TEL AVIV, Israel, June 22, 2022 (GLOBE NEWSWIRE) -- Valence Threat Labs is a vendor-agnostic research team from Valence Security, working to uncover and present real, data-driven and actionable insights into emerging threats impacting enterprises on a global scale, with specific ramifications for their supply chains and SaaS security posture. Valence researchers engaged with cybersecurity-focused venture capital firm YL Ventures’ Venture Advisory Board to ask leading CISOs a variety of questions pertaining to the state of security for SaaS-to-SaaS third-party integrations in their organizations and their current best practices. Researchers then compared their responses to aggregated and anonymized cross-tenant data extracted from the Valence SaaS Mesh Security Platform. The end result is the 2022 Shadow SaaS-to-SaaS Integration Report.
SaaS-to-SaaS third-party integrations leave core business applications like Microsoft 365, Google Workspace and Salesforce and the business-critical data in them open to supply chain attacks. Both security practitioners and SaaS security vendors have lagged in their past efforts to address this threat vector. As a senior enterprise CISO notes in Valence’s report, “[With] our workforce changes (on and off boardings), contractors and cloud environment changes it is difficult to keep up with SaaS connections.”