0      0

SL2305 - Securing Employee-Adopted SaaS Apps

‐ Sep 21, 2023 2:50pm

"Network-less attacks" will become the new normal. It's possible to compromise a company without touching the network to remain undetected. 

The number of SaaS apps in use in modern enterprise is vastly underestimated. Employees sign up for these apps themselves, skipping the usual security checks and procedures. Identities are the new perimeter, one that can be actively targeted by malicious actors. We’ll discuss the risks to modern enterprise and walk through some novel attacks that can be conducted in the SaaS-first world, as well as how to approach security in the age of self-service. 

Learning Objectives:

  1. Learn how attacker's gain access to employee-adopted SaaS and use that to compromise an organization
  2. Techniques to discover SaaS apps used in modern enterprise
  3. How to approach security in the age of self-service

Learning Objectives:

  • Understand the impact of attacks against company SaaS applications
  • Learn about the attack techniques attackers are adopting against this modern company attack surface
  • Learn about product-led growth, and how it's driving the age of self-service


You must be logged in and own this session in order to post comments.