Axonius has announced the release of two new capabilities within Axonius SaaS Management to help organisations better understand their overall SaaS application risk.
Behavioural Analytics and SaaS App-to-Device Correlation allow IT and security teams to gain added visibility and context into the users and devices accessing SaaS applications, and whether suspicious activity is occurring for critical SaaS apps.
SaaS continues to represent an ever-expanding component of an organisation's attack surface. Not only does the increase in adoption of SaaS applications change IT and security operations, it also adds new role and skill expectations for IT and security team members - like using already scarce resources to track organisation SaaS app utilisation and identify misconfigured SaaS settings potentially exposing sensitive data. All of this adds to more complexity and can have a profound impact on an organisation's security posture, the company states.
Amir Ofek, CEO of AxoniusX, the innovation unit of Axonius, comments, “A lot of sensitive data is stored in and shared between SaaS applications, and oftentimes, its very difficult to understand which users and devices have access to those applications.
"For IT and security teams tasked with protecting their organisations entire SaaS app stack, they need the right information to help them better understand the who, the what, and the how of SaaS app usage. These new capabilities within our SaaS management solution will bring necessary context to the questions surrounding SaaS security.”
According to the company, SaaS App-to-Device Correlation helps understand if unmanaged and unauthorised devices are being used to access various SaaS apps.
By leveraging Axonius Cybersecurity Asset Management and its hundreds of adapters across the technology stack, Axonius SaaS Management will now automatically correlate each SaaS user to their associated devices and provide a more comprehensive view of an organisations security posture, the company states.
Organisations will now have visibility into unmanaged or unauthorised devices accessing SaaS apps, and be able to decrease the risk of data loss.
Ofek continues, "SaaS App-to-Device correlation ultimately helps organisations contextualise their SaaS application data, continued Ofek. Using both Axonius Cybersecurity Asset Management and SaaS Management products, organisations gain a more complete view of their device security posture than they might receive with standalone integrations. No other solution on the market today can offer this much comprehensive and rich data."
The past year has seen an ongoing increase in data breaches originating from SaaS applications. For example, the Okta breach in early 2022 demonstrated how one compromised SaaS application can often have a domino effect throughout an entire organisation.
By adding Behavioural Analytics capabilities within Axonius SaaS Management, organisations will gain visibility into user behaviour within SaaS applications over time and be able to detect any anomalies or suspicious activity that could pose organisational risk, the company states.
The solution aggregates log data across various sources, including Okta, Microsoft Azure AD, and Google Workspace, to identify suspicious activity, events, and complex behavioural patterns. As a result, Axonius helps facilitate in-depth investigations by the incident response and SOC teams within the organisation.
Beyond identifying suspicious behaviour, the behavioural analytics capability can help organisations investigate temporary privileges granted for existing users, identify anomalous login activities that deviate from the users normal activity and other baselines, minimise data theft or leakage of confidential data, and more.
Ofek concludes, “These latest developments and the integration of the Axonius Cybersecurity Asset Management and SaaS Management products ensure comprehensive visibility and further correlation across SaaS applications, devices, cloud services, and users in an organisations environment, streamlining efforts to reduce the attack surface amidst an increasingly complex cyber landscape."