Discover defenses against latest SaaS Security risks

Five Lessons Learned From the Okta Breach

While breaches remain a common occurrence, there's much to gain from studying them to avert future incidents. In this blog post, we delve deep into the most recent Okta Support Breach, extracting five crucial lessons from it.

Cloud Security - from IaaS to SaaS, from CNAPP to SSPM

As organizations increasingly migrate to the cloud, the rapid adoption of both SaaS and IaaS solutions has created new challenges. Valence's collaboration with Orca Security addresses these challenges head-on, creating a powerful solution that bridges the gap between cloud and SaaS security posture management.

Top Security Recommendations for SaaS Applications

SaaS-related breaches are real and increasing in frequency. Our latest blog dives into SaaS security recommendations to implement now, across 5 categories.

Validate Cyber Insurance’s Preferred Security Controls in Your Critical SaaS

The surge in cyber threats and the wealth of available data on cyber posture and incidents pose a unique challenge for the cyber insurance industry. As attacks continue to rise, insurers face the daunting task of assessing and helping their clients mitigate cyber risks efficiently. This blog dives into the role SaaS applications play in cybersecurity.

What Does Zero Trust Mean for SaaS Security?

You’ve heard a lot about Zero Trust, but did you know that most SaaS applications are well-aligned with Zero Trust Architecture? If you’re planning to start adopting Zero Trust in your organization, SaaS is an ideal place to start. This blog will help you with understand how to apply Zero Trust to SaaS, through the lens of CISA’s Zero Trust Maturity Model.

Racking up Convenience Debt with SaaS Integrations

SaaS applications and platforms give every user the ability to integrate new third-party vendors. The problem? Most business users don’t understand the level of access they are granting, or if the third-party can be trusted! This blog explores how security teams can get a handle on SaaS integrations.

SaaS Misconfiguration Misconceptions Debunked

We hear a lot about attackers exploiting vulnerabilities, but did you know that misconfigurations are just as common? In this blog, we delve into the realm of common misconfigurations and provide insights on how to proactively prevent them.

SaaS Identity and Employees: the Keys to Productivity and Breaches

‍There’s a lot of focus in cybersecurity on vulnerabilities, exploits, and assets. We focus on the data that was stolen, the device that was hacked, or the malware deployed. At the center of all these incidents, however, are identities. This blog delves into identity challenges that are related to the distributed nature of SaaS applications and platforms.

Salesforce Best Practices When Using Named Credentials

Learn SaaS security best practices for implementing named credentials in Salesforce.

External Data Sharing Is Out Of Control: But Does It Have to Be?

Secure data sharing has historically posed significant challenges for enterprises. This blog delves into the hurdles faced by organizations governing data including legacy methods of data sharing (email attachments, file transfer software and sync & share solutions) as well as modern, cloud-based SaaS methods.

Exploring the Microsoft Storm-0558 SaaS Breach

On June 16, 2023, a Microsoft 365 customer alerted Microsoft to some anomalous email activity they had detected. Microsoft began investigating and found that an external adversary had compromised the email of 24 other customers as well.

Valence Joins Microsoft for Startups Pegasus Program

Valence Security is thrilled to be part of the Microsoft for Startups Pegasus Program! A big thank you to Microsoft for consistently supporting the startup ecosystem with programs like these.

Detecting Risky Behavior with Microsoft and Valence

The Microsoft Azure AD team has been busy building identity protection features and making them available via the Microsoft Graph REST API. Valence has been collaborating with the Azure AD team – helping to bring new capabilities to detect Risky Users and Risky Service Principals into our SaaS security platform.

Valence Security ThreatLabs Alert: Salesforce Risk

Valence Security ThreatLabs Alert: Brian Krebs from Krebs on Security has recently posted that numerous organizations, including banks and healthcare providers, are leaking sensitive info from public Salesforce Community websites due to misconfiguration.

The Digital Office Moved to SaaS

The digital office has moved and it seems like we’re in a constant state of catching up. The modern organization’s files, schedules, communications, concerns, plans, and goals all live in SaaS applications today. It’s easier than ever to collaborate, but it’s also easier than ever for data to leak.

How Generative AI Benefits SaaS Security

The Valence AI Assistant can analyze SaaS security risks and help security teams quickly define a remediation plan.

3 out of 4 Employees Sidestep IT, Bring Their Own Tech

According to a Gartner® Press Release, “by 2027, 75% of employees will acquire, modify, or create technology outside IT's visibility, up from 41% in 2022.” Much of this trend is driven by the accelerated adoption of SaaS applications by business owners without the involvement of IT or cybersecurity teams, especially due to the rise of remote work following the COVID pandemic.

More SaaS Adoption → More SaaS Breaches

Despite the frequency of breaches, attackers are fairly predictable. They’re opportunists. They’ll go to where valuable data and useful identities live. Today, more than ever, that leads them to SaaS applications.‍ This blog discusses a number of ways SaaS breaches can occur.

Introducing the Valence 2023 State of SaaS Security Report

The 2023 Valence State of SaaS Security report compiles our perspective on SaaS security, the latest threats, data from dozens of real companies, and finally, our recommendations and predictions for this market.

CircleCI Says Hackers Stole Encryption Keys and Customers’ Secrets

CircleCI, a vendor specializing in CI/CD and DevOps tools, confirmed that some customer data was stolen in a data breach last month.

Using SSPM to Start Resolving SaaS Security Issues

SaaS security risks go beyond administrative configurations which current SSPMs focus on.

Cloudflare Hacked Following Okta Compromise

Discover how the Cloudflare breach, stemming from the Okta compromise, underscores the critical need for holistic risk management in SaaS applications.

Offboarding: Don't Forget Third-party Non-human Identities

Offboarding of non-human users must become a top priority for CISOs.

Empowering SaaS Incident Response with Valence and Microsoft Sentinel

As businesses increasingly rely on SaaS applications, their distributed ownership and intricate configurations expose them to the risk of misconfigurations and breaches. The integration between Valence and Microsoft Sentinel allows security teams to respond to SaaS threats with unprecedented speed and accuracy, deliver critical data and context and enrich existing incident response workflows.

Why Your SaaS Security Strategy Needs Automated Remediation

our security team is operating with a dangerous blind spot. Your SaaS environment is likely the most vulnerable aspect of your security posture...

Taming the Wild West of SaaS Data Sharing

Explore the hidden security challenges of data sharing in commonly used SaaS applications and learn how to protect your organization's SaaS data from unchecked cyber risks.

The Rising Threat of Consent Phishing: How OAuth Abuse Bypasses MFA

A sophisticated attack vector known as “consent phishing” has emerged as a significant SaaS security threat.

Taming the Beast: The 5 Essential Pillars of SaaS Security

Generative AI represents just one element of the broader SaaS revolution transforming enterprise IT. Most organizations are becoming SaaS-first enterprises, permanently displacing centralized IT architectures. This decentralized environment creates significant challenges for security teams striving to maintain cyber resilience.

Shining a Light on Shadow IT—Announcing Valence's SaaS Discovery Capabilities

Discover Valence's SaaS discovery capabilities, offering unmatched visibility into shadow IT and shadow AI risks for stronger SaaS security and governance.

SaaS Security and IaaS Security—Why You Need Both

This article looks at common and unique risks to securing cloud-stored data, both at the cloud infrastructure (IaaS) and SaaS levels, and argues inn favor of the importance of strong security for both.

SaaS OAuth Attack Leads to Widespread Browser Extension Breach

A recent large-scale attack campaign targeting Google Chrome extensions, affecting up to 2.6 million users, underscores the urgent need for businesses to prioritize SaaS security, monitor OAuth tokens, and evaluate third-party integration risks.

How to Choose the Best SaaS Security Platform

Selecting the right SaaS security platform is critical for safeguarding modern organizations against evolving threats in cloud-based environments. This guide explores key considerations and features to help you make an informed decision.

The Challenge of Distributed SaaS Management—Balancing Productivity and Security

Distributed SaaS management empowers business units with the tools they need to innovate and thrive—but it also creates critical security blind spots. This blog explores how organizations can balance the benefits of decentralization with effective SaaS security strategies.

SaaS Security Best Practices and Strategies for 2025

In 2025, securing SaaS applications will require sophisticated strategies and technologies to reduce evolving risks. This article explores key strategies, best practices, and tools for securing SaaS applications, with a focus on SaaS data security, SaaS-to-SaaS integrations, and common SaaS security challenges.

Key Risks of Software as a Service and How to Manage Them

The rapid adoption of SaaS introduces unique security risks that can threaten sensitive data, compliance efforts, and operational continuity. Understanding these risks and implementing strategies to address them is vital for securing SaaS environments effectively.

Strengthening SaaS Applications with Secure Non-Human Identity Management

As SaaS applications grow more complex, so does the network of SaaS-to-SaaS integrations and the non-human identities (NHIs)—such as service accounts, API keys, and OAuth tokens—that power them. Learn about NHI risks and security best practices.

Elevating SaaS Security Posture Management: Key Strategies

While SaaS applications have become essential to modern business operations, they also introduce unique security challenges. To address these issues, SaaS Security Posture Management (SSPM) has emerged as a critical solution.

2024 SaaS Security Breaches: Lessons Learned

As 2024 draws to a close, it's evident that the SaaS landscape has become both a cornerstone of business productivity and a growing target for sophisticated cyberattacks.

Strengthening Cloud Security from SaaS to Infrastructure: Valence Joins WIN—Wiz Integration Network

In today’s expanding cloud ecosystem, comprehensive protection demands securing not only infrastructure-as-a-service (IaaS) and platform-as-a-service (PaaS) environments but also the critical layer of software-as-a-service (SaaS) applications. Read about the Valence Wiz integration.

SSPM and DSPM Better Together—Enriching SaaS Security Risk Management with Cyera’s Data Security Platform Classification and Contextualization

Read about Valence's new integration with Cyera, a leader in Data Security Posture Management (DSPM). Combining Valence’s SSPM capabilities with Cyera’s insights around sensitive data, improving SaaS risk management.

Escape the SaaS House of Horrors

It’s the height of spooky season, and there’s no better time to talk about the spine-chilling risks lurking in your SaaS environment. But don’t worry—you don’t have to let these spooky threats turn your business into a haunted house.

Mitigating GenAI Risks in SaaS Applications

Artificial Intelligence (AI) tools like DeepSeek have revolutionized the business landscape, offering unprecedented automation, efficiency, and innovation. Read about the security risks that come with GenAI use, and how to address them.

Lifecycle Management in SaaS Security: Navigating the Challenges and Risks

Discover SaaS security best practices and lifecycle management strategies to protect your organization from security risks and challenges.

Why Application-Specific Passwords are a Security Risk in Google Workspace

The digital world is constantly changing, and with it, the methods used to secure sensitive information. Decisions made years ago continue to shape today’s landscape. The inception of Gmail by Google marked a pivotal moment in history, setting the foundation for the Google Account as we know it today. Unfortunately, the platform’s early choices still cast a shadow on today’s security posture for everyone who uses it.

Strengthening Your Third Party SaaS Risk Management with Valence and OneTrust

In today's interconnected world, SaaS applications play a critical role in facilitating business operations, enhancing collaboration, and connecting the global workforce. However, along with their myriad benefits come complexities, particularly in terms of security and risk management.

Understanding the Shared Responsibility Model in SaaS

The recent attacks targeting data in customers of Snowflake, a SaaS application focused on data storage, serve as a critical reminder of the importance of understanding the Shared Responsibility Model...

The Danger of Sharing Files with “Anyone with the Link”: Examining a Risky Google Drive Misconfiguration

Often when it comes to security, a significant risk results from an action that is so easy that we tend to overlook the risk itself. Sharing a file using the “anyone with the link” option is the equivalent of leaving a treasure chest unlocked...

2024 State of SaaS Security Report Shows A Gap Between Security Team Confidence And Complexity of SaaS Risks

The report explores key challenges, potential risks, and best practices to navigate the modern SaaS security landscape.

Discover How to Secure Your Business-Critical SaaS at RSA 2024

Let's connect at RSA. Whether you choose to meet our CEO 1:1 or attend one of our parties, we would love to meet you.

The Latest Microsoft Midnight Blizzard Breach is a Wakeup Call for SaaS Security

Explore Microsoft's recent revelation on the Midnight Blizzard cyber attack, uncovering nation-state tactics, SaaS misconfigurations, and crucial lessons for enhancing your organization's cybersecurity.

Combine CrowdStrike Falcon with Valence Security SSPM to Combat Endpoint-to-SaaS Threats

Valence is excited to partner with CrowdStrike, to empower security teams to protect their growing endpoint-to-SaaS risk surface. The integration correlates SaaS security risk signals with CrowdStike’s endpoint security signals to improve overall security posture, threat detection, and incident response processes.

Valence Security Is a Proud Participant in the Microsoft Security Copilot Partner Private Preview

Valence Security today announced its participation in the Microsoft Security Copilot Partner Private Preview. Valence Security was selected based on their proven experience with Microsoft Security technologies, willingness to explore and provide feedback on cutting edge functionality, and close relationship with Microsoft.

Gartner Emerging Tech Impact Radar Reports

Valence Security mentioned as a SaaS Security Posture Management (SSPM) vendor in Gartner’s latest Emerging Tech Impact Radar: Cloud Native and Security reports.

Valence 2023 RSA Conference Survival Guide

The RSA Conference is one of the largest and oldest cybersecurity conferences and its easy to get disoriented. Valence provides its 2023 RSA Conference Survival Guide to help you get the most of this awesome event.

IBM Cost of a Data Breach Report Confirms the Need to Immediately Remediate Supply Chain Risks

Recently, supply chain attacks leveraging the interconnectivity of SaaS applications have become increasingly lucrative for cyber criminals. As the 2022 IBM Cost of a Data Breach report points out, one in five data breaches this year was caused by a supply chain compromise.

Valence Integrates With Azure AD to Reduce SaaS Supply Chain Risks By Enforcing Zero Trust Principles

Valence Security has integrated with Azure Active Directory to give customers increased visibility and control over their SaaS supply chain risks.

The Mailchimp Breach Is Just The Latest Supply Chain Attack

MailChimp, a leading email marketing firm, recently discovered that hackers had gained access to internal customer support and account management tools, which could be used to launch phishing attacks to steal customer data.

CircleCI, LastPass, Okta, and Slack: Cyberattackers Pivot to Target Core Enterprise Tool

Dark Reading contributing writer Robert Lemos discusses how threat actors are increasingly focusing on exploiting core enterprise services.

GitHub and Their Customers are the Latest Victims of Supply Chain Attacks

GitHub announces it had discovered that attackers had stolen OAuth user tokens issued to third-party vendors that were used to download private data repositories from dozens of GitHub customers.

Valence Security Completes SOC 2 Type II Certification

We at Valence Security are extremely pleased to announce that we have successfully completed System and Organization Controls (SOC) 2 Type II certification for our first-of-its-kind platform for securing the SaaS mesh.

Democratizing SaaS Security Remediation

Democratizing SaaS security remediation workflows is increasingly necessary for modern business needs, and security teams must find ways to adapt - not obstruct - such progress.

Valence Security is an Innovation Sandbox Finalist

Valence will present its SaaS security solution, which unlocks employee productivity and accelerates safe SaaS adoption, on the first day of this year’s RSA Conference in the annual Innovation Sandbox competition

GitHub Accounts Breached…Again

Over the holiday weekend, the popular messaging app vendor Slack was notified of a breach of their GitHub account.

The Most Overlooked Element in Most Organizations' Cybersecurity Strategy

Securing the adoption and use of non-human identities is probably the most overlooked element in most organizations' cybersecurity strategy today.

2023 SaaS Management Index Report

In the 2023 Zylo SaaS Management Index Report, researchers provide data, trends and actionable insights from their database of SaaS spend, license and usage data. The most notable of these findings–a staggering 69% of SaaS spend and 82% of SaaS apps by number are adopted and managed by individuals or business units, not IT.

Infographic: Major SaaS Security Breaches 2021-2022

Over the past two years, SaaS adoption has exploded, which has led to an increased frequency and magnitude of SaaS breaches and SaaS supply chain attacks. This infographic shows some of the most destructive recent exploits.

Verizon 2022 DBIR Report: Supply Chain Attacks at Record High

The Verizon 2022 Data Breach Investigation Report (DBIR) noted explosive growth in incidents related to partners and the supply chain.

Three Security Take-aways From The LAPSUS$ Breach of Okta

Okta has denied that the hacker group LAPSUS$ breached their service and performed malicious exploits, while LAPSUS$ claims it has gathered significant Okta customer data over the past several months—enough for additional exploits.

Mitigating Risk to Your SaaS Environment: Best Practices and Key Considerations

While rapid adoption of SaaS applications can accelerate business agility, they also introduce a new layer of complexity to data security. Managing SaaS security configurations and sensitive data stored within them is a growing challenge for CISOs.

Secure SaaS to SaaS Supply chain Today | Valence security

How Can I Best Proactively Secure My SaaS?

In this episode, Ron Eddings will explore the massive adaptation of SaaS applications and ways to tame the beast. Our guest Yoni Shohet, Co-Founder & CEO at Valence Security, will help provide insight into the capabilities of a SaaS Security Posture Management (SSPM) platform and best practices for implementing a SaaS security solution.

Securing Your SaaS and Cyber Influencer Networking

Ron Eddings sits down with Bob Horn, Chief Revenue Officer at Valence Security. Their conversation centers around the world of SaaS security, examining the current landscape and challenges in managing SaaS risks. Bob also shares...

Building Fast and Not Breaking Things

In this episode, Ron Eddings and guest Shlomi Matachin, Co-Founder & CTO at Valence Security, discuss how the hurdles and triumphs in the journey of establishing Valence Security resulted in a reduction in SaaS misconfigurations and vulnerabilities

Navigating the Security Maze of Distributed SaaS Applications and Devices

Listen to a panel discussion featuring cybersecurity experts from Valence, CrowdStrike, and Corelight, as they explore the latest security threats in a distributed SaaS and device landscape.

SaaS Security in the Golden Age of SaaS

Security Weekly interviews Yoni Shohet, co-founder and CEO of Valence Security, to understand why it has taken so long for SaaS Security products to come to market, what that market currently looks like, and what a SaaS Security product actually does.

Two Steps Forward for SaaS Adoption, One Step Back for SaaS Security

Watch Anna Sarnek's GoSec23 session, Two Steps Forward for SaaS Adoption, One Step Back for SaaS Security, on-demand. The presentation covers the complexity of today's SaaS Security landscape and the crucial steps you need to implement to reduce your cyber risk.

Creating a New Category in Security

How did Valence Security get started? Watch the Hub-scale podcast interview with Valence Security founder Yoni Shohet as they discuss how to carve out a new cybersecurity category, why SaaS security is important for customers, and more.

SaaS to SaaS Mesh, Shadow Integrations and Generative AI

Does your SaaS supply chain security awareness include shadow integrations? Learn about the SaaS-to-SaaS mesh and SaaS security posture management.

SaaS Security Challenges

Evgeniy Kharam, host of the Cyber Inspiration podcast, interviews Valence Security CEO and Co-founder Yoni Shohet on Valence and the challenges of SaaS security.

Leveraging Big Data to Measure Cyber Risk

5 cybersecurity professionals discuss how to apply big data solutions to help companies understand their risk, procure the right cyber insurance and minimize financial risk.

Remediate 3rd Party SaaS Risks

In this latest episode of Sales Bluebird, Yoni Shohet, our co-founder and CEO he goes into SaaS security concerns for organizations and sales challenges faced by salespeople

On-Demand Webcast: Collaborative SaaS Security Remediation

Yoni Shohet, CEO of Valence Security and Doug Graham, Chief Trust Officer of Lionbridge discuss the launch of the expanded Valence Collaborative SaaS Security Remediation Platform.

On-Demand Webcast – SaaS Security Insights for CISOs

In this 40 minute on-demand webcast, Ryan Gurney (YL Ventures), Demi Ben-Ari (Panorays), Sounil Yu (JupiterOne) and Yoni Shohet (Valence Security) discuss Valence's latest Shadow SaaS-to-SaaS Integration Report and its repercussions for CISOs' SaaS security strategies.

Valence Security in 3-Minutes: RSAC 2023 Innovation Sandbox Pitch

At the RSA Conference 2023 Innovation Sandbox competition, Valence Security CEO and CO-Founder Yoni Shohet presented a 3-minute overview of Valence Security entitled: "Removing the Mess From Your SaaS Mesh"

Remediating the Risks That Enable SaaS Supply Chain Attacks

Ron Gerber, CEO of Angelbeat, Interviews Yoni Shohet, CEO and Co-founder of Valence Security on the need to mitigate the risks that enable SaaS supply chain attacks during this 17 minute fireside chat.

TechStrongTV: API Integration Security

Yoni Shohet, Valence Security CEO and co-founder, discusses the results of their recent survey of CISOs on the state of SaaS-to-SaaS third-party integrations and current security best practices and the resulting 2022 Shadow SaaS-to-SaaS Integration Report.

Securing the Modern Mesh of Third-Party API Integrations

Our CEO, Yoni Shohet, gave a virtual presentation on ‘Securing the Modern Mesh of Third-Party API Integrations’ at the SANS Institute CloudSecNext Summit 2022!

Supply Chain API Attacks and the Origins of Valence Security

Yoni Shohet, CEO and Co-founder of Valence Security speaks with Andy Ellis, a highly respected security professional and currently Operating Partner at YL Ventures, on the main stage at the Cybertech 2022 event in Tel Aviv

Redefining Cybersecurity - Cybertech 2022 Panel

Yoni Shohet, CEO of Valence, participated in a panel discussion with two fellow Israeli cybersecurity entrepreneurs, Lior Yaari - CEO and Co-founder of Grip Security, and Liat Hayun - CEO and Co-founder of Eureka Security, where they each discussed our unique approaches to addressing urgent security challenges arising from the decentralization of the workplace.

On-Demand Webcast–Mitigating Third-party Integration Risks

Yoni Shohet, CEO of Valence, co-hosted a fascinating online discussion entitled, Managing SaaS-to-SaaS: How CISOs Can Mitigate Third-party Integration Risks, with two close colleagues and highly experienced CISOs

Interview With Sounil Yu, CISO & Head of Research at JupiterOne

At Cybertech Tel Aviv 2022 I chatted with Sounil Yu, CISO and Head of Research at JupiterOne, and author of the recently published “Cyber Defense Matrix: The Essential Guide to Navigating the Cybersecurity Landscape.”

GigaOm Radar Report for SaaS Security Posture Management (SSPM)

GigaOm recently recognized Valence Security as a Leader and Fast Mover in SaaS Security Posture Management (SSPM) for our ability to effectively manage SaaS configurations, security policies, and automated remediation.

GigaOm Radar Report for SaaS Security Posture Management (SSPM)

2024 State of SaaS Security Report

Read about significant SaaS breaches, and gain important insights into the prevalent SaaS risks surrounding distributed SaaS management, configuration complexity, sensitive data access and sharing, non-human identities and SaaS-to-SaaS integrations, emerging GenAI threats, and more

2024 State of SaaS Security Report

SaaS Security & Posture Management A Buyer's Guide

If you’re looking to invest in Saas Security, here’s the 2024 Buyer’s Guide that covers everything you need to know when buying an SSPM, including a checklist of critical features and capabilities.

SaaS Security & Posture Management A Buyer's Guide

Whitepaper: Contextualizing Supply Chain Risks in a SaaS Environment

This whitepaper provides insights into how security teams can contextualize SaaS supply chain risks.

Whitepaper: Contextualizing Supply Chain Risks in a SaaS Environment

This whitepaper provides insights into how security teams can contextualize SaaS supply chain risks.

2023 SaaS Security Trends & Insights

The 2023 SaaS Security Trends & Insights infographic details some of the more notable trends and challenges related to third-party SaaS applications, OAuth integrations, external data sharing and unmanaged identities.

2023 SaaS Security Trends & Insights

The 2023 Valence State of SaaS Security Report

The 2023 State of SaaS Security Report takes us through the rise of SaaS, to SaaS-based attacks, our own insights from our customers, and finally to our recommendations and predictions about where SaaS security is going.

The 2023 Valence State of SaaS Security Report

2022 Shadow SaaS-to-SaaS Integration Report

This 2022 SaaS security rreport covers key trends and challenges organizations face when trying to gain visibility and control over the growing and fast-changing world of SaaS-to-SaaS third-party integrations – known as the SaaS mesh.

2022 Shadow SaaS-to-SaaS Integration Report

The SaaS-to-SaaS Supply Chain Threat Landscape

Digital transformation and the democratization of IT has resulted in the rapid proliferation of unsanctioned integrations that place business critical SaaS apps at risk. This paper provides insights into what security teams should know about this challenge.

The SaaS-to-SaaS Supply Chain Threat Landscape

Valence Selected as 2023 SC Awards Finalists

SC Media announces that Valence Security is one of the 5 2023 SC Award Finalists for Most Promising Early-Stage Start Up.

Valence Announces MISA Membership

Valence Security is now a member of the Microsoft Intelligent Security Association (MISA), an ecosystem of independent software vendors and managed security service providers that have integrated their solutions with Microsoft's security technology to better defend against a world of increasing threats.

VentureBeat–With threats like Lapsus, security playbooks ‘go out the window’

VentureBeat Article: Lapsus$ has been responsible for a string of confirmed breaches over the past month, including against Nvidia, Samsung, Microsoft and a third-party Okta support provider.

Quantifying the SaaS Supply Chain and Its Risks

Organizations do not have good visibility into all the software-as-a-service applications that connect to and access data stored in core business.

The SaaS-to-SaaS supply chain is a wild, wild mess

Security teams cannot continue to ignore the pitfalls and challenges of this wild, wild mess of SaaS-to-SaaS supply chains

Latest Research!

2025 State of SaaS Security ReportUnderstanding SaaS Risks

Valence Threat Labs discovers, analyzes, and designs defenses against the latest SaaS security risks from misconfigurations, data sharing, identities and integrations.

Five Lessons Learned From the Okta Breach

Cloud Security - from IaaS to SaaS, from CNAPP to SSPM

Top Security Recommendations for SaaS Applications

Validate Cyber Insurance’s Preferred Security Controls in Your Critical SaaS

What Does Zero Trust Mean for SaaS Security?

Racking up Convenience Debt with SaaS Integrations

SaaS Misconfiguration Misconceptions Debunked

SaaS Identity and Employees: the Keys to Productivity and Breaches

Salesforce Best Practices When Using Named Credentials

External Data Sharing Is Out Of Control: But Does It Have to Be?

Exploring the Microsoft Storm-0558 SaaS Breach

Valence Joins Microsoft for Startups Pegasus Program

Detecting Risky Behavior with Microsoft and Valence

Valence Security ThreatLabs Alert: Salesforce Risk

The Digital Office Moved to SaaS

How Generative AI Benefits SaaS Security

3 out of 4 Employees Sidestep IT, Bring Their Own Tech

More SaaS Adoption → More SaaS Breaches

Introducing the Valence 2023 State of SaaS Security Report

CircleCI Says Hackers Stole Encryption Keys and Customers’ Secrets

Using SSPM to Start Resolving SaaS Security Issues

Cloudflare Hacked Following Okta Compromise

Offboarding: Don't Forget Third-party Non-human Identities

Empowering SaaS Incident Response with Valence and Microsoft Sentinel

Why Your SaaS Security Strategy Needs Automated Remediation

Taming the Wild West of SaaS Data Sharing

The Rising Threat of Consent Phishing: How OAuth Abuse Bypasses MFA

Taming the Beast: The 5 Essential Pillars of SaaS Security

Shining a Light on Shadow IT—Announcing Valence's SaaS Discovery Capabilities

SaaS Security and IaaS Security—Why You Need Both

SaaS OAuth Attack Leads to Widespread Browser Extension Breach

How to Choose the Best SaaS Security Platform

The Challenge of Distributed SaaS Management—Balancing Productivity and Security

SaaS Security Best Practices and Strategies for 2025

Key Risks of Software as a Service and How to Manage Them

Strengthening SaaS Applications with Secure Non-Human Identity Management

Elevating SaaS Security Posture Management: Key Strategies

2024 SaaS Security Breaches: Lessons Learned

Strengthening Cloud Security from SaaS to Infrastructure: Valence Joins WIN—Wiz Integration Network

SSPM and DSPM Better Together—Enriching SaaS Security Risk Management with Cyera’s Data Security Platform Classification and Contextualization

Escape the SaaS House of Horrors

Mitigating GenAI Risks in SaaS Applications

Lifecycle Management in SaaS Security: Navigating the Challenges and Risks

Why Application-Specific Passwords are a Security Risk in Google Workspace

Strengthening Your Third Party SaaS Risk Management with Valence and OneTrust

Understanding the Shared Responsibility Model in SaaS

The Danger of Sharing Files with “Anyone with the Link”: Examining a Risky Google Drive Misconfiguration

2024 State of SaaS Security Report Shows A Gap Between Security Team Confidence And Complexity of SaaS Risks

Discover How to Secure Your Business-Critical SaaS at RSA 2024

The Latest Microsoft Midnight Blizzard Breach is a Wakeup Call for SaaS Security

Combine CrowdStrike Falcon with Valence Security SSPM to Combat Endpoint-to-SaaS Threats

Valence Security Is a Proud Participant in the Microsoft Security Copilot Partner Private Preview

Gartner Emerging Tech Impact Radar Reports

Valence 2023 RSA Conference Survival Guide

IBM Cost of a Data Breach Report Confirms the Need to Immediately Remediate Supply Chain Risks

Valence Integrates With Azure AD to Reduce SaaS Supply Chain Risks By Enforcing Zero Trust Principles

The Mailchimp Breach Is Just The Latest Supply Chain Attack

CircleCI, LastPass, Okta, and Slack: Cyberattackers Pivot to Target Core Enterprise Tool

GitHub and Their Customers are the Latest Victims of Supply Chain Attacks

Valence Security Completes SOC 2 Type II Certification

Democratizing SaaS Security Remediation

Valence Security is an Innovation Sandbox Finalist

GitHub Accounts Breached…Again

The Most Overlooked Element in Most Organizations' Cybersecurity Strategy

2023 SaaS Management Index Report

Infographic: Major SaaS Security Breaches 2021-2022

Verizon 2022 DBIR Report: Supply Chain Attacks at Record High

Three Security Take-aways From The LAPSUS$ Breach of Okta

Mitigating Risk to Your SaaS Environment: Best Practices and Key Considerations

How Can I Best Proactively Secure My SaaS?

Securing Your SaaS and Cyber Influencer Networking

Building Fast and Not Breaking Things

Navigating the Security Maze of Distributed SaaS Applications and Devices

SaaS Security in the Golden Age of SaaS

Two Steps Forward for SaaS Adoption, One Step Back for SaaS Security

Creating a New Category in Security

SaaS to SaaS Mesh, Shadow Integrations and Generative AI

2025 State of SaaS Security Report
Understanding SaaS Risks