SaaS Alerts Releases Third Annual SaaS Application Security Insights (SASI) Report

Velotix Mentioned as a Sample Vendor in the Gartner Hype Cycle for Data Security, 2023

Report Reveals the Latest Cyber Trends and Threats, and Actionable Insights for Managed Service Providers to Better Protect Customers

SaaS Alerts, the cybersecurity company purpose-built for MSPs to protect and monetize their customers’ business SaaS applications, today unveiled the findings of its third annual SaaS Application Security Insights (SASI) Report, which offers a detailed look at the major threat vectors and security gaps that exist in SaaS Application security targeting small businesses.

Based on the analysis of the SaaS application security records of 7,400-plus SMBs and nearly 1 million end-user accounts in 2022, the report assesses key areas of security concern, such as from where attacks are originating, tactics most frequently used by bad actors, common events and alerts, and threat vectors that organizations need to be aware of to proactively protect their business critical assets from an attack and breach. SaaS Alerts’ report also examines the inherent issues and complexities regarding the accelerated rate of SaaS Application adoption and concerns with cybersecurity threats and gaps from external threats such as hackers and internal insider threats caused by employee or contractor negligence, misconfiguration of SaaS App security controls, unsafe cybersecurity practices, and human error.

Marketing Technology News: MarTech Interview with Doug Huntington, CEO at FatTail

Key findings include:

  • 53% of all attempted unauthorized logins originated from ChinaVietnamIndiaBrazil, and Korea. This year’s report saw a notable decline in attempts from Russia, which could be a result of Russia’s shifted focus on the war with Ukraine.
  • On average, there were approximately 40,000 brute attacks per day against user accounts monitored by SaaS Alerts.
  • 2022 saw a 61% increase in the rate of phishing attacks compared with 2021. The study also revealed that cybercriminals shifted their attacks to mobile and personal communication channels to reach users, and showed a 50% increase in attacks on mobile devices, with scams and credential theft at the top of the list of payloads.
  • Outside approved locations accounted for over 55% of the most common critical alerts and occurred when there was a successful login to a user account from outside of an approved location or an approved IP address range. While this alert can be a false flag due to misconfiguration of approved locations or unexpected user travel, it is a serious alert, indicating a significant probability that a malicious actor has succeeded in compromising an account.
  • Salesforce and Slack generated the most critical alerts on a per-user/per-alert basis. Of all logged Salesforce events, over 8% of those events were critical alerts compared to 3.77% for Slack, 1.82% for Google Workspace, and 1.26% for Office 365.
  • Compared to last year’s data, the report found a 29% increase in the number of guest user accounts, which can have access to sensitive data and open access points for bad actors. Of the over 979,840 SaaS accounts monitored by SaaS Alerts in 2022, 54% were from guest user accounts versus licensed users.

“By moving from legacy systems to the cloud, businesses can realize increased productivity and quickly scale their operations. While the pandemic accelerated the adoption of SaaS solutions, this trend continues today and is rapidly growing,” said Jim Lippie, CEO, of SaaS Alerts. “However, as we’re seeing with increasing frequency as threat actors become more sophisticated in their methods and tactics, businesses face new and unprecedented challenges with data theft, data-at-risk, and bad actors when integrating with the most popular SaaS applications and MSP tools. Our report offers an in-depth analysis as businesses of all sizes across the globe face mounting internal and external threats, and provides valuable insights to help organizations preemptively protect themselves from falling victim to the next attack.”

Marketing Technology News: Social Media Strategies for Customer Engagement Success: How to Meet Consumers Where They Are in…

Picture of PRNewswire

PRNewswire

PR Newswire, a Cision company, is the premier global provider of multimedia platforms and distribution that marketers, corporate communicators, sustainability officers, public affairs and investor relations officers leverage to engage key audiences. Having pioneered the commercial news distribution industry over 60 years ago, PR Newswire today provides end-to- end solutions to produce, optimize and target content -- and then distribute and measure results. Combining the world's largest multi-channel, multi-cultural content distribution and optimization network with comprehensive workflow tools and platforms, PR Newswire powers the stories of organizations around the world. PR Newswire serves tens of thousands of clients from offices in the Americas, Europe, Middle East, Africa and Asia-Pacific regions.

You Might Also Like