Nudge Security is expanding our capabilities to strengthen your SaaS security posture with the addition of our most recent connected apps for OpenAI, Cloudflare, and Fastly.
‍
With these new connected apps, you can gain deeper insight into these apps' configurations and user activities, and you can take actions to resolve and report on findings directly from within Nudge Security.
‍
For more info, refer to the dedicated connected apps webpages for OpenAI, Cloudflare, and Fastly.
‍
ICYMI, we recently released security posture management capabilities for Google Workspace and Microsoft 365 to help you harden your identity infrastructure.
‍
Now, we’ve expanded these SaaS security posture management capabilities to Okta with a new Okta connected app, allowing you to:Â
‍
To get started, create a read-only token in your Okta tenant using an Okta read-only administrator account or a custom administrator account. Next, go to Apps > Connected Apps within Nudge Security and enter your Okta token to connect the app.
‍
Note: Customers using our existing Okta integration will need to enable the Okta connected app to access these new features.
‍
Nudge Security continually monitors your Google Workspace or Microsoft 365 environment to surface security posture findings and helps you resolve them quickly with remediation workflows. Our open API includes endpoints for security posture findings so you can keep your team’s work centralized within your existing tools.Â
‍
Now, we’ve released a new Tines story to give you more options for taking action on findings from Nudge Security. With the new story, you can use Tines automation to create Jira tickets for Nudge Security SaaS security posture findings.
‍
Nudge Security continually monitors the security posture of your Google Workspace and Microsoft 365 environments so you can detect, prioritize, and fix risks and misconfigurations.Â
‍
Now, we’ve added new rules to surface Microsoft Sharepoint security posture risks and misconfigurations. Nudge Security enables you to resolve risks efficiently with nudge workflows and context-aware remediation guidance for each finding.Â
‍
Note: Existing customers using Microsoft 365 will need to accept additional scopes to enable these new security posture checks. To do so, go to Settings > Email Analysis, select “Update Permissions,” and accept the scope allowing Nudge Security to read the tenant-level settings of SharePoint and OneDrive.
‍
Nudge Security has extended our patented SaaS discovery method to include SaaS spend data from invoices in your users’ mailboxes, uncovering SaaS expenses that may not be captured by financial software.
‍
Now, Nudge Security discovers and analyzes invoices from the last two years to extract spend data such as billing frequency, amount, renewal date, billing owner, cost center, and most recent transaction, powering the platform’s cost optimization insights. For additional context, we’ve added an inventory of invoice details we’ve uncovered for each app, including information like invoice ID, date, payment status, payee, and description of services.
‍
These new discovery capabilities enable SaaS spend forecasting that accounts for previously-unknown spend and changes in SaaS adoption. You can track your own estimated annual budget for each app alongside Nudge Security’s record of historical spend for the last 12 months and projected spend based on actual usage. Nudge Security also calculates each app’s average cost per user, helping you prioritize SaaS deployment and investment decisions.
‍
‍
Today, we’ve expanded our SaaS security and governance capabilities with SaaS security posture management (SSPM) for Google Workspace and Microsoft 356, enabling you to remediate risks and misconfigurations in your identity infrastructure.Â
‍
Now, Nudge Security regularly checks your Google Workspace or Microsoft 365 environment against technical benchmarks to detect:
‍
‍
You can see an overview of findings from those checks in the new Posture dashboard, which highlights top findings, riskiest users, and remediation activities. See a full list of issues under Findings and resolve risks quickly with remediation workflows, including nudges to engage the right stakeholders and track resolution outcomes. Learn more in today’s blog.
‍
Nudge Security has added new SaaS spend discovery, empowering customers to make better SaaS investment decisions by triangulating insights into SaaS spend, risk, and usage.
‍
Now, Nudge Security automatically categorizes apps as paid based on data from email invoices and other billing communications from the previous three years, enabling organizations to track SaaS spend alongside app risk and usage insights. Nudge Security also automatically identifies a billing owner and cost center for each paid app. You customize the Google or Microsoft field Nudge Security uses to allocate spend to cost centers by going to Settings > Organization Settings.
‍
Customers can add additional spend data manually, such as estimated annual spend, billing frequency, and renewal date. This information can be found in a new Spend card within each App Overview, or you can sort, filter, and edit these new fields in bulk directly from the App view.
‍
Note: By default, Nudge Security will only extract billing information from emails associated with users that have accounts for an app, which means we will not analyze mailboxes without associated accounts such as accounts payable (ex: accountspayable@company.com) or group accounts. If there are additional mailboxes used to receive billing information that you would like to analyze, you can add them under Settings > Spend Settings.
‍
We’ve made it easier to consolidate SaaS usage by adding a new chart to the App Overview page showing similar apps in use at your organization. Now, you can visualize the adoption of apps with similar purposes and quickly assess how much their usage overlaps, helping you identify areas where you may be paying double.
‍
Nudge Security has introduced a chart within the App Overview pane to help you visualize app usage across different areas of your organization.
‍
Now, you can see how app usage breaks down by organizational unit, cost center, department, location, or organization, based on employee data from Google Workspace or Microsoft 365.
‍
Nudge Security has added the ability to discover and inventory multiple instances of the same app, enabling customers to identify and rationalize duplicate instances and shadow tenants.Â
‍
Previously, Nudge Security categorized some instance types as resources within an app. Now, we’ll display instances defined by a unique subdomain (ex, company.slack.com) in an Instances tab within the App Overview page. Within that same pane, we’ll also associate individual accounts with the instances they have access to.
‍
‍
We’ve added support for single sign-on with Okta, including the availability of Nudge Security in the Okta Marketplace. This enterprise-ready feature is available to all Nudge Security customers without requiring a subscription upgrade or otherwise paying any "SSO tax," which runs counter to our product principles.Â
‍
Read our documentation to learn how to configure SSO with Okta, or learn more about how you can expand your Okta coverage by integrating with Nudge Security.
‍
Nudge Security has released a new API to help you manage SaaS security and governance across your entire security ecosystem.Â
‍
You can use the API to automate critical security tasks, break down data silos between different tools, and centralize SaaS security data to make sure your entire team is working with the same information. For example, you can:
‍
‍
See our API documentation for more information on API functionality, recipes, and samples.
‍
Search results from Nudge Security’s main dashboard now include apps with no associated accounts at your organization, making it easier to evaluate apps before your organization begins to use them.Â
‍
Now, you can access security profiles for apps outside of your organization, including:
‍
‍
We’ve released a new dashboard to help you visualize and share the progress you’re making toward key SaaS security and governance metrics.Â
‍
With the new dashboard, you can:
‍
Check out today’s blog to learn more about these key metrics and how Nudge Security can help you improve them. Â
‍
‍
Nudge Security has released new app health statuses showing the operational state of the SaaS applications in use across your organization. Now, security and IT teams can see an at-a-glance view of the operational health of your organization’s SaaS applications and swiftly identify if a SaaS service is experiencing disruptions.
‍
‍
We’ve released new functionality to help you understand and address your company’s exposure to a recently disclosed Google OAuth vulnerability, including a new default notification rule and a new filter view to help you discover existing accounts. Now, all Nudge Security customers will receive alerts automatically when employees create new shadow Google accounts. Additionally, you can view a list of all the shadow Google accounts at your organization by visiting the Google Workspace app overview page, clicking on the Resources tab, and filtering by “Account alias.”
‍
Read our blog post to learn more about the vulnerability and how our new functionality can help.
‍
Nudge Security has introduced a new app directory to streamline the process of onboarding employees to SaaS applications. Now, security and IT teams can share a directory of approved SaaS apps with employees, making it easier for users to request access to apps that are in compliance with corporate guidelines and have already cleared security review and procurement processes.Â
‍
To get started, enable the app directory under Organization Settings and invite users to sign up for Nudge Security accounts with Personal View set as the user role. Note: Administrative privileges are required to change these settings or approve access requests for new users.
‍
Read our blog tutorial to learn more, or check out our interactive demo below.
‍
We've added a new dashboard to help you understand what AI tools are in use at your organization and who is using them.
‍
Now, you can:Â
‍
Read today’s blog to learn more or check out our interactive demo below.
‍
We’ve released a new playbook to help you equip your employees to engage with AI tools safely. Using the playbook, you can find all the AI tools your employees are using and nudge them to review and accept your AI acceptable use policy. (Note that administrative privileges are required to view and run the playbook.)
‍
With this new functionality you can:
Read today’s blog to learn more or check out our interactive demo below.
‍
We’ve released a new playbook to automate the process of removing abandoned accounts. Now, you can reduce unnecessary risks by minimizing your attack surface and eliminate wasted SaaS spend on unused accounts. Using the playbook, you can:
Learn more in today’s blog.
‍
When Nudge Security identifies abandoned accounts at your organization, you may need help from a user with administrative privileges for that app to delete them. To help you identify users with admin privileges, Nudge Security automatically designates a technical contact for each application, starting with the first user of that app. You can also reassign technical contacts manually as needed.
‍
Now, Nudge Security has added the ability to nudge technical contacts to assist with deleting or suspending abandoned accounts and reclaiming unused licenses. The technical contact will receive a list of abandoned accounts and instructions to confirm once they have performed the appropriate actions. Once they confirm that the accounts have been removed, the account statuses will be updated automatically within Nudge Security.
‍
Nudge Security has added new ways for you to identify and track whether your employees’ accounts are still active, enabling you to delete abandoned accounts, reclaim unused licenses, and clean up orphaned data.Â
‍
Now, when you nudge users to ask if they’re still using an account, their answers will automatically apply account statuses within Nudge Security. In addition, for applications provisioned through SSO, Nudge Security will now automatically mark accounts as inactive after 90 days of inactivity.Â
‍
To visualize this information, we’ve added a graph displaying account statues on each application’s overview page that can be changed manually or updated automatically in the following ways:Â
‍
‍
We’ve just released a new playbook that guides you through complete employee offboarding in alignment with Google and Microsoft best practices and automates common SaaS offboarding tasks, so you can transition employees securely and completely every time.Â
‍
Now, you can:
‍
Check it out in the interactive demo below, and read more about it in today’s blog.
‍
We’ve just released the ability to revoke OAuth grants for Google Workspace and Microsoft 365 directly within Nudge Security. This new feature builds on the OAuth risk scores we delivered earlier this year by making it faster and easier to respond to risky OAuth grants. We’ve also added more context to our OAuth overviews to help you understand the permissions a grant has authorized. When Nudge Security shows you an OAuth grant with overly-permissive scopes, you can revoke it in just two clicks.Â
‍
With this new functionality, you can:
‍
Check it out in the interactive demo below, and read more in our blog post.
‍
We’ve released a new feature to give you more visibility of groups at your organization and their privacy settings, along with how and when they’re being used to create shared accounts.Â
‍
The new group analysis functionality allows you to:
‍
‍
Learn more about the security risks of using groups for SaaS access in our blog post.
We’ve released a new view to show the history of all the nudges your organization has sent in one centralized page, making it easier for you to follow the messages you’re sending to employees. You can also see the nudge history for each individual application at your organization.Â
‍
With this new view, you can:
‍
We’ve just released a brand new Slack integration to help you reach employees right where they’re working.Â
‍
With this new functionality, you can:
‍
Take a tour of the new functionality below:
‍
‍
Learn more about the power of nudging with Slack in our latest blog post.
Today, we’ve enhanced our SaaS access management support and Azure AD integration with a new automated playbook to streamline the process of onboarding applications to Azure AD SSO.Â
‍
With this new playbook, customers and trial users can:
‍
‍
Read more about how Nudge Security supports SSO onboarding, including this new functionality, in our latest blog post.
We’ve just released a new automated playbook to make running SOC 2 access reviews with Nudge Security even easier.Â
‍
Now, customers and free trial users can:
‍
Here’s an interactive tour of the new feature:
‍
‍
For a closer look, read the release blog post here.
We recently added a new attack surface dashboard, so you can readily monitor your cloud and SaaS attack surface as it changes.Â
‍
Leaning on our security expertise and experience, we organize the data we discover about your SaaS estate and supply chain into key focus areas, including:
‍
‍
Here’s an interactive tour of the new feature:
‍
To learn more about how it works and how you can modernize your attack surface management strategy with Nudge Security, check out our blog.
Today, we released a new OAuth risk scoring feature and improved the way we visualize and classify OAuth grants for easier management and risk prioritization. Additionally, you can now build custom notification rules based on flexible OAuth criteria, including setting an OAuth risk score threshold.
‍
Here’s an interactive tour of the new and improved features:
‍
‍
For more information about these new capabilities, read our release blog post here.
‍
As always, we encourage your feedback!
Nudge Security customers can now subscribe to SaaS breach notifications.Â
‍
When a data breach disclosure is discovered for a third- or fourth-party SaaS provider in your SaaS supply chain, Nudge Security will send you an email notification, alerting you to the potential impact of the breach. Here’s a recent example we sent to customers:
‍
‍
So, now whenever a SaaS data breach hits the headlines, you can quickly determine if your organization is in the blast radius.
‍
To subscribe to breach notifications in the product, go to Settings and check “Receive breach notifications.”
‍
‍