Cloud security is no longer about only securing cloud infrastructure. With the rapid rise of SaaS applications and their evolution toward becoming one-stop-shop platforms, cloud security has entered a new phase where organizations need to better understand both their cloud infrastructure security posture and SaaS security posture. Whether simply adopting SaaS applications for productivity and collaboration or by moving all workloads to the cloud, organizations are increasingly adopting cloud services, in one form or another. SaaS Security, however, is complicated by the decentralized nature of SaaS management across multiple business units.
We’re now one step closer to closing the gap in this cloud security frontier by bridging cloud and SaaS security posture management through our collaboration with Orca Security. Together, Valence and Orca provide seamless security oversight for misconfigurations and vulnerability risks across cloud infrastructure and SaaS applications, reducing the risk of lateral attacks that can take place between SaaS and cloud environments.
In the past few years, many security teams increasingly focused on protecting production environments - primarily IaaS (AWS/Azure/GCP) and application security. Our increasing dependency on SaaS applications such as GitHub, Okta, Jira, Slack, and others, created a growing attack surface that could also affect the organization’s crown jewels and revenue generation. Attackers constantly search for the weakest link, probing across companies’ multifaceted attack surface. Often, SaaS application security posture is overlooked, creating entry points for attackers (through phishing, for example) or providing adversaries with lateral movement opportunities.
Let’s examine the Heroku and Travis-CI breach as an example of how a lateral move from a SaaS breach to the cloud can easily take place.
During this incident, the attackers gained access to Heroku and Travis-CI’s secrets, which included GitHub OAuth tokens that were granted to them, by customers, for legitimate purposes. The attackers then abused the tokens, gained unauthorized access to dozens of GitHub organizations, and downloaded data. This included GitHub’s own private npm repositories, which also led to the discovery and abuse of AWS API keys and access to AWS S3 storage.
Without the integration of the risk data and telemetry from an SSPM like Valence, and a CNAPP like Orca Security, these types of risks could continue to easily go unnoticed within many cloud-dependent organizations.
Bringing together the power of SSPM and CNAPP
Bringing together the power of SaaS security posture management (SSPM) and cloud native application protection platform (CNAPP) provides organizations with an unmatched visibility into their entire SaaS and IaaS risk footprint. By implementing our joint solution, you will:
- Gain visibility and context to identify misconfigurations, vulnerabilities, critical data leakage gaps, third-party integrations, and identity risks in both IaaS and SaaS environments.
- Explore toxic combinations of risks and attack vectors that leverage the interconnectivity between SaaS and IaaS identities and APIs to conduct lateral movement attacks between cloud environments.
- Protect Orca Security as a business critical SaaS application, ensuring Orca’s security posture is optimized to protect identities, integrations, and other valuable access into customer cloud environments.
Contact Us to learn more about how the Valence and Orca partnership can provide a holistic viewpoint into all of your cloud security.