Name: Defending Against Supply Chain Attacks
Start: 2023-06-21T17:00:00Z
End: 2023-06-21T17:00:18.000Z
Location: BrightTALK

If you are interested in SaaS Data Security, you've come to the right channel. We discuss the issues, the use cases and the solutions that companies are facing when trying to keep their SaaS data secure. Whether it be shared documents in Google Drive or in Slack, or any SaaS Applications, DoControl gives organizations the automated, self-service tools they need for SaaS applications data access monitoring, orchestration, and remediation. We take a unique, customer-focused approach to the challenge of labor-intensive security risk management and data exfiltration prevention in popular SaaS applications. 

DoControl, SADA, An Insight company, & DigitalOcean are teaming up for a live session on how to future-proof your Google Workspace security strategy in the age of GenAI.

Protecting Google Workspace in the Age of AI

Meet Terry O'Daniel, a renowned security leader who has worked at the likes of Netflix, Instacart, and others, to discuss recent trends and how to enable security controls without hindering business productivity.

The Breach Seat - Terry O'Daniel

Meet Chris Honda, Manager of Risk & Compliance at Plotly, to discuss how AI is shaping the role of security practitioners and leaders going into 2026.

The Breach Seat - Chris Honda, Plotly

An employee shares a sensitive file in Google Drive - maybe it’s a financial report, a product roadmap, or your GTM playbook.

They choose “Anyone with the Link” sharing permissions to speed things up & send it to their team in Slack, which includes employees, contractors, and interns.  

Three weeks later, that same link is indexed on Google. Internal data is exposed, and that file ends up in the hands of a competitor. 

No one knew. No one got an alert. And no one knows what its about to cost.  

This is data exfiltration in the SaaS era - whether it’s from wide sharing permissions, insider threats, careless behavior, or shadow IT gaining access. It’s silent, it’s common, and it’s expensive.

Join our eye-opening 30 minute webinar where we’ll cover how to spot your biggest threats, + how to measure what those risks are really costing your organization.

Top SaaS Exposures: Understanding How to Quantify Your Risk

90% of organizations have had an identity related attack within the past year. 

Most attacks, breaches, and security incidents are identity-initiated since they use the identities of internal users. Thanks to the surge of identities across SaaS apps, identity-based attacks are increasingly becoming a major threat to organizations. 

Learn the essential elements of ITDR, how to identify potential threats, implement effective detection methods, and develop mitigation strategies to enhance your organization's security posture.

Google Workspace Security Series: Unmasking and Mitigating Identity Threats

Anytime an employee logs in to a website and clicks ‘Continue with Google’, they are opening the door to a thousand security risks.

Shadow apps—also known as third-party OAuth apps—connect to your business’s cloud environment, often without IT oversight. With a single authorization click, employees can unknowingly grant access to sensitive company data, creating major security vulnerabilities.

Learn how to uncover these risks, quantify the exposure, and remediate both historical and future threats.

Google Workspace Security Series: How to Control Risky Third Party Applications

Sharing documents in Google drive is essential for business productivity—but how do you ensure personally identifiable information (PII) and sensitive data stays protected?

Based on our 2025 SaaS Data Report, over 25% of assets exposed contain sensitive information - this includes employee information, customer data, financial records, and much more.

Learn how to uncover these risks, quantify the exposure, and remediate both historical and future threats.

Google Workspace Security: Control External Sharing of PII and Sensitive Data

An employee leaving the company trying to take company information to their next role? How about product teams thinking the roadmap they create is theirs to keep?

Employees often believe the assets they create at a company are theirs, but in reality, they’re proprietary company information that needs to be protected.

Learn how to uncover these risks, quantify the exposure, and remediate both historical and future threats.

Google Workspace Security Series - Personal Account Sharing!

Okta, the leading IAM provider, and DoControl, the leading SaaS Security solution, offer comprehensive identity and access management security in collaboration with the world’s most comprehensive and broadly adopted cloud provider, Amazon Web Services (AWS). With Okta, customers gain complete control over user access to SaaS applications and data. Okta excels at securely managing the onboarding and offboarding of employees within an organization. With just a click, access to all applications can be granted or revoked. Traditional Data Loss Prevention (DLP) and Cloud Access Security Broker (CASB) solutions often struggle to keep up with the dynamic nature of SaaS data. DoControl’s solution excels in identifying and remediating such issues, ensuring that data exposure is effectively managed.

By integrating Okta with DoControl, organizations can gain comprehensive control over their onboarding and offboarding processes, thereby strengthening their Identity and Access Management (IAM) program.

Join us at our upcoming event to learn from top experts at AWS, Okta, DoControl, and our joint customer, Vox Media, on how to enable this strategy within your security framework.

Unlocking Secure Access: Integrating IAM with Okta, DoControl & AWS

Join us for an inspiring and insightful Women in Cyber webinar hosted by Ilana Yakobi, VP of Customer Services at DoControl. This event brings together prominent female leaders in cybersecurity to share their experiences, challenges, and triumphs. Our distinguished speakers include Ida Ek, VP Information Security at EQT, Yasmin Abdi, Security Engineer at Snap, Sue Begamu, Global CIO/CISO, Shenhaz Mirza, Security Engineer at KKR, and Kayla Williams, CISO at Dev.

During the webinar, we will explore what inspired these remarkable women to pursue careers in cybersecurity and discuss the unique perspectives and skills they bring to the field. We will delve into the challenges women face in this industry and how they have overcome them, balancing demanding careers with personal life.

Our speakers will also share their thoughts on how increasing gender diversity in cybersecurity can drive innovation and problem-solving. They will provide effective strategies for encouraging more women to enter and succeed in this field, emphasizing the importance of mentorship and support networks.

Additionally, we will highlight the role companies like DoControl play in advancing diversity and inclusion within the cybersecurity sector and how such initiatives can positively impact organizations' SaaS security posture and operations.

Join us for this engaging discussion to learn from and celebrate the contributions of women in cybersecurity and envision a future of greater gender diversity and inclusion in the industry.

Empowering Women in Cybersecurity: Perspectives and Strategies for Success

Join us for an exclusive webinar dissecting the findings of DoControl's latest report, "The State of SaaS Data Security 2024." We'll unfold key insights derived from extensive analysis of SaaS usage trends. Discover the implications of exponential asset creation, rampant data oversharing, and prevalent security risks posed by third-party OAuth apps. Real-world case studies will showcase effective strategies for mitigating these risks and enhancing your organization's SaaS security posture.

Explore findings such as:
- 9 out of 10 companies have former employees who accessed assets stored in SaaS applications after they left the company.
- 64% of active third-party OAuth apps are over-permissioned.
- By the end of 2023, the average company had 35K sensitive assets exposed publicly.

Join us to gain actionable insights and optimize your organization's SaaS security.

The State of SaaS Data Security 2024

DoControl, in collaboration with Amazon Web Services (AWS), is tackling a significant challenge in contemporary Cloud Security – SaaS Security. In today's business landscape, the reliance on SaaS applications is paramount for boosting productivity and enabling seamless collaboration across the organization, but the overexposure of this sensitive data is unmanageable without the proper tooling in place. Through their partnership with AWS, DoControl has developed a SaaS Security Platform that offers real-time visibility, continuous monitoring, and no-code workflow automation to safeguard your entire SaaS threat landscape.

Join us in this session to gain insights into AWS and DoControl's Shared Responsibility model, and explore the importance of DoControl as a crucial component within a modern security infrastructure.

See you there!

Securing Your SaaS Environment with DoControl & AWS

Security teams of all sizes struggle to detect, triage, and respond to threats quickly and efficiently at scale. Simply put, visibility is a critical component to securing your cloud environments, and with DoControl’s SaaS security platform organizations will be able to identify malicious user activity across their cloud environments – helping reduce the likelihood and impact of an attack.   
 
Legato Security understands that resources and budgets are tight – and with a SOC that operates 24x7, we help organizations manage and remediate these identified threats. A dedicated team of security experts will help customers streamline and eradicate a threat quickly and efficiently, streamlining the day-to-day operations – and instantly improve their security posture. 
 
Join the conversation, and learn how DoControl and Legato Security will help you: 
* Identify blind spots and detect threats in the cloud 
* Create an optimal response plan 
* Reduce time-to-remediation and minimize the chances of a breach

Increasing Cloud Visibility to Mitigate and Respond to Attacks

Modern businesses increasingly rely on SaaS applications like Google Drive, Box, Dropbox, and Slack to facilitate daily exchanges of sensitive data and files. Although these tools allow for real-time collaboration that drives business enablement, their lack of granular access and security controls presents serious material risks for the businesses that use them. This webinar will outline ten of the most significant SaaS security risks associated with unmanageable data access within SaaS applications that your organization should be aware of.

The Top 10 SaaS Security Risks

Software as a Service (SaaS) applications bring the promise of business agility and enablement. But like any technology that provides significant benefit, there are often security implementations that become overlooked. As your business grows and scales, so does the risk imposed at the identity layer across the SaaS estate. In this session, we will highlight the identity problem in SaaS; from human identities (internal employees, external vendors, third party contractors, partners, etc.) to machine identities (application-to-application connectivity, 3rd party OAuth applications, etc.). Attend this session to better understand the risks imposed on every identity within the SaaS estate, and pragmatic approaches to improve your posture.

The Human and Machine Identity Problem in SaaS Environments

Video: The Human and Machine Identity Problem in SaaS Environments

As SaaS environments become more complex and fragmented, the attack surface expands, and security becomes overwhelmingly burdensome. IT and Security teams are already strapped – having to do more with less – and the macroeconomic situation has impacted organizations across every industry vertical. An automated approach to SaaS security is required to navigate this current landscape, and transform the business at speed and scale.
Join us in this next installment in the DoControl webinar series as we explore key capabilities of a modern SaaS security program, and walk through the proof-of-value and ROI both in terms of financial return, as well as the valuable time and resources your teams are given back through automated remediation. We will highlight real-world customer ROI examples for both medium-sized organizations and large enterprises, as well as provide the necessary tools and resources to help build the business case for a SaaS security program.

The ROI of a SaaS Security Program

A software supply chain attack targets the software development process, with the intent of introducing malicious code into “trusted” software packages. This attack typically involves compromising one or more of the components that make up the software supply chain. Upon successfully infiltrating the supply chain, attackers can then insert malicious code or backdoors into the software package. Compromising the supply chain allows for the ability to steal sensitive data, launch further attacks on the target organization or its customers, or take control of the affected systems and/or applications. Yikes!

In this webinar we will highlight software supply chain risks, as well as offer pragmatic recommendations and guidance to mitigate this type of increasingly common attack that targets Software as a Service (SaaS) applications.

Defending Against Supply Chain Attacks

Supply Chain

SaaS Security Platform

SaaS

app security

Risk Mitigation

Malicious Activity

Data Breach

Data Protection

saassecurity

Supplier Risk

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

Enterprise applications have become a crucial piece of infrastructure for many businesses. The enterprise applications community on BrightTALK features the latest insights in enterprise application integration, enterprise application architecture and EAS software. Join the community to gain access to thousands of videos and webinars presented by recognized enterprise information systems experts and arm yourself with the knowledge you need to succeed.

Enterprise Applications

Join thousands of engaged IT professionals in the application management community on BrightTALK. Interact with your peers in relevant webinars and videos on the latest trends and best practices for application lifecycle management, application performance management and application development.

Application Management

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Defending Against Supply Chain Attacks

Presented by

About this talk

DoControl