Data security authorization vendor Veza has announced a new solution for access security and governance across SaaS applications including Salesforce, GitHub, and Slack. Veza for SaaS Apps allows customers to automate access reviews, find and fix privilege access violations, trim privilege sprawl, and prevent SaaS misconfigurations – securing the attack surface associated with widespread SaaS app usage and enabling compliance with frameworks like ISO 27001 and GDPR, according to the firm.
Organizations maintain an average of 125 different SaaS applications, but IT is typically only aware of a third of those due to decentralized ownership and sourcing, according to Gartner. As SaaS apps grow in popularity, security teams face significant challenges in managing and protecting the spread of data they use, with security and governance typically failing to keep pace with the rise of SaaS app usage. Securing access is complicated due to app-specific role-based access controls that many SaaS apps use. Meanwhile, SaaS apps are vulnerable to privilege sprawl and risky misconfigurations if security teams lack visibility of them.