SaaS-to-SaaS integrations take many forms, often enabling additional features within a product with the addition of an OAuth consent or SaaS marketplace third-party apps. Low/no-code platforms enable automated workflows between SaaS platforms that otherwise have no formal integration with each other. Other types of integrations aren’t visible to business users and are enabled by admins behind the scenes. 

Many security teams avoid blocking integrations altogether since it has a negative impact on business productivity. Even if there is an approval process for SaaS integrations, the constantly changing business application ecosystem requires continuous lifecycle management of third-party access.

Valence Threat Labs found that, on average, 51% of integrations are idle - unused by employees.

Read the case study

The Valence Platform provides a holistic view into SaaS-to-SaaS integrations and no/low-code workflows. The platform correlates information about the integration type (3rd party app/extension, API, OAuth), consenting user or admin consent, granted permissions, history of API calls, the vendor behind the integrations and more. This allows security teams to analyze the risk associated with every integration. The platform also enables automated workflows that can scale the collaboration with business users to collect the business context of integrations before vetting/revoking them.