SaaS – OWASP Jakarta

From $22M in Ransom to +100M Stolen Records: 2025's All-Star SaaS Threat Actors to Watch

From $22M in Ransom to +100M Stolen Records: 2025's All-Star SaaS Threat Actors to Watch In 2024, cyber threats targeting SaaS surged, with 7,000 password attacks blocked per second (just in Entra ID)—a 75% increase from last year—and phishing attempts up by 58%, causing $3.5 billion in losses (source: Microsoft Read more…

By adminowasp, 6 months ago

News

SaaS Budget Planning Guide for IT Professionals

SaaS Budget Planning Guide for IT Professionals SaaS services are one of the biggest drivers of OpEx (operating expenses) for modern businesses. With Gartner projecting $247.2 billion in global SaaS spending this year, it’s no wonder SaaS budgets are a big deal in the world of finance and IT. Efficient Read more…

By adminowasp, 7 months ago

News

5 SaaS Misconfigurations Leading to Major Fu*%@ Ups

5 SaaS Misconfigurations Leading to Major Fu*%@ Ups Nov 01, 2024The Hacker NewsSaaS Security / Insider Threat With so many SaaS applications, a range of configuration options, API capabilities, endless integrations, and app-to-app connections, the SaaS risk possibilities are endless. Critical organizational assets and data are at risk from malicious Read more…

By adminowasp, 8 months ago

News

Think You’re Secure? 49% of Enterprises Underestimate SaaS Risks

Think You’re Secure? 49% of Enterprises Underestimate SaaS Risks It may come as a surprise to learn that 34% of security practitioners are in the dark about how many SaaS applications are deployed in their organizations. And it’s no wonder—the recent AppOmni 2024 State of SaaS Security Report reveals that Read more…

By adminowasp, 8 months ago

News

The Weak Link in Organizational SaaS Security

The Weak Link in Organizational SaaS Security Oct 09, 2024The Hacker NewsSaaS Security / Identity Security Social media accounts help shape a brand’s identity and reputation. These public forums engage directly with customers as they are a hub to connect, share content and answer questions. However, despite the high profile Read more…

By adminowasp, 9 months ago

News

Why SaaS Security is Suddenly Hot: Racing to Defend and Comply

Why SaaS Security is Suddenly Hot: Racing to Defend and Comply Recent supply chain cyber-attacks are prompting cyber security regulations in the financial sector to tighten compliance requirements, and other industries are expected to follow. Many companies still don’t have efficient methods to manage related time-sensitive SaaS security and compliance Read more…

By adminowasp, 1 year ago

News

Unpacking 2024's SaaS Threat Predictions

Unpacking 2024's SaaS Threat Predictions Early in 2024, Wing Security released its State of SaaS Security report, offering surprising insights into emerging threats and best practices in the SaaS domain. Now, halfway through the year, several SaaS threat predictions from the report have already proven accurate. Fortunately, SaaS Security Posture Read more…

By adminowasp, 1 year ago

News

Are Your SaaS Backups as Secure as Your Production Data?

Are Your SaaS Backups as Secure as Your Production Data? Conversations about data security tend to diverge into three main threads: How can we protect the data we store on our on-premises or cloud infrastructure? What strategies and tools or platforms can reliably backup and restore data? What would losing Read more…

By adminowasp, 1 year ago

News

The Ultimate SaaS Security Posture Management Checklist, 2025 Edition

The Ultimate SaaS Security Posture Management Checklist, 2025 Edition Since the first edition of The Ultimate SaaS Security Posture Management (SSPM) Checklist was released three years ago, the corporate SaaS sprawl has been growing at a double-digit pace. In large enterprises, the number of SaaS applications in use today is in the Read more…

By adminowasp, 1 year ago

News

A SaaS Security Challenge: Getting Permissions All in One Place

A SaaS Security Challenge: Getting Permissions All in One Place Permissions in SaaS platforms like Salesforce, Workday, and Microsoft 365 are remarkably precise. They spell out exactly which users have access to which data sets. The terminology differs between apps, but each user’s base permission is determined by their role, while additional permissions Read more…

By adminowasp, 1 year ago