SaaS Security Resources

FeaturedBlogSolution BriefsVideos and WebcastsArticles and WhitepapersCase Studies
Filter by Category
Chevron
SaaS SecuritySaaS Security Posture ManagementSaaS IntegrationsSaaS ConfigurationsSaaS RisksSaaS AttacksSaaS Identity Management
SSPM and DSPM Better Together—Enriching SaaS Security Risk Management with Cyera’s Data Security Platform Classification and Contextualization

SSPM and DSPM Better Together—Enriching SaaS Security Risk Management with Cyera’s Data Security Platform Classification and Contextualization

Read about Valence's new integration with Cyera, a leader in Data Security Posture Management (DSPM). Combining Valence’s SSPM capabilities with Cyera’s insights around sensitive data, improving SaaS risk management.

Read Now
No items found.
Escape the SaaS House of Horrors

Escape the SaaS House of Horrors

It’s the height of spooky season, and there’s no better time to talk about the spine-chilling risks lurking in your SaaS environment. But don’t worry—you don’t have to let these spooky threats turn your business into a haunted house.

Read Now
SaaS Attacks
SaaS Risks
Mitigating GenAI Risks in SaaS Applications

Mitigating GenAI Risks in SaaS Applications

Artificial Intelligence (AI) tools have revolutionized the business landscape, offering unprecedented automation, efficiency, and innovation. Among these, Generative AI (GenAI) has gained particular traction...

Read Now
SaaS Risks
SaaS Integrations
SaaS Security
Lifecycle Management in SaaS Security: Navigating the Challenges and Risks

Lifecycle Management in SaaS Security: Navigating the Challenges and Risks

Discover SaaS security best practices and lifecycle management strategies to protect your organization from security risks and challenges.

Read Now
SaaS Risks
SaaS Identity Management
Why Application-Specific Passwords are a Security Risk in Google Workspace

Why Application-Specific Passwords are a Security Risk in Google Workspace

The digital world is constantly changing, and with it, the methods used to secure sensitive information. Decisions made years ago continue to shape today’s landscape. The inception of Gmail by Google marked a pivotal moment in history, setting the foundation for the Google Account as we know it today. Unfortunately, the platform’s early choices still cast a shadow on today’s security posture for everyone who uses it. 

Read Now
SaaS Risks
SaaS Integrations
SaaS Identity Management
Strengthening Your Third Party SaaS Risk Management with Valence and OneTrust

Strengthening Your Third Party SaaS Risk Management with Valence and OneTrust

In today's interconnected world, SaaS applications play a critical role in facilitating business operations, enhancing collaboration, and connecting the global workforce. However, along with their myriad benefits come complexities, particularly in terms of security and risk management.

Read Now
SaaS Integrations
SaaS Security
Understanding the Shared Responsibility Model in SaaS

Understanding the Shared Responsibility Model in SaaS

The recent attacks targeting data in customers of Snowflake, a SaaS application focused on data storage, serve as a critical reminder of the importance of understanding the Shared Responsibility Model...

Read Now
SaaS Identity Management
SaaS Configurations
SaaS Attacks
The Danger of Sharing Files with “Anyone with the Link”: Examining a Risky Google Drive Misconfiguration

The Danger of Sharing Files with “Anyone with the Link”: Examining a Risky Google Drive Misconfiguration

Often when it comes to security, a significant risk results from an action that is so easy that we tend to overlook the risk itself. Sharing a file using the “anyone with the link” option is the equivalent of leaving a treasure chest unlocked...

Read Now
No items found.
2024 State of SaaS Security Report Shows A Gap Between Security Team Confidence And Complexity of SaaS Risks

2024 State of SaaS Security Report Shows A Gap Between Security Team Confidence And Complexity of SaaS Risks

The report explores key challenges, potential risks, and best practices to navigate the modern SaaS security landscape.

Read Now
No items found.
Discover How to Secure Your Business-Critical SaaS at RSA 2024

Discover How to Secure Your Business-Critical SaaS at RSA 2024

Let's connect at RSA. Whether you choose to meet our CEO 1:1 or attend one of our parties, we would love to meet you.

Read Now
No items found.
Cloudflare Hacked Following Okta Compromise

Cloudflare Hacked Following Okta Compromise

Discover how the Cloudflare breach, stemming from the Okta compromise, underscores the critical need for holistic risk management in SaaS applications.

Read Now
No items found.
The latest Microsoft Midnight Blizzard breach is a call for SaaS security

The latest Microsoft Midnight Blizzard breach is a call for SaaS security

Explore Microsoft's recent revelation on the Midnight Blizzard cyber attack, uncovering nation-state tactics, SaaS misconfigurations, and crucial lessons for enhancing your organization's cybersecurity.

Read Now
No items found.
Empowering SaaS Incident Response with Valence and Microsoft Sentinel

Empowering SaaS Incident Response with Valence and Microsoft Sentinel

As businesses increasingly rely on SaaS applications, their distributed ownership and intricate configurations expose them to the risk of misconfigurations and breaches. The integration between Valence and Microsoft Sentinel allows security teams to respond to SaaS threats with unprecedented speed and accuracy, deliver critical data and context and enrich existing incident response workflows.

Read Now
No items found.
Combine CrowdStrike Falcon with Valence Security SSPM to Combat Endpoint-to-SaaS Threats

Combine CrowdStrike Falcon with Valence Security SSPM to Combat Endpoint-to-SaaS Threats

Valence is excited to partner with CrowdStrike, to empower security teams to protect their growing endpoint-to-SaaS risk surface. The integration correlates SaaS security risk signals with CrowdStike’s endpoint security signals to improve overall security posture, threat detection, and incident response processes.

Read Now
No items found.
Minimize the Breach Blast Radius with Valence Security and SentinelOne

Minimize the Breach Blast Radius with Valence Security and SentinelOne

SaaS breaches often originate from compromised endpoint devices. Wouldn't it be nice if you could quickly correlate such incidents? By associating the compromised...

Read Now
No items found.
Valence Security Is a Proud Participant in the Microsoft Security Copilot Partner Private Preview

Valence Security Is a Proud Participant in the Microsoft Security Copilot Partner Private Preview

Valence Security today announced its participation in the Microsoft Security Copilot Partner Private Preview. Valence Security was selected based on their proven experience with Microsoft Security technologies, willingness to explore and provide feedback on cutting edge functionality, and close relationship with Microsoft.

Read Now
No items found.
Five Lessons Learned From Okta’s Support Site Breach

Five Lessons Learned From Okta’s Support Site Breach

While breaches remain a common occurrence, there's much to gain from studying them to avert future incidents. In this blog post, we delve deep into the most recent Okta Support Breach, extracting five crucial lessons from it.

Read Now
No items found.
Cloud Security - from IaaS to SaaS, from CNAPP to SSPM

Cloud Security - from IaaS to SaaS, from CNAPP to SSPM

As organizations increasingly migrate to the cloud, the rapid adoption of both SaaS and IaaS solutions has created new challenges. Valence's collaboration with Orca Security addresses these challenges head-on, creating a powerful solution that bridges the gap between cloud and SaaS security posture management.

Read Now
No items found.
Top Security Recommendations for SaaS Applications

Top Security Recommendations for SaaS Applications

SaaS-related breaches are real and increasing in frequency. Our latest blog dives into SaaS security recommendations to implement now, across 5 categories.

Read Now
No items found.
Validate Cyber Insurance’s Preferred Security Controls in Your Critical SaaS

Validate Cyber Insurance’s Preferred Security Controls in Your Critical SaaS

The surge in cyber threats and the wealth of available data on cyber posture and incidents pose a unique challenge for the cyber insurance industry. As attacks continue to rise, insurers face the daunting task of assessing and helping their clients mitigate cyber risks efficiently. This blog dives into the role SaaS applications play in cybersecurity.

Read Now
No items found.
What Does Zero Trust Mean for SaaS Security?

What Does Zero Trust Mean for SaaS Security?

You’ve heard a lot about Zero Trust, but did you know that most SaaS applications are well-aligned with Zero Trust Architecture? If you’re planning to start adopting Zero Trust in your organization, SaaS is an ideal place to start. This blog will help you with understand how to apply Zero Trust to SaaS, through the lens of CISA’s Zero Trust Maturity Model.

Read Now
No items found.
Racking up Convenience Debt with SaaS Integrations

Racking up Convenience Debt with SaaS Integrations

SaaS applications and platforms give every user the ability to integrate new third-party vendors. The problem? Most business users don’t understand the level of access they are granting, or if the third-party can be trusted! This blog explores how security teams can get a handle on SaaS integrations.

Read Now
No items found.
SaaS Misconfiguration Misconceptions Debunked

SaaS Misconfiguration Misconceptions Debunked

We hear a lot about attackers exploiting vulnerabilities, but did you know that misconfigurations are just as common? In this blog, we delve into the realm of common misconfigurations and provide insights on how to proactively prevent them.

Read Now
No items found.
SaaS Identity and Employees: the Keys to Productivity and Breaches

SaaS Identity and Employees: the Keys to Productivity and Breaches

‍There’s a lot of focus in cybersecurity on vulnerabilities, exploits, and assets. We focus on the data that was stolen, the device that was hacked, or the malware deployed. At the center of all these incidents, however, are identities. This blog delves into identity challenges that are related to the distributed nature of SaaS applications and platforms.

Read Now
No items found.
Salesforce Best Practices When Using Named Credentials

Salesforce Best Practices When Using Named Credentials

Learn SaaS security best practices for implementing named credentials in Salesforce.

Read Now
No items found.
External Data Sharing Is Out Of Control: But Does It Have to Be?

External Data Sharing Is Out Of Control: But Does It Have to Be?

Secure data sharing has historically posed significant challenges for enterprises. This blog delves into the hurdles faced by organizations governing data including legacy methods of data sharing (email attachments, file transfer software and sync & share solutions) as well as modern, cloud-based SaaS methods.

Read Now
No items found.
Exploring the Microsoft Storm-0558 SaaS Breach

Exploring the Microsoft Storm-0558 SaaS Breach

On June 16, 2023, a Microsoft 365 customer alerted Microsoft to some anomalous email activity they had detected. Microsoft began investigating and found that an external adversary had compromised the email of 24 other customers as well.

Read Now
No items found.
More SaaS Adoption → More SaaS Breaches

More SaaS Adoption → More SaaS Breaches

Despite the frequency of breaches, attackers are fairly predictable. They’re opportunists. They’ll go to where valuable data and useful identities live. Today, more than ever, that leads them to SaaS applications.‍ This blog discusses a number of ways SaaS breaches can occur.

Read Now
No items found.
Introducing the Valence 2023 State of SaaS Security Report

Introducing the Valence 2023 State of SaaS Security Report

The 2023 Valence State of SaaS Security report compiles our perspective on SaaS security, the latest threats, data from dozens of real companies, and finally, our recommendations and predictions for this market.

Read Now
No items found.
How Generative AI Benefits SaaS Security

How Generative AI Benefits SaaS Security

The Valence AI Assistant can analyze SaaS security risks and help security teams quickly define a remediation plan.

Read Now
No items found.
The Digital Office Moved to SaaS

The Digital Office Moved to SaaS

The digital office has moved and it seems like we’re in a constant state of catching up. The modern organization’s files, schedules, communications, concerns, plans, and goals all live in SaaS applications today. It’s easier than ever to collaborate, but it’s also easier than ever for data to leak.

Read Now
No items found.
2023 SaaS Management Index Report

2023 SaaS Management Index Report

In the 2023 Zylo SaaS Management Index Report, researchers provide data, trends and actionable insights from their database of SaaS spend, license and usage data. The most notable of these findings–a staggering 69% of SaaS spend and 82% of SaaS apps by number are adopted and managed by individuals or business units, not IT.

Read Now
No items found.
Valence Security ThreatLabs Alert: Salesforce Risk

Valence Security ThreatLabs Alert: Salesforce Risk

Valence Security ThreatLabs Alert: Brian Krebs from Krebs on Security has recently posted that numerous organizations, including banks and healthcare providers, are leaking sensitive info from public Salesforce Community websites due to misconfiguration.

Read Now
No items found.
Valence Joins Microsoft for Startups Pegasus Program

Valence Joins Microsoft for Startups Pegasus Program

Valence Security is thrilled to be part of the Microsoft for Startups Pegasus Program! A big thank you to Microsoft for consistently supporting the startup ecosystem with programs like these.

Read Now
No items found.
3 out of 4 Employees Sidestep IT, Bring Their Own Tech

3 out of 4 Employees Sidestep IT, Bring Their Own Tech

According to a Gartner® Press Release, “by 2027, 75% of employees will acquire, modify, or create technology outside IT's visibility, up from 41% in 2022.” Much of this trend is driven by the accelerated adoption of SaaS applications by business owners without the involvement of IT or cybersecurity teams, especially due to the rise of remote work following the COVID pandemic.

Read Now
No items found.
Detecting Risky Behavior with Microsoft and Valence

Detecting Risky Behavior with Microsoft and Valence

The Microsoft Azure AD team has been busy building identity protection features and making them available via the Microsoft Graph REST API. Valence has been collaborating with the Azure AD team – helping to bring new capabilities to detect Risky Users and Risky Service Principals into our SaaS security platform.

Read Now
No items found.
Valence 2023 RSA Conference Survival Guide

Valence 2023 RSA Conference Survival Guide

The RSA Conference is one of the largest and oldest cybersecurity conferences and its easy to get disoriented. Valence provides its 2023 RSA Conference Survival Guide to help you get the most of this awesome event.

Read Now
No items found.
Valence Security is an Innovation Sandbox Finalist

Valence Security is an Innovation Sandbox Finalist

Valence will present its SaaS security solution, which unlocks employee productivity and accelerates safe SaaS adoption, on the first day of this year’s RSA Conference in the annual Innovation Sandbox competition

Read Now
No items found.
Cybersecurity Excellence Awards 2023: Valence Brings Home the Gold, Twice Over

Cybersecurity Excellence Awards 2023: Valence Brings Home the Gold, Twice Over

For the 2023 Cyber Security Excellence Awards, Valence was awarded GOLD in two categories: Best Cybersecurity Startup and Best Product for SaaS Security Posture Management (SSPM).

Read Now
No items found.
CircleCI Says Hackers Stole Encryption Keys and Customers’ Secrets

CircleCI Says Hackers Stole Encryption Keys and Customers’ Secrets

CircleCI, a vendor specializing in CI/CD and DevOps tools, confirmed that some customer data was stolen in a data breach last month.

Read Now
No items found.
CircleCI, LastPass, Okta, and Slack: Cyberattackers Pivot to Target Core Enterprise Tool

CircleCI, LastPass, Okta, and Slack: Cyberattackers Pivot to Target Core Enterprise Tool

Dark Reading contributing writer Robert Lemos discusses how threat actors are increasingly focusing on exploiting core enterprise services.

Read Now
No items found.
GitHub Accounts Breached…Again

GitHub Accounts Breached…Again

Over the holiday weekend, the popular messaging app vendor Slack was notified of a breach of their GitHub account.

Read Now
No items found.
Using SSPM to Start Resolving SaaS Security Issues

Using SSPM to Start Resolving SaaS Security Issues

SaaS security risks go beyond administrative configurations which current SSPMs focus on.

Read Now
No items found.
Gartner Emerging Tech Impact Radar Reports

Gartner Emerging Tech Impact Radar Reports

Valence Security mentioned as a SaaS Security Posture Management (SSPM) vendor in Gartner’s latest Emerging Tech Impact Radar: Cloud Native and Security reports.

Read Now
No items found.
Announcing Valence’s Series A Round: Introducing Collaborative SaaS Security Risk Mitigation

Announcing Valence’s Series A Round: Introducing Collaborative SaaS Security Risk Mitigation

Valence announces $25M Series A round led by Microsoft’s M12 venture fund and Introduces Its Collaborative SaaS Risk Remediation Platform

Read Now
No items found.
Valence Integrates With Azure AD to Reduce SaaS Supply Chain Risks By Enforcing Zero Trust Principles

Valence Integrates With Azure AD to Reduce SaaS Supply Chain Risks By Enforcing Zero Trust Principles

Valence Security has integrated with Azure Active Directory to give customers increased visibility and control over their SaaS supply chain risks.

Read Now
No items found.
Infographic: Major SaaS Security Breaches 2021-2022

Infographic: Major SaaS Security Breaches 2021-2022

Over the past two years, SaaS adoption has exploded, which has led to an increased frequency and magnitude of SaaS breaches and SaaS supply chain attacks. This infographic shows some of the most destructive recent exploits.

Read Now
No items found.
IBM Cost of a Data Breach Report Confirms the Need to Immediately Remediate Supply Chain Risks

IBM Cost of a Data Breach Report Confirms the Need to Immediately Remediate Supply Chain Risks

Recently, supply chain attacks leveraging the interconnectivity of SaaS applications have become increasingly lucrative for cyber criminals. As the 2022 IBM Cost of a Data Breach report points out, one in five data breaches this year was caused by a supply chain compromise.

Read Now
No items found.
The Most Overlooked Element in Most Organizations' Cybersecurity Strategy

The Most Overlooked Element in Most Organizations' Cybersecurity Strategy

Securing the adoption and use of non-human identities is probably the most overlooked element in most organizations' cybersecurity strategy today.

Read Now
No items found.
Verizon 2022 DBIR Report: Supply Chain Attacks at Record High

Verizon 2022 DBIR Report: Supply Chain Attacks at Record High

The Verizon 2022 Data Breach Investigation Report (DBIR) noted explosive growth in incidents related to partners and the supply chain.

Read Now
No items found.
Cyber Week 2022 Presentation by Yoni Shohet (5 Minutes)

Cyber Week 2022 Presentation by Yoni Shohet (5 Minutes)

Yoni Shohet, CEO and Co-founder of Valence Security spoke at Cyber Week at the end of June at Tel Aviv University – one of the largest, international cybersecurity conferences in Israel.

Read Now
No items found.
Democratizing SaaS Security Remediation

Democratizing SaaS Security Remediation

Democratizing SaaS security remediation workflows is increasingly necessary for modern business needs, and security teams must find ways to adapt - not obstruct - such progress.

Read Now
No items found.
Offboarding: Don't Forget Third-party Non-human Identities

Offboarding: Don't Forget Third-party Non-human Identities

Offboarding of non-human users must become a top priority for CISOs.

Read Now
No items found.
GitHub and Their Customers are the Latest Victims of Supply Chain Attacks 

GitHub and Their Customers are the Latest Victims of Supply Chain Attacks 

GitHub announces it had discovered that attackers had stolen OAuth user tokens issued to third-party vendors that were used to download private data repositories from dozens of GitHub customers.

Read Now
No items found.
The Mailchimp Breach Is Just The Latest Supply Chain Attack

The Mailchimp Breach Is Just The Latest Supply Chain Attack

MailChimp, a leading email marketing firm, recently discovered that hackers had gained access to internal customer support and account management tools, which could be used to launch phishing attacks to steal customer data.

Read Now
No items found.
Three Security Take-aways From The LAPSUS$ Breach of Okta

Three Security Take-aways From The LAPSUS$ Breach of Okta

Okta has denied that the hacker group LAPSUS$ breached their service and performed malicious exploits, while LAPSUS$ claims it has gathered significant Okta customer data over the past several months—enough for additional exploits.

Read Now
No items found.
Valence Security Completes SOC 2 Type II Certification

Valence Security Completes SOC 2 Type II Certification

We at Valence Security are extremely pleased to announce that we have successfully completed System and Organization Controls (SOC) 2 Type II certification for our first-of-its-kind platform for securing the SaaS mesh.

Read Now
No items found.
Valence: Illuminating and Securing the Business Application Mesh

Valence: Illuminating and Securing the Business Application Mesh

Valence defines a new category in the cybersecurity landscape. A critical problem space, necessary market education and potential access to the largest network of cybersecurity advisors cemented our decision to partner with YL Ventures, a leading early-stage cybersecurity VC, to fulfill the unique market opportunity we identified

Read Now
No items found.
Valence Security: Collaboratively remediate your SaaS security risks.
611 Gateway Blvd Ste 120, South San Francisco, CA 94080
Platform
Platform Overview
SaaS Security Posture Management (SSPM)
SaaS Risk Remediation
Identity Threat Detection and Response (ITDR)
Use Cases
SaaS Configuration Management
Manage Misconfigurations and Drift
Comply with Industry Standards
SaaS Identity Security
Ensure Strong Authentication
Review User Access
SaaS-to-SaaS Governance
Govern Non-human Identities
Discover Shadow AI
SaaS Data Protection
Reduce Data Exposure
Identify Exposed Data
SaaS Threat Detection
Detect SaaS Threats
Hunt SaaS Threats
Resources
About
Schedule a Demo
Contact Us
info@valencesecurity.com
Login
Valence Linkedin profileValence Facebook profile
Copyright © 2024 Valence Security | All rights Reserved | Privacy Policy | Terms of Use |