Tag: saas

WatchGuard Strengthens Cloud Detection With Perimeters Buy

May 8, 2026 12:48 AM

Tags: attack, cloud, detection, identity, saas, startup, threat

WatchGuard Aims to Reduce Alert Fatigue Through Telemetry Correlation. WatchGuard acquired SaaS security startup Perimeters to strengthen cloud detection and response capabilities spanning identity threat detection, cloud posture management and shadow IT discovery as enterprises face escalating attacks targeting cloud applications and distributed environments. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/watchguard-strengthens-cloud-detection-perimeters-buy-a-31630
Omada Identity stellt mit <> eigene Private-Cloud vor

May 7, 2026 5:48 PM

Tags: cloud, identity, microsoft, risk, saas

Omada Identity stellt ‘Omada Identity Cloud Private” für regulierte Unternehmen und Behörden vor. Die neue Bereitstellungsoption bietet regulierten Unternehmen und Regierungsorganisationen die gesamte Omada-Identity-Cloud-Plattform innerhalb ihres eigenen Microsoft-Azure-Tenants. Sie beseitigt damit den Kompromiss zwischen Cloud-nativer IGA und der Tenant-Eigentümerschaft, die ihre Prüfer, Aufsichtsbehörden und Risiko-Analysten erwarten. Kunden haben nun drei Möglichkeiten, Omada-Identity-Cloud zu nutzen: Multi-Tenant-SaaS,…
ESecurity-Spezialist Seppmail beruft neuen CEO und stärkt Fokus auf ESecurity und Data-Sovereignty

May 6, 2026 4:48 PM

Tags: ceo, data, mail, saas

Seppmail, ein führender Anbieter von Lösungen für sichere E-Mail-Kommunikation, startet mit einem neuen CEO in die nächste Wachstumsphase. Zum 15. April 2026 hat Marcus Zeidler die Position des Chief Executive Officer übernommen und tritt damit die Nachfolge von Gründer Stefan Klein an. Gemeinsam mit LEA Partners, einem führenden Partner für B2B-SaaS-Unternehmen, wird Seppmail den eingeschlagenen…
BlueVoyant Prepares SaaS Push Under New CEO John Hernandez

May 6, 2026 12:44 AM

Tags: ai, business, ceo, detection, microsoft, risk, saas, service, supply-chain

BlueVoyant Seeks to Expand Beyond MDR Clients Into Firms With Mature In-House SOCs. BlueVoyant named John Hernandez – the former leader of Quest’s Microsoft security business – as its next CEO to drive an agentic AI SaaS platform that expands the vendor beyond managed services and helps customers accelerate detection, response and supply-chain risk management.…
SaaS Identity Is the New Security Perimeter

May 4, 2026 8:49 PM

Tags: ai, identity, network, saas

Learn why SaaS identity, not the network, is now the true security perimeter in AI-driven environments. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/05/saas-identity-is-the-new-security-perimeter/
AI Security vs AI Governance Explained

May 4, 2026 8:49 PM

Tags: ai, governance, identity, saas

Understand the difference between AI security and AI governance and why both fail without identity and SaaS control. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/05/ai-security-vs-ai-governance-explained/
âš¡ Weekly Recap: AI-Powered Phishing, Android Spying Tool, Linux Exploit, GitHub RCE & More

May 4, 2026 6:48 PM

Tags: ai, android, breach, control, exploit, github, linux, open-source, phishing, rce, remote-code-execution, saas, tool

This week, the shadows moved faster than the patches.While most teams were still triaging last month’s alerts, attackers had already turned control panels into kill switches, kernels into open doors, and open-source pipelines into silent delivery systems.The game has shifted from breach to occupation. They’re living inside SaaS sessions, pushing code with trusted commits, and…
Security for AI: A strategic framework for closing the AI exposure gap

May 4, 2026 5:48 PM

Tags: access, ai, api, attack, breach, business, ciso, cloud, compliance, control, data, data-breach, detection, endpoint, exploit, flaw, framework, governance, identity, infrastructure, injection, jobs, least-privilege, LLM, malicious, microsoft, risk, risk-analysis, saas, service, software, threat, tool, unauthorized, vulnerability

As AI adoption accelerates, CISOs face a dual challenge: fueling innovation while mitigating the risks of a rapidly expanding attack surface. Tenable’s five-step framework for securing AI offers a systematic approach to reducing AI security risks as your organization races to achieve the productivity benefits of AI. Key takeaways Get a five-step framework to help…
Security for AI: A strategic framework for closing the AI exposure gap

May 4, 2026 5:48 PM

Tags: access, ai, api, attack, breach, business, ciso, cloud, compliance, control, data, data-breach, detection, endpoint, exploit, flaw, framework, governance, identity, infrastructure, injection, jobs, least-privilege, LLM, malicious, microsoft, risk, risk-analysis, saas, service, software, threat, tool, unauthorized, vulnerability

As AI adoption accelerates, CISOs face a dual challenge: fueling innovation while mitigating the risks of a rapidly expanding attack surface. Tenable’s five-step framework for securing AI offers a systematic approach to reducing AI security risks as your organization races to achieve the productivity benefits of AI. Key takeaways Get a five-step framework to help…
Webinar: Why MSPs must rethink security and backup strategies

May 4, 2026 2:49 PM

Tags: backup, breach, msp, resilience, saas, strategy

Security breaches don’t just test your defenses”, they test your recovery. Join Kaseya in our upcoming webinar to learn how MSPs strengthen resilience with SaaS backups and BCDR to stay operational after attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/webinar-why-msps-must-rethink-security-and-backup-strategies/
Ultimate Guide to PCI Compliance for SaaS Companies

May 3, 2026 12:48 PM

Tags: compliance, cybersecurity, fedramp, framework, guide, PCI, saas

While we talk a lot about governmental cybersecurity here on the Ignyte blog, programs like FedRAMP and CMMC are not the most common kind of security you’re likely to encounter. That honor goes to PCI DSS. PCI DSS is a security framework we all engage with on a near-daily basis. It’s the security framework used……
Cybercrime Groups Using Vishing and SSO Abuse in Rapid SaaS Extortion Attacks

May 1, 2026 5:39 PM

Tags: attack, cybercrime, cybersecurity, data, extortion, group, saas, theft

Cybersecurity researchers are warning of two cybercrime groups that are carrying out “rapid, high-impact attacks” operating almost within the confines of SaaS environments, while leaving minimal traces of their actions.The clusters, Cordial Spider (aka BlackFile, CL-CRI-1116, O-UNC-045, and UNC6671) and Snarky Spider (aka O-UNC-025 and UNC6661), have been attributed to high-speed data theft and First…
Networks of Browser Extensions Are Spyware in Disguise

May 1, 2026 9:39 AM

Tags: ai, attack, corporate, data, governance, intelligence, leak, network, privacy, saas, spyware

Modern browser extensions and ad blockers are legally collecting and reselling user data, including streaming habits and B2B sales intelligence, under the guise of “analytics.” This unregulated “legal spyware” creates massive security gaps as employees unwittingly leak corporate URLs, SaaS dashboards, and research activity to third-party databases. With the rise of AI-native browsers and personal…
‘Trivial’ exploit can give attackers root access to Linux kernel

May 1, 2026 5:39 AM

Tags: access, ai, attack, business, cloud, container, cve, data, exploit, flaw, github, gitlab, Hardware, incident response, iot, korea, kubernetes, linux, malware, monitoring, remote-code-execution, risk, risk-assessment, saas, sans, software, supply-chain, theft, threat, unauthorized, update, vulnerability

), which lets users easily obtain root access, there isn’t much CSOs can do, says Johannes Ullrich, dean of research at the SANS Institute, as long as they have monitoring for privilege escalation already in place.With root access, a threat actor can do anything to a system, from data theft to data erasure.”The CopyFail vulnerability…
The Top 3 Ways Criminals Use AI in Cyber Attacks

Apr 30, 2026 5:39 PM

Tags: ai, attack, cyber, risk, saas

AI-driven SaaS security risks grow fast. Here’s what to watch out for and how to prevent breaches. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/the-top-3-ways-criminals-use-ai-in-cyber-attacks/
Two new extortion crews are speedrunning the Scattered Spider playbook

Apr 30, 2026 5:39 PM

Tags: crowdstrike, data, extortion, group, phishing, saas, threat

CrowdStrike says The Com-affiliated threat groups are using voice phishing and fake SSO pages to break into SaaS environments and steal data fast for extortion. First seen on cyberscoop.com Jump to article: cyberscoop.com/crowdstrike-cordial-spider-snarky-spider-extortion-attacks/
Adaptive Security Leadership in an Expanding Threat Surface

Apr 30, 2026 5:39 AM

Tags: access, attack, automation, control, cyber, data, identity, least-privilege, resilience, risk, saas, service, technology, threat, zero-trust

Last week I joined fellow security leaders at CISO Inspire Summit North for a panel discussion on The Expanding Threat Surface: Adaptive Security Leadership for 2026 and Beyond. It was a timely discussion, because the challenge facing security leaders today is not simply more threats. It is more connections, more dependencies, and more complexity. Suppliers, SaaS, identities, automation…
Deploying SafePaaS for Oracle ERP Cloud: A 90″‘Day Blueprint to Strengthen Risk Management

Apr 29, 2026 4:39 PM

Tags: cloud, control, oracle, risk, risk-management, saas

This blueprint shows how an Oracle ERP Cloud customer deploys SafePaaS as an independent control layer and how it operates day to day once live. It is designed for complex, audit”‘intensive Oracle Cloud environments with multi”‘entity footprints, connected SaaS applications, recurring external audits, and growing pressure to prove that Oracle”‘generated evidence is complete, accurate, and……
Top AI-Powered Vendor Risk Management Platforms for SaaS Companies in 2026

Apr 29, 2026 11:38 AM

Tags: ai, risk, risk-management, saas, tool

Top AI-powered vendor risk platforms for SaaS companies in 2026, compare tools, features, and how to choose the… First seen on hackread.com Jump to article: hackread.com/ai-powered-vendor-risk-management-platforms-saas-companies-2026/
How a Long-Lived API Credential Let an AI Agent Delete Production Data

Apr 29, 2026 5:39 AM

Tags: ai, api, credentials, data, saas, software, startup, threat

4 min readWhat began as a routine staging task for a SaaS startup ended in a disaster that would have been unthinkable just months ago: an AI agent operating as a super insider threat and triggering a worst-case production failure. In a detailed X post, Jer Crane, founder of PocketOS, a software platform for the…
How a Long-Lived API Credential Let an AI Agent Delete Production Data

Apr 29, 2026 5:39 AM

Tags: ai, api, credentials, data, saas, software, startup, threat

4 min readWhat began as a routine staging task for a SaaS startup ended in a disaster that would have been unthinkable just months ago: an AI agent operating as a super insider threat and triggering a worst-case production failure. In a detailed X post, Jer Crane, founder of PocketOS, a software platform for the…
How a Long-Lived API Credential Let an AI Agent Delete Production Data

Apr 29, 2026 5:39 AM

Tags: ai, api, credentials, data, saas, software, startup, threat

4 min readWhat began as a routine staging task for a SaaS startup ended in a disaster that would have been unthinkable just months ago: an AI agent operating as a super insider threat and triggering a worst-case production failure. In a detailed X post, Jer Crane, founder of PocketOS, a software platform for the…
ClickUp Data Leak Exposes Enterprise Emails for Over a Year

Apr 29, 2026 12:39 AM

Tags: api, corporate, data, data-breach, email, government, leak, saas

A hardcoded ClickUp API key exposed hundreds of corporate and government emails for over a year, raising new SaaS security concerns. The post ClickUp Data Leak Exposes Enterprise Emails for Over a Year appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-clickup-api-key-email-exposure/
Securing RAG pipelines in enterprise SaaS

Apr 28, 2026 12:39 PM

Tags: access, ai, api, application-security, attack, breach, business, cloud, control, corporate, data, data-breach, defense, detection, email, encryption, finance, fintech, framework, GDPR, github, google, healthcare, iam, injection, intelligence, leak, LLM, malicious, metric, microsoft, monitoring, privacy, regulation, saas, service, sql, strategy, threat, tool, unauthorized, vulnerability, zero-trust

Zero-Click data exfiltration (Late 2025): The “EchoLeak” vulnerability demonstrated how attackers could use a specially crafted, unclicked email to manipulate Microsoft 365 Copilot’s massive enterprise RAG pipeline. The AI was tricked into retrieving and exfiltrating sensitive corporate data without any employee interaction.Vector database exposures (2024 2025): Several incidents involved exposed API keys for vector databases.…
Securing RAG pipelines in enterprise SaaS

Apr 28, 2026 12:39 PM

Tags: access, ai, api, application-security, attack, breach, business, cloud, control, corporate, data, data-breach, defense, detection, email, encryption, finance, fintech, framework, GDPR, github, google, healthcare, iam, injection, intelligence, leak, LLM, malicious, metric, microsoft, monitoring, privacy, regulation, saas, service, sql, strategy, threat, tool, unauthorized, vulnerability, zero-trust

Zero-Click data exfiltration (Late 2025): The “EchoLeak” vulnerability demonstrated how attackers could use a specially crafted, unclicked email to manipulate Microsoft 365 Copilot’s massive enterprise RAG pipeline. The AI was tricked into retrieving and exfiltrating sensitive corporate data without any employee interaction.Vector database exposures (2024 2025): Several incidents involved exposed API keys for vector databases.…
12 Signs Your SaaS Product Isn’t Enterprise-Ready (and How to Fix Each)

Apr 28, 2026 7:39 AM

Tags: saas, soc

Not sure if your SaaS is enterprise-ready? Score yourself on 12 signs procurement teams check, SSO, SCIM, SOC 2, audit logs, and more. Includes a team scorecard. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/12-signs-your-saas-product-isnt-enterprise-ready-and-how-to-fix-each/
12 Signs Your SaaS Product Isn’t Enterprise-Ready (and How to Fix Each)

Apr 28, 2026 7:39 AM

Tags: saas, soc

Not sure if your SaaS is enterprise-ready? Score yourself on 12 signs procurement teams check, SSO, SCIM, SOC 2, audit logs, and more. Includes a team scorecard. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/12-signs-your-saas-product-isnt-enterprise-ready-and-how-to-fix-each/
12 Signs Your SaaS Product Isn’t Enterprise-Ready (and How to Fix Each)

Apr 28, 2026 7:39 AM

Tags: saas, soc

Not sure if your SaaS is enterprise-ready? Score yourself on 12 signs procurement teams check, SSO, SCIM, SOC 2, audit logs, and more. Includes a team scorecard. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/12-signs-your-saas-product-isnt-enterprise-ready-and-how-to-fix-each/
Claude Opus 4.6-Powered AI Coding Agent Wipes Production Database in 9 Seconds

Apr 28, 2026 7:39 AM

Tags: access, ai, backup, breach, cyber, data, data-breach, infrastructure, saas, software, startup

A Claude Opus 4.6-powered AI coding agent operating through the Cursor editor autonomously deleted the production database and backups of SaaS startup PocketOS in just nine seconds. The incident highlights critical security failures in AI guardrails and infrastructure access controls. The Nine-Second Data Breach Jer Crane, founder of automotive software platform PocketOS, reported that the…
Von Air-Gapped bis zur Private-Cloud Wie man Sicherheitsmaßnahmen der Umgebung anpasst

Apr 27, 2026 3:39 PM

Tags: cloud, governance, infrastructure, saas

Viele Cloud-Sicherheitsplattformen verfolgen einen Einheitsansatz: Sie setzen ein vollständig vernetztes, SaaS-basiertes Betriebsmodell voraus, das immer online ist. Die Realität sieht jedoch anders aus. Datenhoheit, regulatorische Vorgaben und interne Governance-Richtlinien bestimmen weltweit, wie Unternehmen ihre Infrastruktur aufstellen und diese technologische Realität ist alles andere als uniform. Private Clouds, lokale Rechenzentren und vollständig isolierte Systeme sind keine…