A super scalable way to secure SaaS, equipping employees to join the fight against attackers and improve their own security.
pushsecurity.com
The SaaS attack matrix we released as open source research project a couple weeks ago introduced some new SaaS attack methods for evading EDR and network monitoring tools.
đź‘€ Here's a new demo combining two new SaaS attack techniques - poisoned tenants and SAMLjacking - to make a simple, but effective attack chain.
Link in the comments!
#SaaSSecurity #attacktechniques #saasattacks #redteam #pentester #blueteam
Link to article here: https://bit.ly/3YMCrhi
🔎 Focus on account security to reduce SaaS risks
- You’ve probably locked down the known cloud services and cloud apps your company is using (Google Workspace, Microsoft 365, etc.)
âť“ What about all those other SaaS apps people in the company are using?
đź“‘ Learn how to manage the risks of shadow IDs, identities, and accounts
https://pushsecurity.com/blog/focus-on-account-security-to-reduce-saas-risks/
#SaaSsecurity #shadowIT #shadowidentities #SaaSmanagement #SaaSsprawl #shadowaccounts
