Untying the Gordian Knot: Making Sense of SaaS App Permissions Models

Presented by

Alec Peiffer, Head of AO Labs and Joseph Thacker, Sr. Offensive Security Engineer at AO Labs

About this talk

Proper permissioning is foundational to secure implementation and administration of SaaS applications. Customer demand and vendors build fine-grained and highly flexible permissioning models but inadvertently make understanding who exactly has access to what extraordinarily difficult. Compounding this challenge is each app’s unique approach to permissioning, and even apps that appear to have similar models often differ in nuanced but meaningful ways. Multiply this situation by hundreds of apps in an enterprise portfolio and you understand why applying and maintaining effective permissions is nearly impossible for today's app owners and security team. Join AO Labs and it’s SaaS security experts to understand the realities of modern SaaS permissioning, its challenges, possible attack vectors, and ways you can protect your organization.
Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (15)
Subscribers (305)
AppOmni is the leading provider of enterprise level SaaS security. Its patented technology continuously scans APIs, security controls, and configuration settings to compare the current state of enterprise SaaS deployments against best practices and business intent. AppOmni was founded by top security practitioners and is trusted by many of the world's largest enterprises across technology, healthcare, banking, and security. For more information, please visit https://appomni.com.