SaaS Exposed: Unmasking Cyber Risks in Cloud Integrations

<p><a href="https://www.linkedin.com/in/luke-jennings-042b5619b/?originalSubdomain=uk" rel="noopener noreferrer" target="_blank">Luke Jennings</a>, VP of Research & Development at Push Security joins Wendy Zenone and Nic Fillingham on this week's episode of The BlueHat Podcast. Luke explains his recent presentation on a new SaaS cyber kill chain, exploring how attackers might target modern organizations heavily reliant on cloud and SaaS services, even when traditional infrastructure is minimal. The latest kill chain involves developing attack techniques specific to this environment, covering topics like lateral movement without conventional network infrastructure and adapting known techniques such as password guessing attacks to the SaaS landscape. Luke, Wendy, and Nic discuss the complexities of SaaS security, the intricacies of evil twin integrations, detection challenges, mitigation strategies, and the overall impact of these security issues on organizations. </p><p>  </p><p> </p><p><strong>In This Episode You Will Learn</strong>:    </p><p> </p><ul><li>Identifying malicious activities and understanding normal application behavior </li><li>The importance of having structured methodologies for approving SaaS app usage </li><li>Challenges organizations face in detecting and preventing SaaS application threats </li></ul><p> </p><p> </p><p><strong>Some Questions We Ask: </strong>    </p><p> </p><ul><li>How can an organization create alerts for new, unknown SaaS app integrations? </li><li>What happens when a SaaS app integration is duplicated by an attacker? </li><li>Would having a structured methodology for SaaS app usage help minimize risk? </li></ul><p> </p><p><strong>Resources:</strong>  </p><p><a href="https://www.linkedin.com/in/luke-jennings-042b5619b/?originalSubdomain=uk" rel="noopener noreferrer" target="_blank">View Luke Jennings on LinkedIn</a>  </p><p><a href="https://www.linkedin.com/in/wendyzenone/" rel="noopener noreferrer" target="_blank">View Wendy Zenone on LinkedIn</a> </p><p><a href="https://www.linkedin.com/in/nicfill/" rel="noopener noreferrer" target="_blank">View Nic Fillingham on LinkedIn</a> </p><p> </p><p> </p><p><strong>Related Microsoft Podcasts:</strong>  </p><p> </p><ul><li><a href="https://msthreatintelpodcast.com/" rel="noopener noreferrer" target="_blank">Microsoft Threat Intelligence Podcast</a>  </li><li><a href="https://afternooncybertea.com/" rel="noopener noreferrer" target="_blank">Afternoon Cyber Tea with Ann Johnson</a>  </li><li><a href="https://uncoveringhiddenrisks.com/" rel="noopener noreferrer" target="_blank">Uncovering Hidden Risks</a>  </li></ul><p> </p><p>   </p><p>Discover and follow other Microsoft podcasts at<a href="https://news.microsoft.com/podcasts/" rel="noopener noreferrer" target="_blank"> microsoft.com/podcasts</a>  </p><br /><hr><p style='color:grey; font-size:0.75em;'> Hosted on Acast. See <a style='color:grey;' target='_blank' rel='noopener noreferrer' href='https://acast.com/privacy'>acast.com/privacy</a> for more information.</p>

The BlueHat Podcast · Microsoft