEnterprise. #Cybersecurity #Innovation #Technology #IS #IdentityManagement #DigitalTransformation

92% of companies eyeing investment in AI-powered software: In 2024, buyers are increasingly focused on cost efficiency, AI functionality, and enhanced security, according to Gartner. The report reveals that 61% of buyers are seeking upgrades for more functionality in their recently purchased software. The need to upgrade reflects the constant pursuit of optimizing tech tools for better performance and ROI. Central to navigating these decisions, 98% of buyers rely on user reviews in their decision-making process and place higher trust in more recent … More → The post 92% of companies eyeing investment in AI-powered software appeared first on Help Net Security. @Poseidon-US #HelpNetSecurity #Cybersecurity

Should single-sign-on (SSO) be charged for? It seems that what should be a bare minimum for software vendors is now a new security tax. SSO, multi-factor authentication (MFA), and, in general, password use and policy remain at the forefront of many of the largest systemic hacks recently. UnitedHealth blamed a disabled third-party MFA for the largest healthcare hack. Was MFA disabled by ignorance or by choice, as it costs more money? CONGRESSIONAL TESTIMONY: On February 12, criminals used compromised credentials to remotely access a Change Healthcare Citrix portal, an application used to enable remote access to desktops. The portal did not have multi-factor authentication. Once the threat actor gained access, they moved laterally within the systems in more sophisticated ways and exfiltrated data. Ransomware was deployed nine days later. With the interconnectivity of digital systems now representing systemic failures, how long will it take to live in a world with SSO and/or MFA as a standard? https://sso.tax/ Thank you, Mike Burgard, for sharing this.