Name: SCuBA in Focus – Strengthening SaaS Security for Federal Agencies
Start: 2025-03-20T15:00:00Z
End: 2025-03-20T15:00:41.000Z
Location: BrightTALK
Rating: 5

AppOmni is the leading provider of enterprise level SaaS security. Its patented technology continuously scans APIs, security controls, and configuration settings to compare the current state of enterprise SaaS deployments against best practices and business intent. AppOmni was founded by top security practitioners and is trusted by many of the world's largest enterprises across technology, healthcare, banking, and security. For more information, please visit https://appomni.com.

Join us for an exclusive fireside chat with CTO and GigaOm Analyst Paul Stringfellow and AppOmni Chief Customer Officer Allan Kristensen as they delve into the critical role of SaaS Security Posture Management (SSPM) in today’s complex SaaS ecosystem. 

Gain practical insights into addressing challenges such as misconfigurations, data leaks, and limited visibility in third-party apps. Learn how adopting proactive SSPM strategies can enhance security, support compliance, and prepare your organization for the evolving SaaS security landscape.

Key Takeaways:
-Tackle key SaaS security challenges: Learn how SSPM reduces risks like misconfigurations and data leaks.
-Insights from GigaOm’s SSPM Radar: Discover top solutions to streamline SaaS security and compliance.
-Future-proof your SaaS security: Explore trends and strategies to prepare for emerging threats.

Navigating SaaS Security: Fireside chat with GigaOm and AppOmni

AppOmni’s Chief of SaaS Security Research, Aaron Costello, shares a demo on his research on ServiceNow’s recent KB data exposure with cybersecurity researcher, educator, and content creator, John Hammond.
They also discussed: how attackers exploit vulnerabilities in SaaS (1) through creation of unauthorized privileged users and (2) by maintaining persistent access through hooks & automated scripts. Aaron also emphasizes the importance of collaboration between security researchers and SaaS vendors. Tune in!

Interview with Cybersecurity Researcher, John Hammond

Business-critical SaaS applications are prime targets for cyberattacks due to the sensitive data they handle. The State of SaaS Security Report 2024 found that high-profile data breaches have shaken organizations’ confidence, moving SaaS security into one of the top three priorities for 67% of organizations.

Join AppOmni and Forrester for a webinar on the future of SaaS security. Our guest speaker, Forrester Vice President, Principal Analyst, Andras Cser, will share key insights on the risks and trends shaping the SaaS security landscape as we move into 2025. Explore lessons from recent breaches, uncover attack patterns, and dive into emerging threats and compliance challenges organizations must address to secure their environments.

Chandra Sekar, CMO of AppOmni, will lead a dynamic discussion with Andras, offering actionable takeaways for security leaders on how to safeguard their SaaS environments and stay ahead of evolving risks, including the impact of Gen AI in 2025.

Don’t miss this opportunity to hear from one of the industry’s leading analysts.

Securing SaaS - Lessons, Trends, and Strategies for 2025 with Guest Forrester

In today’s digital landscape, organizations rely on SaaS applications for nearly every business function. But these tools also expose sensitive data to new risks. In this 20 minute session, we’ll introduce you to AppOmni, the platform designed to reduce SaaS data exposure, detect threats, and prevent data breaches. Through a high-level overview of common security gaps in SaaS environments, we’ll show how AppOmni gives you full visibility into your SaaS apps, identifies potential vulnerabilities, and empowers you to protect your data at scale. This is your opportunity to learn how to proactively secure your SaaS ecosystem with AppOmni’s SaaS security platform.

Key Takeaways:
-The critical security risks posed by SaaS applications and why traditional security tools fall short
-How AppOmni helps you secure your data across popular SaaS platforms like Microsoft 365, Salesforce, and more
-An introduction to AppOmni's approach for detecting threats and minimizing exposure across your SaaS environment

How AppOmni Mitigates SaaS Risks and Protects Data

In today’s digital landscape, organizations rely on SaaS applications for nearly every business function. But these tools also expose sensitive data to new risks. In this 20 minute session, we’ll introduce you to AppOmni, the platform designed to reduce SaaS data exposure, detect threats, and prevent data breaches. Through a high-level overview of common security gaps in SaaS environments, we’ll show how AppOmni gives you full visibility into your SaaS apps, identifies potential vulnerabilities, and empowers you to protect your data at scale. This is your opportunity to learn how to proactively secure your SaaS ecosystem with AppOmni’s SaaS security platform.

Key Takeaways

-The critical security risks posed by SaaS applications and why traditional security tools fall short
-How AppOmni helps you secure your data across popular SaaS platforms like Microsoft 365, Salesforce, and more
-An introduction to AppOmni’s approach for detecting threats and minimizing exposure across your SaaS environment

Securing Your SaaS

Securing Your SaaS: How AppOmni Mitigates SaaS Risks and Protects Data

The composition of cloud services includes, IaaS, PaaS, and SaaS.  Recent market adoption of cloud security measures has been focused on the large-scale IaaS and PaaS vendors.  Meanwhile, with the explosion of business-critical SaaS applications, we find massive amounts of data including client and sensitive data reside in these SaaS systems.  The security teams remain unaware of the cyber risks that insecure SaaS and associated data represents. This risk blindness is largely due to the lack of cyber risk observability into critical SaaS apps. Many security risks in SaaS applications are not all that different than IaaS and PaaS services and center on misconfiguration, yet implementing security solutions to address them can require specific consideration based on the heterogeneity of SaaS apps.  

Come hear from industry experts from KPMG Canada and AppOmni to understand the commonalities of SaaS cybersecurity with other key cloud security use cases. Also learn best practice on how to mitigate the leading cyber threats facing SaaS, including end-user misconfiguration risk and the risk of an over-privileged data compromise.

SaaS Application Security | The Missing Component of Cyber Risk in the Cloud

SaaS applications store sensitive data for everyday operations, but their complexity creates visibility and control challenges for security and app teams. Join us for a practical session where we’ll guide you from foundational steps to advanced strategies for securing your SaaS environments.

Why Attend? Learn:

Walk: How to identify and address common SaaS security risks and vulnerabilities

Run: Building visibility and control with tailored security metrics, and tracking your security posture

Fly: Leveraging AI and innovative strategies to proactively prevent breaches and optimize security

Get the right strategies for every stage of your SaaS security journey. Sign up now to learn how to secure your digital vault and elevate your SaaS security approach!

The Walk, Run, Fly Approach to SaaS Security

SaaS breaches are on the rise—how prepared is your organization? Join us for a concise 30-minute webinar, "Pop, Lock, & Stop It," where you’ll learn how to proactively protect your critical SaaS applications and prevent breaches before they impact your business.

Why Attend? Learn to:

- Prioritize and Secure Key SaaS Apps: Learn how to assess and secure applications that pose the greatest risk, ensuring your focus is where it matters most.
- Build a Layered Defense Strategy: Explore effective approaches to integrating identity management and continuous monitoring across SaaS platforms.
- Strengthen Team Collaboration: Discover best practices for seamless collaboration between security and IT teams, leveraging shared insights and visibility to respond faster to vulnerabilities.

Pop, Lock, & Stop It | Building a program to stop SaaS breaches

SaaS is the operating system of business - organizations have come to rely on their SaaS applications to conduct business. But SaaS also now represents one of the largest attack surfaces that businesses have to defend. Why has SaaS become the new battleground in cybersecurity and how are attacks happening?  

Join AppOmni security researchers on this webinar to learn more about the SaaS threat landscape. You will learn: 
- What the modern SaaS attack surface and kill chain look like
- What Threat Actors are going after SaaS?
- Why are the attackers winning?
- What are the common TTPs in SaaS attacks
- Effective controls to reduce the likelihood of Threat Actor success

The webinar will also discuss the key aspects of how to construct a SaaS security program to gain control over your SaaS estate.

Presented by: 
Cory Michal, Vice President, Security & IT
Harold Byun, Chief Product Officer, AppOmni

Understanding and Protecting your SaaS Attack Surface - Threat Briefing Analysis

As organizations increasingly shift to SaaS applications, traditional security models struggle to protect critical assets such as user data, intellectual property, and IP. In this 30-minute webinar, we'll explore the essential foundations of SaaS security, uncover the gaps in traditional security approaches, and highlight the complexities of managing a sprawling SaaS ecosystem. We'll also introduce AppOmni's Centralized Security Platform and demonstrate how to advance from manual processes to automated security nirvana. Join us to learn how to navigate the challenges and enhance your SaaS security posture.

You will Learn:
- The limitations of traditional security in protecting the crown jewels in a SaaS landscape
- Addressing the expertise gap in managing numerous SaaS applications
- Overcoming complexity challenges with inconsistent security features across SaaS apps
- Managing the upkeep tax associated with constant SaaS updates and changes
- The impact of varying standards across SaaS providers on security practices
- How to evolve from manual security practices to automated solutions with AppOmni

Don’t miss this opportunity to elevate your SaaS security strategy. Register now to gain actionable insights and start your journey toward enhancing SaaS security!

SaaS Security | Core Areas and the Maturity Curve

The ubiquitous use of SaaS products has fundamentally changed the modern organization's attack surface. Organizations have moved critical business processes to SaaS tenants in search of agility, scalability and efficiency. In many cases, appropriate security controls have not followed. Attackers understand this change in attack surface and are increasingly taking advantage of the opportunity by targeting and breaching organizational SaaS tenants.

This talk will primarily focus on novel research of threat actor activity on one of the largest collections of disparate SaaS log data in the world. The presenter will detail a variety of real world SaaS tenant attacks observed in the wild by known and unknown threat actors and discuss associated TTPs and IoCs. In addition to attack research data, we'll provide historical context to understand how we've arrived in this situation and propose mitigation strategies to protect organizations from these attacks.

Modern Kill Chains: Real World SaaS Attacks and Mitigation Strategies

The proliferation of SaaS has led to an increase in both sophisticated and opportunistic attacks targeting SaaS vendors and end-customers alike.
Furthermore, ZTNA, SASE and Identity-based security strategies can be effective at establishing secure access channels to applications, but organizations cannot rely on these alone to establish their Zero Trust architecture.

Join this webinar where we’ll discuss:

The complexities of effectively hardening multiple large-scale SaaS deployments
How the traditional kill chain applies to SaaS, and the challenges SOC teams face
How SaaS Security Posture Management (SSPM) can be incorporated into existing security programmes like Zero Trust and CTEM

Securing SaaS in the era of Zero Trust

CISA’s Secure Cloud Business Applications (SCuBA) guidance is a game-changer for SaaS security in federal agencies, setting new expectations for risk management and compliance. With key deadlines approaching, agencies must ensure they have the right strategies in place.

Join us as we discuss:
-The evolving SaaS security challenges facing federal agencies.
-Key milestones of BOD 25-01 and their impact on compliance.
-How SCuBA affects both federal cybersecurity teams and SaaS vendors.
-What questions organizations need to ask to find compliance gaps.
-How AppOmni helps agencies achieve continuous compliance and security.

SCuBA in Focus – Strengthening SaaS Security for Federal Agencies

SaaS

SaaS Security

SSPM

Cloud Security

AppOmni

SCuBA

Federal Government

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

SCuBA in Focus – Strengthening SaaS Security for Federal Agencies

Presented by

About this talk

More from this channel