Axonius, a leader in cybersecurity asset management and SaaS management, releases today capabilities within Axonius SaaS Management to help companies manage their SaaS application security posture and mitigate risks. Actions and automations features help to close the loop between discovering and mitigating SaaS security issues while also helping IT and security teams focus on specific challenges and use cases, including employee offboarding, user account de-provisioning and API extension removal.
These features are intended to decrease SaaS security risks while empowering IT and security teams to spend time-solving problems that matter most to their organizations.
“SaaS has completely changed the way organizations operate, most notably offering greater scalability and flexibility,” said Amir Ofek, CEO of AxoniusX, the innovation unit of Axonius. “But SaaS has also introduced a lot of unknowns, and there is an increasing lack of insight into how sensitive data is being stored and used across various SaaS applications, with many SaaS users having excessive permissions. Our new capabilities in Axonius SaaS Management solve these challenges by giving organizations greater ownership and control over accessibility, configurations, and SaaS security operations.”
The capabilities within Axonius SaaS Management help reduce the required effort from the security and Identity and Access Management (IAM) teams while ensuring quick impact in reducing the attack surface and improving the SaaS security posture. These include:
- User Suspension – Allows IT and security teams to suspend SaaS access for select critical applications for inactive, unused, or suspicious user accounts. It also gives organizations a chance to optimize SaaS spend by de-provisioning these user accounts.
- Extensions Removal – Terminates API extensions or fourth-party applications that are granted access to the organization’s SaaS applications by users, whether knowingly or by mistake. This feature is critical when it comes to terminating newly discovered extensions with unapproved apps given access to various sensitive data, like email accounts, cloud drives, etc.
- Workflow Automation – Ensures security teams have timely alerts on various SaaS security risks around configurations, user access or behavior and more. Organizations can set up pre-defined actions or send specific data and alerts automatically or manually to specific teams and app owners via different solutions, including email, Slack, or via webhook automation (allowing integration with workflow automation tools such as Workato or Tines)
- Pre-Built and Custom Reports – Includes overviews of users with excessive permissions or admin credentials, inactive and unused user accounts, existing offboarding gaps, and more – all of which are essential information for IT management and SaaS security operations, compliance, or internal reporting needs.
Each of these capabilities leverages the recently announced Behavioral Analytics and SaaS App-to-Device Correlation to provide organizations with comprehensive visibility across SaaS apps, devices, and users in the organization’s environment. Combined with an extensive portfolio of SaaS Security Posture Management (SSPM) features, organizations can more effectively streamline efforts to manage and continuously reduce the SaaS attack surface.
For more, visit Axonius.com.