EP148 Decoding SaaS Security: Demystifying Breaches, Vulnerabilities, and Vendor Responsibilities

Adrian Sanabria, Director of Valence Threat Labs at Valence Security, ex-analyst

29:29

When people talk about “cloud security” they often forget SaaS, what should be the structured approach to using SaaS securely or securing SaaS?
What are the incidents telling us about the realistic threats to SaaS tools?
Is the Microsoft 365 breach a SaaS breach, a cloud breach or something else?
Do we really need CVEs for SaaS vulnerabilities?
What are the least understood aspects of securing SaaS?
What do you tell the organizations who assume that “SaaS vendor takes care of all SaaS security”?
Isn’t CASB the answer to all SaaS security issues? We also have SSPM now too? Do we really need more tools?

Do you have something cool to share? Some questions? Let us know:

View more episodes