The democratization of IT has empowered users to choose best of breed Software as a Service (SaaS) applications that can drive efficiency and support business agility. While beneficial for business purposes, today’s rapidly scaling SaaS adoption renders security teams helpless in the face of overseeing this sprawl or governing it. As the number of applications used by organizations rises, so does SaaS-to-SaaS interconnectivity and the number of third-party integrations accelerated through the use of API tokens, OAuth third-party apps, SaaS marketplaces, and no/low code automated workflows. These integrations significantly expand supply chain access, as well as its corresponding risk and attack surfaces.
Security teams currently struggle with bridging the gap between alerts and mitigation of breaches, have limited visibility due to blind spots and lack of context, and focus only on monitoring human identities, leaving the growing number of non-human identities used for programmatic access and automated processes exposed to supply chain attacks. In just the past few months, we’ve witnessed three extraordinary attacks leveraging this growing risk vector.