Back to news

Nudge Security extends SaaS security and governance solution with new SSPM capabilities

New features address critical identity risks and misconfigurations in Google Workspace and Microsoft 365.

September 12, 2024
Nudge Security

AUSTIN, TX, September 12, 2024 – Nudge Security today unveiled new SSPM (SaaS security posture management) capabilities for its SaaS security and governance platform. This enhancement creates the industry's most comprehensive solution of its kind, combining SaaS discovery, security posture management, spend management, third-party risk, and identity governance in a single, self-service offering that deploys in minutes.

‍

As digital identities become prime targets for cyber threats, organizations are prioritizing efforts to strengthen and monitor identity infrastructure. Nudge Security's SSPM capabilities enable IT and security teams to quickly identify and address identity risks and misconfigurations in their Google Workspace and Microsoft 365 environments, as part of the platform's comprehensive SaaS security and governance capabilities.

‍

“SSPM is crucial for any organization's SaaS security strategy, but it's only one piece of the puzzle," said Russell Spitler, CEO and cofounder of Nudge Security. "While most SSPM solution providers begin and end with API integrations into a handful of known SaaS applications, Nudge Security tackles the broader SaaS security problem. We begin by discovering an organization's entire SaaS ecosystem—applications, identities, and integrations—on Day One, and then provide critical risk insights and automation workflows that enable our customers to prioritize, plan, and execute their SaaS security and governance program end to end.”

‍

Nudge Security's new SSPM capabilities continually monitor technical controls for Google Workspace and Microsoft 365 against a set of common misconfigurations and security risks  included in CIS security benchmarks, enabling customers to:

  • Surface identity risks like delegated email access, inactive privileged accounts, email forwarding outside of the organization, and other evidence of excessive or insecure access.
  • Detect SaaS-to-SaaS integration risks, including unused OAuth grants with privileged access, active integrations associated with inactive users, and unapproved grants with risky scopes.
  • Address critical misconfigurations such as high-risk or unrestricted groups, missing SSO or MFA, suspicious email audit rules, and domains without full DMARC configuration and enforcement.
  • Prioritize findings based on risk severity
  • Resolve issues efficiently with nudge workflows that guide the right stakeholders through remediation tasks.

‍

For more, join Nudge Security for a live product demo on Thursday, September 19, 2024.

‍

About Nudge Security

Nudge Security helps modern organizations manage SaaS security and governance at scale by working with employees, not against them. With an innovative, patented approach to SaaS discovery, Nudge Security empowers IT and security teams to regain control of their security posture and minimize time spent on administrative work. Nudge Security was founded in 2021 by Russell Spitler and Jaime Blasco and is backed by Ballistic Ventures and Forgepoint Capital.

‍

Learn more at www.nudgesecurity.com and follow Nudge Security on LinkedIn.