Valence Threat Research on Dark Reading

The SaaS-to-SaaS Supply Chain

An evolving network of SaaS-to-SaaS integrations that enable automated business workflows and data exchange

The Growth of the SaaS-to-SaaS Supply Chain is Driven By

Business Application Cloud Migration

Digital transformation empowers innovation and employees with a growing number of SaaS and self hosted business applications

Valence - business application mesh security - The challenge - Mesh example
SaaS to SaaS Supply chain security  | Valence security - The challenge - Mesh example

Expanding Network of Interconnectivity

Independently managed best-of-breed applications require integrations via SaaS marketplaces, third-party apps and APIs

Hyperautomation of Business Processes

Use of no/low code platforms like Zapier and Workato is on the rise, increasing productivity by automating workflows

Valence - business application mesh security - The challenge - Mesh example

Indiscriminate and Shadow Connectivity
With No Security Governance

SaaS to SaaS Supply chain security  | Valence security- Quote icon

“Gartner estimates that more than 70% of large commercial organizations have dozens of hyperautomation initiatives underway”

Gartner Top Strategic Technology Trends for 2021

SaaS to SaaS Supply chain security  | Valence security- Quote icon

“Business applications have hundreds and even thousands of third-party extensions and API integrations available”

The State of Product Integrations at the SaaS 1000

SaaS to SaaS Supply chain security  | Valence security- Quote icon

“97% of Google Workspace users have authorized at least one third-party app”

Netskope Cloud and Threat Report - July 2021

SaaS to SaaS Supply chain security  | Valence security
Creating a New Risk Surface
Malicious Third-Party Apps
Malicious Third-Party Apps

Consent phishing tricks users into granting access to malicious third-party applications

Secure SaaS to SaaS Supply chain  Today | Valence security
“OAuth Consent Phishing Ramps Up with Microsoft Office 365 Attacks”
Hyperautomation Exposure
Hyperautomation Exposure

Low-code misconfiguration leads to publicly accessible sensitive data and PII

Secure SaaS to SaaS Supply chain  Today | Valence security
“38 Million Records Exposed from Microsoft Power Apps of Dozens of Organisations”
Supply Chain API Takeovers
Supply Chain API Takeovers

Stolen certificates allowed to connect to Mimecast customers Microsoft 365 tenants

Secure SaaS to SaaS Supply chain  Today | Valence security
“Mimecast Breach Linked To SolarWinds Hack, Allowed Cloud Services Access”

Assess Your SaaS to SaaS Supply Chain

What Risks Are Lurking in Your Shadow Third-party SaaS Integrations?
Free Assessment
Valence Threat Research on Dark Reading