Name: Understanding and Protecting your SaaS Attack Surface - Threat Briefing Analysis
Start: 2024-10-17T15:00:00Z
End: 2024-10-17T15:00:46.000Z
Location: BrightTALK
Rating: 5

AppOmni is the leading provider of enterprise level SaaS security. Its patented technology continuously scans APIs, security controls, and configuration settings to compare the current state of enterprise SaaS deployments against best practices and business intent. AppOmni was founded by top security practitioners and is trusted by many of the world's largest enterprises across technology, healthcare, banking, and security. For more information, please visit https://appomni.com.

FedRAMP Readiness: Accelerating Compliance in the Cloud

Federal buyers, integrators, and regulated enterprises are moving rapidly to SaaS and hybrid cloud — but compliance is slowing them down. In this session, Cisco and AppOmni will walk through how to operationalize FedRAMP readiness faster by combining SaaS posture intelligence with Secure Access controls, continuous identity validation, and evidence-based security monitoring.

We’ll break down how to reduce assessment friction, close configuration gaps sooner, and maintain continuous authorization — without slowing cloud adoption.

FedRAMP Readiness: Accelerating Compliance in the Cloud

UZTNA in Action: Customer Use Cases & Integration Best Practices

Zero Trust Network Access becomes truly impactful when it’s operationalized against real-world threats, workflows, and user journeys. In this session, Cisco and AppOmni will walk through live customer use cases that demonstrate how Unified ZTNA is being deployed to secure access across SaaS, private apps, and hybrid environments — and what patterns consistently lead to faster time-to-value.

We’ll share integration lessons learned, common architecture decisions, identity posture considerations, and practical best practices that accelerate deployment success.

This session is designed for practitioners who want to see how modern ZTNA is actually being used in the field — not just what the architecture looks like on paper.

Unified ZTNA in Action: Customer Use Cases & Integration Best Practices

FedRAMP for Secure Access Architects: Lessons from the Field

FedRAMP is more than a checklist — it is an operational discipline across identity, access, configuration hygiene, and continuous authorization. In this session, Cisco and AppOmni bring forward real-world lessons from the field on how Secure Access architects are accelerating FedRAMP readiness across hybrid and SaaS environments.

We’ll unpack the patterns that reduce authorization friction, common posture gaps that delay ATO, and the architectural decisions that make continuous monitoring sustainable. This is a practitioner-level conversation focused on what actually works — not just what the standard says.

FedRAMP for Secure Access Architects: Lessons from the Field

Recent high profile SaaS breaches have brought attention to SaaS as the new enterprise attack surface. For many organizations, SaaS is dangerously under-defended. Threat actors like UNC6040 (Scattered Spider) and UNC6395 (GRUB1) are actively exploiting SaaS users, misconfigurations, unmaintained third-party integrations, and gaps in monitoring to gain persistent access to business-critical SaaS platforms like Salesforce, ServiceNow, M365, and Okta. Traditional tools often miss these attacks entirely, leaving security teams blind to activity happening beyond the endpoint.

Join AppOmni’s security team for a deep dive into how leading security practitioners are rethinking SaaS security. We’ll unpack lessons from real-world incidents, explore how attackers are compromising organizations and share actionable strategies to reduce risk and improve visibility. 

You will learn:
How the attack surface has changed
Weaknesses in your SaaS estate that attackers are exploiting
TTPs being used by threat actors like UNC6040 (Scattered Spider)  and UNC6395 (GRUB1)
The proactive countermeasures that can disrupt these kill chains early
Detection and response strategies that are needed to stop attackers

Whether you’re in financial services, healthcare, high tech, retail, or government, this session will equip you with the mindset and methods to secure your SaaS estate.

Defending Your SaaS Apps Against Scattered Spider, ShinyHunters, and UNC6395

In today’s digital landscape, organizations rely on SaaS applications for nearly every business function. But these tools also expose sensitive data to new risks. In this 20 minute session, we’ll introduce you to AppOmni, the platform designed to reduce SaaS data exposure, detect threats, and prevent data breaches. Through a high-level overview of common security gaps in SaaS environments, we’ll show how AppOmni gives you full visibility into your SaaS apps, identifies potential vulnerabilities, and empowers you to protect your data at scale. This is your opportunity to learn how to proactively secure your SaaS ecosystem with AppOmni’s SaaS security platform.

Key Takeaways:
-The critical security risks posed by SaaS applications and why traditional security tools fall short
-How AppOmni helps you secure your data across popular SaaS platforms like Microsoft 365, Salesforce, and more
-An introduction to AppOmni's approach for detecting threats and minimizing exposure across your SaaS environment

Securing Your SaaS: How AppOmni Mitigates SaaS Risks and Protects Data

In the era of SaaS-first operations, the biggest risks are often the ones you don’t see until it’s too late. Data exposure in SaaS environments is rarely the result of a single failure. More often, it stems from a lack of visibility into configurations, access permissions, and third-party integrations that silently expand your attack surface.
In this 20-minute webinar, we’ll explore the most common causes of SaaS data exposure and how organizations can get ahead of them with greater context and control. We’ll cover:

Misconfigurations and Overexposure – How overly broad sharing settings and default configurations put sensitive data at risk.

Shadow SaaS and Third-Party Access – Why unmonitored integrations and forgotten apps are a growing blind spot.

Identity and Access Gaps – What happens when internal access isn't aligned with the principle of least privilege.

We’ll show how AppOmni provides the visibility and intelligence needed to identify risks before data is exposed. From automated policy enforcement to real-time monitoring of SaaS environments, learn how to close critical gaps and build a proactive data protection strategy.

Navigating SaaS Misconfigurations: Control Drift, Risk Less with AppOmni

What if the biggest threat to your data wasn’t a breach—but your own SaaS configurations?

In this fast-paced session, AppOmni experts pull back the curtain on how SaaS data exposure actually happens. Spoiler: attackers often don’t need to break in—the front door is wide open.

You’ll learn:

The front door is actually open – attackers don’t need to hack in when data is already exposed

SaaS apps evolve faster than your team can keep up – creating dangerous misconfigurations

Not just humans, but non-human identities – APIs, integrations, and service accounts are exposing your data

Each SaaS app is its own castle – different configs, different blind spots, same risk

If you're in security, IT, or risk, and you're tired of playing catch-up with your SaaS stack, this session will show you how to reduce exposure—without slowing down innovation.

Navigating SaaS Data Exposure | Embrace SaaS, Risk Less with AppOmni

In today’s fast-paced digital landscape, the attack chain for SaaS applications is both condensed and faster than ever before. Cybercriminals are evolving, finding quicker, more efficient ways to breach your systems, and SaaS platforms are prime targets. In this 20-minute webinar, we’ll break down why SaaS attacks are different and some examples of what we are seeing and how to block them…things like:

Brute Force and Password Spraying – The first line of attack is often the simplest, but it’s still incredibly effective.

Bypassing SSE (Security Service Edge) – Hackers exploit gaps in security to bypass critical protections.

New Access and OAuth Exploits – Once inside, attackers move quickly to establish new access, often by exploiting OAuth vulnerabilities.

Exfiltration – The final step is data exfiltration, where sensitive information is stolen for profit or destruction.

Join us as we discuss how AppOmni can help mitigate risks across each stage of this attack chain, empowering organizations to better defend their SaaS applications from end to end. We’ll highlight strategies for detecting threats early, implementing proactive security measures, and securing your entire attack surface.

Navigating the SaaS Attack Chain: Mitigating Risks with AppOmni

SaaS is the new enterprise backbone, and attackers know it. Are your security strategies keeping pace with this rapidly evolving landscape and the rise of AI? Join former Global Financial Services CISO, Oli Newbury, and AppOmni's security experts to gain critical insights into securing your SaaS applications and the business-critical data that they store and process. Discover why traditional defenses fall short and how to build a robust security program where it matters most.

Key Takeaways:

SaaS as the New Attack Surface: Understand why and how attackers are shifting focus to your SaaS applications.

Combatting Configuration Drift: Learn why continuous monitoring is vital to prevent vulnerabilities in highly configurable SaaS environments.

AI Security is SaaS Security: Grasp the interconnectedness of AI adoption and the foundational need for strong SaaS security.

Strategic Security Ownership: Clarify shared responsibilities and the importance of cross-functional alignment for effective SaaS security.

Building a Scalable Program: Discover how to prioritize and operationalize your SaaS security journey for maximum impact.

Lessons in Securing SaaS for Regulated Enterprises: CISO Mindset

Achieved ROI in 90 Days:
Learn how a financial services client remediated 65 misconfigurations, cut manual remediation by 40%, and realized measurable ROI—within just three months.
Join BluOcean Cyber and AppOmni for an engaging fireside chat on how to turn sprawling SaaS environments into secure, compliant, and cost-efficient ecosystems. We’ll walk through a real-world success story and share the frameworks, tools, and lessons that helped transform reactive security into a strategic advantage.
Whether you’re navigating SaaS sprawl or building a stronger security strategy, this session delivers insights you can act on immediately.

Key Takeaways
Why SaaS Security is the Blind Spot in Most Enterprises: Many organizations rely on tedious manual checks or SSE/CASB solutions that are bypassed, leaving SaaS data poorly securedbut overlook the depth of visibility needed for SaaS environments.


Automation Reduces Noise: Discover how automated alert triaging and remediation helped reduce alert fatigue by 36%, enabling teams to focus on critical risks.


Collaboration Drives Results: The joint approach between BluOcean and AppOmni delivered fast, scalable impact—including the integration of 10+ business-critical apps.

Turning SaaS Sprawl into Strategic Strength:Lessons with AppOmni & BluOcean Cyber

SaaS is powering your business. But is it also exposing it?

Despite record-high confidence in SaaS security, 75% of organizations experienced a SaaS-related incident last year—a 33% spike over 2024. Even more alarming? 89% of those breached thought they had “appropriate visibility” at the time.

This isn’t a gap. It’s a gulf between perception and protection.

Join AppOmni’s CMO Chandra Sekar and Chief Customer Officer Allan Kristensen, alongside moderator Chad Knipschild, as they unpack key findings from the 2025 State of SaaS Security Report—and what they mean for the year ahead.

In this fireside-style conversation, we’ll cover:
-AI as the new identity layer—why AI agents may be your next insider threat
-Confidence ≠ control—and why visibility without action is leaving teams exposed
-Why point-in-time audits are failing in environments that change daily and why continuous monitoring has become a SaaS security cornerstone.
-How fractured ownership leads to real-world risk—and what the best orgs do differently
-The 80/20 rule of SaaS risks—and why securing everything at once isn’t the answer

If your monitoring pauses while risk continues, if non-human identities are multiplying faster than your controls, if SaaS security is “everyone’s job” but no one’s responsibility—this session is your wake-up call.

Register now to get an insider look at the data—and early access to the full 2025 report.

The State of SaaS Security 2025 | The top SaaS & AI threats, risk patterns, and investment priorities

What if the biggest threat to your data wasn’t a breach—but your own SaaS configurations?

In this fast-paced session, AppOmni experts pull back the curtain on how SaaS data exposure actually happens. Spoiler: attackers often don’t need to break in—the front door is wide open.

You’ll learn:

The front door is actually open – attackers don’t need to target your apps when data is already exposed

SaaS apps evolve faster than your team can keep up – creating dangerous misconfigurations

Not just humans, but non-human identities – APIs, integrations, and service accounts are exposing your data

Each SaaS app is its own castle – different configs, different blind spots, same risk

If you're in security, IT, or risk, and you're tired of playing catch-up with your SaaS stack, this session will show you how to reduce exposure—without slowing down innovation.

Salesforce industry clouds low-code OmniStudio components introduce unique architectural complexities and a nuanced attack surface that demands rigorous security scrutiny. This technical deep-dive will explore original research by Aaron Costello, including recently disclosed 0-days and misconfigurations within Data Mappers, FlexCards, Integration Procedures, and other components.

In this webinar, Aaron will discuss his new findings to include:

-CVE Breakdown: Delve into the root causes and exploit mechanics of five new CVEs (CVE-2025-43697, CVE-2025-43698, CVE-2025-43699, CVE-2025-43700, CVE-2025-43701) impacting Data Mappers and FlexCards.

-Identifying misconfigurations: A walkthrough of critical risks rooted in OmniStudio's default behaviors and settings.

-Defensive strategies: Discussion of identifying, monitoring, and mitigating SaaS risks like data exposures and over permissions.

Salesforce Industry Clouds: New Vulnerabilities and Misconfigurations

SaaS security is constantly evolving — and staying ahead of threats like MFA misconfigurations is critical. 

In this episode of AppOmni Security Slice, learn how to use AppOmni’s Posture Findings and expert-built Insights to identify users without MFA, triage risks, and remediate issues efficiently across environments like Google Workspace.

⚙ Discover security gaps
⚙ Customize your triage workflow
⚙ Assign findings and track remediation
⚙ Stay current on the latest SaaS security research

Watch now and take control of your SaaS security posture.

How Can I Stay Ahead of SaaS Threats? AppOmni's Posture Findings Can Help.

Misconfigured SaaS settings can lead to security gaps, failed audits, and compliance risks. In this episode of AppOmni Security Slice, we’ll walk through how to operationalize compliance by:

⚙ Filtering policy violations to prioritize on critical risks
⚙ Reviewing and resolving misconfigurations
⚙ Tracking violations with ServiceNow or Jira
⚙ Mapping security policies to compliance frameworks like NIST, SOC 2, and ISO 27001

Learn how to enforce policies efficiently and keep your SaaS environment secure.

How Can You Simplify SaaS Compliance and Avoid Audit Failures?

SaaS is the operating system of business - organizations have come to rely on their SaaS applications to conduct business. But SaaS also now represents one of the largest attack surfaces that businesses have to defend. Why has SaaS become the new battleground in cybersecurity and how are attacks happening?  

Join AppOmni security researchers on this webinar to learn more about the SaaS threat landscape. You will learn: 
- What the modern SaaS attack surface and kill chain look like
- What Threat Actors are going after SaaS?
- Why are the attackers winning?
- What are the common TTPs in SaaS attacks
- Effective controls to reduce the likelihood of Threat Actor success

The webinar will also discuss the key aspects of how to construct a SaaS security program to gain control over your SaaS estate.

Presented by: 
Cory Michal, Vice President, Security & IT
Harold Byun, Chief Product Officer, AppOmni

Understanding and Protecting your SaaS Attack Surface - Threat Briefing Analysis

SaaS

SaaS Security

Data Security

Threat Analysis

Data Breach

Cybersecurity

Information Security

IT Security

Cyber Attacks

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Understanding and Protecting your SaaS Attack Surface - Threat Briefing Analysis

Presented by

About this talk

AppOmni