The swift success of DeepSeek comes with pressing concerns about data security, regulatory compliance, and the hidden risks of shadow AI.
The swift success of DeepSeek comes with pressing concerns about data security, regulatory compliance, and the hidden risks of shadow AI.
On March 14, 2025, attackers compromised a popular GitHub action, injecting malicious code to expose sensitive CI/CD secrets within workflow logs.
On March 14, 2025, attackers compromised a popular GitHub action, injecting malicious code to expose sensitive CI/CD secrets within workflow logs.
On March 20, 2025, global hacking group HellCat launched a widespread ransomware attack specifically targeting Jira servers.
On March 20, 2025, global hacking group HellCat launched a widespread ransomware attack specifically targeting Jira servers.
Within six months, KarmaCheck recovered 150% of its annual investment in Nudge Security.
Within six months, KarmaCheck recovered 150% of its annual investment in Nudge Security.
A widespread phishing campaign has recently targeted nearly 12,000 GitHub repositories with fake “Security Alert” issues.
A widespread phishing campaign has recently targeted nearly 12,000 GitHub repositories with fake “Security Alert” issues.
Microsoft Threat Intelligence revealed that Silk Typhoon is exploiting stolen API keys, OAuth credentials, and PAM credentials in supply chain attacks.
Microsoft Threat Intelligence revealed that Silk Typhoon is exploiting stolen API keys, OAuth credentials, and PAM credentials in supply chain attacks.
Harden your Google Workspace environment with these five essential security settings and configurations.
Harden your Google Workspace environment with these five essential security settings and configurations.
On February 27, 2025, security researchers revealed that LLMs were trained on datasets containing approximately 12,000 live API keys and passwords.
On February 27, 2025, security researchers revealed that LLMs were trained on datasets containing approximately 12,000 live API keys and passwords.
On February 27, 2025, security researchers from cybersecurity company Lasso discovered a serious data exposure issue involving Microsoft's Copilot.
On February 27, 2025, security researchers from cybersecurity company Lasso discovered a serious data exposure issue involving Microsoft's Copilot.
While SaaS features and discounts offer many conveniences, some of the industry's darker patterns can put your organization at risk.
While SaaS features and discounts offer many conveniences, some of the industry's darker patterns can put your organization at risk.
Six essential Okta security configurations that every security practitioner should monitor.
Six essential Okta security configurations that every security practitioner should monitor.
Protecting your organization’s data from NHI risks shouldn’t be a guessing game. Our app-to-app integrations table is here to help.
Protecting your organization’s data from NHI risks shouldn’t be a guessing game. Our app-to-app integrations table is here to help.
As the nature of work evolves, avoid falling victim to the sunk cost fallacy of CASB.
As the nature of work evolves, avoid falling victim to the sunk cost fallacy of CASB.
What does the rapid pace of AI adoption mean for cybersecurity leaders as they grapple with AI security and governance?
What does the rapid pace of AI adoption mean for cybersecurity leaders as they grapple with AI security and governance?
How to implement a structured framework to manage user access rights effectively across diverse applications and environments.
How to implement a structured framework to manage user access rights effectively across diverse applications and environments.
Please enjoy our reflections on the big moments, releases, breaches, and outages that defined the year in cybersecurity.
Please enjoy our reflections on the big moments, releases, breaches, and outages that defined the year in cybersecurity.
Gain deeper insight into your SaaS environments and strengthen your SaaS security posture with our growing library of connected apps.
Gain deeper insight into your SaaS environments and strengthen your SaaS security posture with our growing library of connected apps.
Nudge Security CEO Russell Spitler explores the possibility of an AI-fueled cyberattack in this OpEd published in The Information (subscription required).
Nudge Security CEO Russell Spitler explores the possibility of an AI-fueled cyberattack in this OpEd published in The Information (subscription required).
Proactively find and fix misconfigurations in Okta, Google Workspace, and Microsoft 365 with our new SSPM capabilities.
Proactively find and fix misconfigurations in Okta, Google Workspace, and Microsoft 365 with our new SSPM capabilities.
With a new, deeper integration for Okta, Nudge Security customers can further harden and protect their critical identity stack.
With a new, deeper integration for Okta, Nudge Security customers can further harden and protect their critical identity stack.
Nudge Security is the only SaaS management platform that discovers up to two years of historical SaaS spend within minutes of starting a free trial.
Nudge Security is the only SaaS management platform that discovers up to two years of historical SaaS spend within minutes of starting a free trial.
Thus far, IT automation has failed to address the hardest parts of employee offboarding. Here’s what IT and operations professionals need to know.
Thus far, IT automation has failed to address the hardest parts of employee offboarding. Here’s what IT and operations professionals need to know.
LastPass has reported a social engineering campaign using fake reviews on the Chrome Web Store.
LastPass has reported a social engineering campaign using fake reviews on the Chrome Web Store.
On October 30, 2024, a security flaw was detected in Okta’s AD/LDAP Delegated Authentication (DelAuth) service.
On October 30, 2024, a security flaw was detected in Okta’s AD/LDAP Delegated Authentication (DelAuth) service.
SaaS management platforms provide organizations with centralized visibility, control, and security for all their SaaS applications.
SaaS management platforms provide organizations with centralized visibility, control, and security for all their SaaS applications.
To celebrate our second birthday, we're reflecting on our journey—and all the new features we've added to help customers scale SaaS security and governance.
To celebrate our second birthday, we're reflecting on our journey—and all the new features we've added to help customers scale SaaS security and governance.
Attackers have been utilizing DocuSign’s SaaS platform to deliver phishing campaigns that are able to bypass email security checks.
Attackers have been utilizing DocuSign’s SaaS platform to deliver phishing campaigns that are able to bypass email security checks.
Why SaaS security should be a core element of your IT security and governance program.
Why SaaS security should be a core element of your IT security and governance program.
A practitioner's guide to running an AI risk assessment in order to safeguard organizational data and reputation.
A practitioner's guide to running an AI risk assessment in order to safeguard organizational data and reputation.
How to map your SaaS supply chain automatically, so you can quickly determine if a third- or fourth-party breach puts you at risk.
How to map your SaaS supply chain automatically, so you can quickly determine if a third- or fourth-party breach puts you at risk.
Midnight Blizzard has been actively targeting organizations across various sectors since at least 2021.
Midnight Blizzard has been actively targeting organizations across various sectors since at least 2021.
Eight steps to ensure complete employee offboarding for SaaS and cloud accounts, including the OAuth grants, resources, and passwords you’re most likely forgetting.
Eight steps to ensure complete employee offboarding for SaaS and cloud accounts, including the OAuth grants, resources, and passwords you’re most likely forgetting.
Threat actors are leveraging fake Google Ads linked to deceptive websites that mimic legitimate download pages.
Threat actors are leveraging fake Google Ads linked to deceptive websites that mimic legitimate download pages.
Read a summary of the vulnerability, how it could be exploited, and what to look for to understand if your organization could have been impacted.
Read a summary of the vulnerability, how it could be exploited, and what to look for to understand if your organization could have been impacted.
Learn how top analysts are viewing the emerging SaaS security and governance space.
Learn how top analysts are viewing the emerging SaaS security and governance space.
While AI tools like ChatGPT can be a boon for productivity, they also raise security and privacy concerns. What can IT and security teams do to minimize the risks?
While AI tools like ChatGPT can be a boon for productivity, they also raise security and privacy concerns. What can IT and security teams do to minimize the risks?
Make smart, data-driven SaaS investment decisions that drive the business forward while reducing risk and waste.
Make smart, data-driven SaaS investment decisions that drive the business forward while reducing risk and waste.
With Nudge Security, GLAAD eliminates 1000+ hours of manual work every year in protecting critical SaaS identities and data.
With Nudge Security, GLAAD eliminates 1000+ hours of manual work every year in protecting critical SaaS identities and data.
Learn how we can help you identify and remediate security risks across your Google Workspace and Microsoft 365 environments.
Learn how we can help you identify and remediate security risks across your Google Workspace and Microsoft 365 environments.
Detect and fix risks and misconfigurations in Google Workspace and Microsoft 365 with Nudge Security.
Detect and fix risks and misconfigurations in Google Workspace and Microsoft 365 with Nudge Security.
How SSPM solutions help automate the detection, remediation, and reporting of configuration issues, identity risks, and other SaaS security threats.
How SSPM solutions help automate the detection, remediation, and reporting of configuration issues, identity risks, and other SaaS security threats.
Why the classic physics challenge might feel familiar to those operating within the “shared security model” for SaaS applications.
Why the classic physics challenge might feel familiar to those operating within the “shared security model” for SaaS applications.
How to streamline all aspects of your SaaS data governance process, ensuring that technology is onboarded, managed, and secured properly.
How to streamline all aspects of your SaaS data governance process, ensuring that technology is onboarded, managed, and secured properly.
Why Nudge Security’s approach to SaaS discovery is so effective at finding shadow IT and business-led IT.
Why Nudge Security’s approach to SaaS discovery is so effective at finding shadow IT and business-led IT.
Enjoy a step-by-step explanation of the challenges and solutions for our capture the flag competition.
Enjoy a step-by-step explanation of the challenges and solutions for our capture the flag competition.
While the convenience of integration can boost productivity, the cybersecurity risks can be significant.
While the convenience of integration can boost productivity, the cybersecurity risks can be significant.
While we are proud to be included in this report, we are even more encouraged by the recognition of this emerging market.
While we are proud to be included in this report, we are even more encouraged by the recognition of this emerging market.
From our sales team to our engineers, everyone at Nudge shares the responsibility for providing a positive experience.
From our sales team to our engineers, everyone at Nudge shares the responsibility for providing a positive experience.
Learn how our AI dashboard helps you to visualize and manage AI adoption at your organization.
Learn how our AI dashboard helps you to visualize and manage AI adoption at your organization.
Non-human identities have increased our attack surface—and with it, the management headache that defines the modern stack of business technology.
Non-human identities have increased our attack surface—and with it, the management headache that defines the modern stack of business technology.
Shadow IT risks present a formidable challenge to modern businesses. Learn to identify shadow IT risks and regain control of your security posture.
Shadow IT risks present a formidable challenge to modern businesses. Learn to identify shadow IT risks and regain control of your security posture.
With the rise in threat campaigns targeting SaaS instances, we need a shared responsibility model that includes employees as well as IT security teams.
With the rise in threat campaigns targeting SaaS instances, we need a shared responsibility model that includes employees as well as IT security teams.
How to use spend data and insights to prioritize your SaaS rationalization efforts, maximize impact, and earn quick wins.
How to use spend data and insights to prioritize your SaaS rationalization efforts, maximize impact, and earn quick wins.
With Nudge Security, Stravito was able to expand its SaaS security program while cutting costs and improving employee engagement.
With Nudge Security, Stravito was able to expand its SaaS security program while cutting costs and improving employee engagement.
How using Nudge Security to solve complex problems as an end user inspired me to join the team as Head of Product.
How using Nudge Security to solve complex problems as an end user inspired me to join the team as Head of Product.
An active threat campaign targeting Snowflake customers underscores an all-too-common attack pattern of exploiting users’ cloud and SaaS identities and gaps in MFA coverage.
An active threat campaign targeting Snowflake customers underscores an all-too-common attack pattern of exploiting users’ cloud and SaaS identities and gaps in MFA coverage.
.avif)
Learn how Nudge Security's SaaS discovery capabilities and automated workflows save time and make identity governance manageable at scale.
Learn how Nudge Security's SaaS discovery capabilities and automated workflows save time and make identity governance manageable at scale.
Nudge Security delivers key OAuth risk insights to help you detect sensitive scopes, assess trust signals, and flag potential phishing attempts.
Nudge Security delivers key OAuth risk insights to help you detect sensitive scopes, assess trust signals, and flag potential phishing attempts.
Nudge Security now discovers multiple app instances and shadow tenants, addressing a sprawling challenge for SaaS security and risk leaders.
Nudge Security now discovers multiple app instances and shadow tenants, addressing a sprawling challenge for SaaS security and risk leaders.
Four key areas to consider when you’re investigating an OAuth grant, and how Nudge Security can help.
Four key areas to consider when you’re investigating an OAuth grant, and how Nudge Security can help.
Five ways Nudge Security's patented SaaS discovery can help you gain the visibility you need, secure your newly expanded SaaS estate, and plan for the future.
Five ways Nudge Security's patented SaaS discovery can help you gain the visibility you need, secure your newly expanded SaaS estate, and plan for the future.
How to expose shadow IT, eliminate SaaS sprawl, and take control of your supply chain.
How to expose shadow IT, eliminate SaaS sprawl, and take control of your supply chain.
How to streamline IAM, starting with a complete inventory of every and SaaS app that’s been introduced into your organization.
How to streamline IAM, starting with a complete inventory of every and SaaS app that’s been introduced into your organization.
A look back at the highlights, themes, and insights from Nudge Security’s “Overshadowed” interview series.
A look back at the highlights, themes, and insights from Nudge Security’s “Overshadowed” interview series.
New API extends Nudge Security’s unrivaled SaaS discovery and security data to security operations, IT workflows, identity management, and other parts of the modern IT security stack.
New API extends Nudge Security’s unrivaled SaaS discovery and security data to security operations, IT workflows, identity management, and other parts of the modern IT security stack.
We’ve unlocked thousands of SaaS vendor security profiles to help you make faster, risk-informed decisions about whether apps meet your corporate guidelines.
We’ve unlocked thousands of SaaS vendor security profiles to help you make faster, risk-informed decisions about whether apps meet your corporate guidelines.
How to discover and categorize cloud and SaaS assets in scope of SOC 2 while automating access reviews in order to stay compliant.
How to discover and categorize cloud and SaaS assets in scope of SOC 2 while automating access reviews in order to stay compliant.
With Nudge Security, gridX was able to discover and inventory its cloud and SaaS applications, allowing them to ditch their spreadsheet and easily prepare for compliance certifications.
With Nudge Security, gridX was able to discover and inventory its cloud and SaaS applications, allowing them to ditch their spreadsheet and easily prepare for compliance certifications.
Demonstrate the impact of your hard work with exec-ready SaaS security progress reports.
Demonstrate the impact of your hard work with exec-ready SaaS security progress reports.
A conversation about data and identity with Steve Zalewski, former CISO of Levi Strauss and a seasoned security advisor.
A conversation about data and identity with Steve Zalewski, former CISO of Levi Strauss and a seasoned security advisor.
With Nudge Security, you can automatically nudge users to delete accounts for dating apps or other non-work categories as soon as they are created—no awkward conversations necessary.
With Nudge Security, you can automatically nudge users to delete accounts for dating apps or other non-work categories as soon as they are created—no awkward conversations necessary.
Tune in to Nudge Newsday Tuesday to see what’s new in our product and how these innovations can help you save time and improve SaaS security and governance.
Tune in to Nudge Newsday Tuesday to see what’s new in our product and how these innovations can help you save time and improve SaaS security and governance.
Russian threat actor Midnight Blizzard abused OAuth grants to infiltrate Microsoft. Here’s how Nudge Security can help you secure your organization against similar threats.
Russian threat actor Midnight Blizzard abused OAuth grants to infiltrate Microsoft. Here’s how Nudge Security can help you secure your organization against similar threats.
A guide to winning friends and influence during your first 90 days in an InfoSec leadership role
A guide to winning friends and influence during your first 90 days in an InfoSec leadership role
While all of your friends are comparing hours tallied listening to Taylor Swift on Spotify this year, we're taking a beat to recap a banner year at Nudge Security.
While all of your friends are comparing hours tallied listening to Taylor Swift on Spotify this year, we're taking a beat to recap a banner year at Nudge Security.
Verify SaaS app statuses and proactively notify users of app outages.
Verify SaaS app statuses and proactively notify users of app outages.
A newly disclosed Google OAuth vulnerability allows former employees to retain access to corporate resources like Slack and Zoom, even after suspending their corporate Google accounts. Here’s what it means for your SaaS security posture and how Nudge Security can help.
A newly disclosed Google OAuth vulnerability allows former employees to retain access to corporate resources like Slack and Zoom, even after suspending their corporate Google accounts. Here’s what it means for your SaaS security posture and how Nudge Security can help.
We've got cocktails, we've got elixirs, we've got sweets and sides. Here are a few of our favorite things to whip up for the holidays.
We've got cocktails, we've got elixirs, we've got sweets and sides. Here are a few of our favorite things to whip up for the holidays.
Provide an inventory of approved applications and allow employees to submit access requests directly from Nudge Security.
Provide an inventory of approved applications and allow employees to submit access requests directly from Nudge Security.
While 2024 will undoubtedly throw some curveballs, one sure bet is that modern work will continue to happen across cloud and SaaS applications.
While 2024 will undoubtedly throw some curveballs, one sure bet is that modern work will continue to happen across cloud and SaaS applications.
Certain decisions simply can't be automated. Read our case for a scalable, human-centered approach to SaaS security and governance.
Certain decisions simply can't be automated. Read our case for a scalable, human-centered approach to SaaS security and governance.
Why comprehensive shadow IT discovery is an essential first step toward securing an organization's SaaS estate.
Why comprehensive shadow IT discovery is an essential first step toward securing an organization's SaaS estate.
Monitor and revoke risky third-party SaaS access with Nudge Security’s enhanced OAuth risk management capabilities.
Monitor and revoke risky third-party SaaS access with Nudge Security’s enhanced OAuth risk management capabilities.
Managing a sprawling web of OAuth grants is an unmanaged risk most organizations are just beginning to understand. Here’s how we can help.
Managing a sprawling web of OAuth grants is an unmanaged risk most organizations are just beginning to understand. Here’s how we can help.
Instead of harping on awareness, it's time to implement repeatable, real-world practice that ingrains positive habits and security behaviors.
Instead of harping on awareness, it's time to implement repeatable, real-world practice that ingrains positive habits and security behaviors.
How dark patterns in the go-to-market strategies of B2B SaaS companies are designed to work against IT and security—and what you can do about it.
How dark patterns in the go-to-market strategies of B2B SaaS companies are designed to work against IT and security—and what you can do about it.
To celebrate the first anniversary of our initial product launch, we're reflecting on our journey so far and announcing a special offer for new customers who sign up before the end of 2023.
To celebrate the first anniversary of our initial product launch, we're reflecting on our journey so far and announcing a special offer for new customers who sign up before the end of 2023.
When offboarding users, don't let their their lingering OAuth grants don’t come back to haunt you.
When offboarding users, don't let their their lingering OAuth grants don’t come back to haunt you.
Why effective vendor risk management is a critical strategy for identifying, assessing, and mitigating risks within the SaaS supply chain.
Why effective vendor risk management is a critical strategy for identifying, assessing, and mitigating risks within the SaaS supply chain.
Learn how Nudge Security can help you gain visibility and control of your SaaS security posture without the limitations of SSPM.
Learn how Nudge Security can help you gain visibility and control of your SaaS security posture without the limitations of SSPM.
Why modern data governance requires a full inventory of SaaS apps and accounts in use at your organization.
Why modern data governance requires a full inventory of SaaS apps and accounts in use at your organization.
Instead of the obligatory annual security awareness training, Nudge Security provides just-in-time interventions all year round.
Instead of the obligatory annual security awareness training, Nudge Security provides just-in-time interventions all year round.
Read how Nudge Security's patented, perimeterless approach to SaaS security and governance compares to a traditional CASB.
Read how Nudge Security's patented, perimeterless approach to SaaS security and governance compares to a traditional CASB.
Nudge Security CEO Russ Spitler welcomes Ira Winkler, CISO of CYE Security, to discuss principles for designing a security program that engages employees.
Nudge Security CEO Russ Spitler welcomes Ira Winkler, CISO of CYE Security, to discuss principles for designing a security program that engages employees.
Watch our webcast to learn the fundamentals of OAuth risk management using Nudge Security.
Watch our webcast to learn the fundamentals of OAuth risk management using Nudge Security.
Empower your employees to embrace the productivity benefits of generative AI and make informed choices to avoid AI risks.
Empower your employees to embrace the productivity benefits of generative AI and make informed choices to avoid AI risks.
Download our guide to SaaS rationalization to reduce risk and optimize technology investments at your organization.
Download our guide to SaaS rationalization to reduce risk and optimize technology investments at your organization.
Why IT and security leaders need a new approach to securing and governing access to new cloud-delivered technologies.
Why IT and security leaders need a new approach to securing and governing access to new cloud-delivered technologies.
Nudge Security CEO Russ Spitler welcomes Malcolm Harkins to discuss the balance of risk vs. friction that must be considered when designing a security program.
Nudge Security CEO Russ Spitler welcomes Malcolm Harkins to discuss the balance of risk vs. friction that must be considered when designing a security program.
Save time, save money, and reduce risk by automating the process of identifying and removing unused SaaS accounts.
Save time, save money, and reduce risk by automating the process of identifying and removing unused SaaS accounts.
