In recent weeks, we've seen another wave of high-profile security incidents at SaaS providers in IT infrastructure, security, and developer spaces. CircleCI and LastPass are the latest to join a growing list of companies (Okta, Twilio, Mailgun) in these spaces that have been the target of recent attacks.Â
‍
These types of SaaS services are used to build, deliver, and secure other SaaS services. Along with IaaS and PaaS, they create the foundation for our modern SaaS economy. So, when one experiences a data breach, it can create a ripple effect of risk across the entire SaaS supply chain.Â
‍
When this happens, risk management leaders need to quickly assess the potential impact to their organizations. Yet, this hasn’t been easy. SaaS supply chains are dynamic, and conventional SBOMs no longer reflect the reality of what underlying services your vendors are using at any given moment. What’s more, SaaS providers in IT infrastructure, security, and developer spaces are making it increasingly easy for individual users to get started with “freemium” accounts. This makes it a challenge to even keep track of what SaaS services your own employees are introducing into the organization, and even the CI/CD.Â
‍
This leads to too many wild goose chases in the aftermath of a SaaS provider breach. For example, if you woke up to the news of the recent CircleCI security incident and wanted to assess your impact, your process might have looked something like this:
‍
‍
This is a highly inefficient process and difficult to run, especially when your C-Suite is asking you for rapid updates.Â
‍
In contrast, Nudge Security can help you to get definitive answers to these questions in a matter of minutes:Â
‍
Here’s how you can use Nudge Security today to assess the impact of the CircleCI incident.
‍
If you haven’t already signed up for a free 14-day trial of Nudge Security, now would be a great time to get started. It takes just a few minutes to set up and doesn’t involve any network configs, agents to deploy, or integrations with your known SaaS providers. You can learn more about how it works here.
‍
‍
Nudge Security discovers every cloud and SaaS asset ever created by employees in your organization. You can search by SaaS application name or SaaS category (we auto-categorize for you.)
‍
‍
For every SaaS application, you see how many accounts and users are in your organization, the age of the accounts, who the first user was (often the default administrator), and what authentication methods are used to access the application. You can nudge the users to take some security measures during a breach, and you can set up notifications to monitor adoption of the service or service category.
‍
Nudge Security provides visibility into OAuth grants, so you can see which other SaaS applications are connected to the service in question and the scopes granted. In the CircleCI example, this is especially useful given that the organization is advising customers to rotate tokens granted to other services, such as Github, Slack, and Jira.
‍
‍
Nudge Security provides information on publicly disclosed security incidents for your SaaS suppliers and as well as your extended SaaS supply chain or 4th-party suppliers, so you can effectively monitor your SaaS attack surface. Nudge Security will send you email notifications whenever we identify a new security incident in your SaaS supply chain.
‍
‍
‍
If you have any questions about how Nudge Security works, how to get the most out of your free trial, or navigating the steps above, feel free to schedule time with our team.