YL Ventures and Valence Security on Wednesday reported that the average organization has 917 SaaS-to-SaaS third-party integrations — and some 48%, nearly half — sit unused, primarily because they are not properly offboarded after a failed proof-of-concept exercise.
The researchers explained that SaaS-to-SaaS third-party integrations leave core business applications like Microsoft 365, Google Workspace and Salesforce and the business-critical data in them open to supply chain attacks.
Yoni Shohet, co-founder and CEO of Valence Security, said both security practitioners and software-as-a-service (SaaS) security vendors have lagged in their past efforts to address this threat vector.
