SaaS apps have become the “easy button” for organizations seeking a fast and simple way to make foundational business apps available to their employees. According to Gartner, “SaaS remains the largest public cloud services market segment, forecasted to reach $176.6 billion in end-user spending in 2022,” growing 14% over 2021. And according to research by Netskope, the average company with 500–2,000 employees had 805 distinct apps and cloud services in use during the first half of 2021.
The growing SaaS app security challenge
Cloud access security brokers (CASBs) can be used to protect SaaS apps and often have both API-based and inline protections that can be used to control access, protect data, and even block threats and malware. However, when it comes to governance and compliance issues, CASBs were not designed for continuous monitoring of SaaS app configurations and security settings. Each SaaS app is unique and can have tens or hundreds of global settings to monitor and manage, and compliance admins can be quickly overwhelmed when responsible for monitoring a large number of SaaS apps. Often, they’re forced to increase the time between manual configuration checks or stop monitoring certain apps altogether.
These are the challenges that first generation SaaS security posture management (SSPM) solutions were designed to address. For example, Netskope SSPM was initially built to consolidate and monitor an array of SaaS app configuration and security settings from within a single console, and excels at helping security practitioners minimize risky configurations, prevent configuration drift, and ensure compliance. It’s also great for configuration hardening, tracking public compliance metrics, user management, and automating common security tasks.
However, as organizations become evermore reliant on SaaS apps, security analysts are increasingly being tasked with protecting them and the growing amount of sensitive information they store. Security analysts understand that your environment is constantly changing, and that all connected resources form a