In relation to conserving SaaS stacks safe, IT and safety groups want to have the ability to streamline the detection and remediation of misconfigurations with a view to greatest defend their SaaS stack from threats. Nevertheless, whereas firms undertake increasingly apps, their enhance in SaaS safety instruments and workers has lagged behind, as discovered within the 2022 SaaS Safety Survey Report.
The survey report, accomplished by Adaptive Defend together with Cloud Safety Alliance (CSA), dives into how CISOs right now are managing the rising SaaS app assault floor and the steps they’re taking to safe their organizations.
The report finds that at the very least 43% of organizations have skilled a safety incident because of a SaaS misconfiguration; nonetheless, with one other 20% being “not sure,” the true quantity may very well be as excessive as 63%. These numbers are significantly hanging when in comparison with the 17% of organizations experiencing safety incidents as a result of an IaaS misconfiguration.
Bearing this in thoughts, the query follows: how briskly are SaaS misconfigurations detected, and the way lengthy does it take to remediate the problem? In an effort to reply these questions, it is vital to make a distinction between organizations which have applied an SSPM answer and those who haven’t.
Handbook Detection and Remediation
For organizations which are but to onboard an SSPM, the IT and safety groups can solely manually verify the apps’ many configurations to safe their SaaS stack. This implies safety groups have to not solely be on high of remediating misconfigurations but in addition conduct common safety checks with a view to detect any of those misconfigurations manually. The longer both of those actions takes to be accomplished, the longer the corporate is uncovered to threats.
Learn to quick monitor SaaS safety detection and remediation>>>
One of many main issues for organizations’ safety groups is the overwhelming quantity of guide work. Corporations right now are reliant on dozens upon dozens of business-critical apps, every with a whole bunch of configurations, which then must be set in response to the a whole bunch to hundreds of workers.
Practically half (46%) of the survey respondents, as seen in determine 2, verify their SaaS safety month-to-month or much less often, and one other 5% do not verify in any respect. It appears that evidently safety groups are overwhelmed with the workload and are struggling to remain on high of all of the settings and permissions. As organizations proceed to undertake increasingly apps, their hole of visibility into all configurations grows.
 |
| Determine 2. Frequency of SaaS Safety Configuration Checks |
When a safety verify fails, safety groups should then go in and perceive why precisely the verify failed and the perfect plan of action to repair it. Roughly 1 in 4 organizations, as seen in determine 3, take one week or longer to resolve a misconfiguration when remediating manually. Total, safety groups attempting to handle their SaaS safety shouldn’t be solely overwhelmed however are additionally, in flip, leaving the group uncovered for an extended time frame.
Get a fast 15-minute demo on the best way to spot and repair your SaaS misconfigurations
 |
| Determine 3. Size of Time to Repair Saas Misconfigurations |
How SSPM Quick Tracks Remediation and Detection
Organizations utilizing SSPM, like Adaptive Defend, are capable of full safety checks extra typically and repair misconfigurations inside a shorter time-frame. An SSPM permits safety groups to conduct frequent checks in compliance with each business requirements and firm coverage. The 2022 SaaS Safety Survey Report discovered that almost all of those organizations (78%) run safety checks as soon as per week or extra typically, as seen in determine 4.
 |
| Determine 4. Comparability of Frequency of SaaS Safety Configuration Checks |
When a misconfiguration is detected, 73% of organizations utilizing an SSPM resolved it inside a day, and 81% resolved it inside the week, as seen in determine 5. An excellent SSPM answer, nonetheless, is not going to solely consider failed safety checks brought on by misconfigurations however will even assess threat and configuration weak spot — and supply actual instruction on the best way to remediate the problem.
 |
| Determine 5. Comparability of Size of Time to Repair Misconfigurations |
Conclusion
SSPM not solely reduces the workload on safety groups but in addition eliminates the necessity for them to be specialists on every SaaS app and its settings. The information introduced within the 2022 SaaS Safety Survey Report highlights the drastic variations between firms utilizing SSPM and people not, exhibiting how helpful an SSPM, like Adaptive Defend, is to SaaS safety detection and remediation.
