Earlier today, we announced the launch of new SaaS security posture management (SSPM) capabilities available to all Nudge Security customers and trial users as part of our complete SaaS security and governance solution. Our new SSPM capabilities for Google Workspace and Microsoft 365 continually monitor your identity infrastructure for critical misconfigurations and risks related to users, groups, and integrations.
In this post, we’ll explain how you can use Nudge Security to find and fix such issues to help strengthen your SaaS security posture.
And, you can join us on September 19th for a live demo.
SaaS security posture management is the continuous process of detecting, prioritizing, resolving, and reporting on potential security risks related to an organization’s SaaS ecosystem. Risks often include missing or misconfigured security settings native to a SaaS application as well as risks associated with SaaS user identities (e.g., MFA disabled), permissions or entitlements (e.g., over-privileged access), data sharing policies, or integrations with other services or “non-human identities.”
The goal of SSPM is to help security organizations protect their SaaS attack surface data by ensuring that their SaaS assets are securely configured and protected at all times. This is no easy feat considering the highly dynamic nature of SaaS services. App provider-side changes, end user actions, and integration failures can all lead to “drift” away from an ideal state, which SSPM solutions address through continuous SaaS security monitoring.
The big problem we see with conventional SSPM solutions on the market is that they often start (and end) with an API integration with a SaaS application. While this authenticated connection affords deeper visibility into an app environment and may enable some automation in resolving misconfigurations or other risk, it also carries a number of limitations:
Given these limitations, we took a different approach to SSPM, building on the foundational capabilities and design principles of our platform.
Nudge Security stands apart from conventional SSPM solutions in several key ways:
By avoiding the limitations of an API-based approach and distributing difficult-to-automate resolution tasks to the right people, Nudge Security offers near-immediate time to value with every setup. We can discover and inventory the full extent of your SaaS estate—including both known and unknown applications.
Here’s how to get started with Nudge Security’s SSPM solution:
Nudge Security’s SSPM capabilities leverage the same integration point as our SaaS discovery: a single, lightweight API connection with Google Workspace or Microsoft 365. So, for our customers already using Nudge Security, there’s no setup or configuration required to get started with SSPM. (Bonus: there’s no additional cost either.)
If you’re new here, learn more about our Google Workspace and Microsoft 365 integrations.
Nudge Security continually monitors your Google Workspace or Microsoft 365 environment and generates findings for:
We summarize findings in a posture dashboard, which gives you an overview of your overall posture and coverage and helps you monitor resolution efforts and your SSPM progress overtime.
Not all SaaS risk is created equal. That’s why Nudge Security defines a risk category and risk severity for each finding, so you can filter and prioritize resolving the most critical risks first. Our posture dashboard displays top findings and users with the most findings to make it easy to get started.
When you click on any finding, you’ll see the context you need to assess the finding and decide whether to fix it or accept the risk.
The real kicker about managing your organization’s SaaS security posture is that the IT and security team may not even have the right access to the apps in question, let alone the time to log into every app to fix issues. That’s why our approach centers on distributing resolution tasks to the right people at the right time.
For each finding, Nudge Security shows you which resolution actions are available and auto-assigns a resolution owner based on the nature of the finding and the resource checked. For example, a finding related to a misconfiguration in Google Workspace would be assigned to the Google Workspace technical contact, whereas a Google account with MFA disabled would be assigned to the account holder (user) to resolve. You also have the option to re-assign the finding to another user.
From the findings detail panel, you can nudge the resolution owner with simple, context-aware remediation guidance. When the resolution owner confirms the fix (or asks for help), it’ll appear on the finding timeline and activity feed in the posture dashboard.
Confirmed-fixed findings move into a “verifying” status. Upon the next check, Nudge Security will mark these findings as either resolved or re-opened if the fix did not pass the rule check.
With this approach, you can orchestrate and oversee resolution efforts instead of doing all of the work yourself.
We’re just getting started with SSPM, and you should, too! With just a few minutes of setup, you can have a totally free assessment of your identity infrastructure security posture.
Start your free, full-featured, 14-day trial of Nudge Security to get started.
And, you can join us September 19th for our "SSPM-tember" product demo showing how it all works.
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur.
Block quote
Ordered list
Unordered list
Bold text
Emphasis
Superscript
Subscript