Quote

Obsidian discovered 1,964 active apps that had not been admin-approved. 91% could be turned off, which drastically minimized our attack surface.

6-Reasons-Why-Financial-Institutions-Need-Media-Monitoring-large

Chief Information Security Officer

Leading Financial Institution

The Challenge

https://www.obsidiansecurity.com/wp-content/uploads/2024/07/Mini-Icons-29.svg

Shadow SaaS App Inventory Grows 25% Every 60 Days

https://www.obsidiansecurity.com/wp-content/uploads/2024/05/difficult-20.svg

App-to-App Connections Move 10x More Data Than Users

https://www.obsidiansecurity.com/wp-content/uploads/2024/05/1.png

Shadow SaaS Creates
Unwanted and Duplicative Spend

The Obsidian Approach

Shadow-SaaS-Unfederated-Apps

Discover: Create a Comprehensive Inventory of Applications

  • Integrated with identity providers (IdPs) for seamless connectivity
  • Provides a detailed inventory of all OAuth integrations across SaaS apps, identifying overpermissioned and unused connections
  • Monitors browser activity to capture app usage patterns and flag OAuth-enabled apps with elevated permissions
  • Analyzes email headers and access token duration to uncover app-to-app interactions and flag risky authorizations
Shadow-SaaS-Anthropic

Collect & Analyze: Identify Authorized but Unfederated Apps

  • Detect all sanctioned, federated, and unfederated OAuth applications that bypass your IdP, increasing the risk of unauthorized access
  • Gain insights into user details, login frequency, and authentication methods (passwords or SSO)
  • Spot shared service accounts for better risk assessment
  • Distinguish corporate from personal app usage
  • Pinpoint apps that pose real data risks
Screenshot 2024-11-15 at 1.11.21 PM

Respond: Receive Targeted Alerts for Shadow SaaS

  • Analyze Shadow SaaS interactions with key business apps (e.g., Microsoft 365, Salesforce, Workday)
  • Identify both active and inactive OAuth integrations for complete visibility, prioritizing deactivation of unused connections 
  • Correlate integrations with risk factors like elevated permissions, long-lived tokens, and suspicious access behaviors
  • Gain clear visibility into inactive and overpermissioned integrations to prioritize risk mitigation effectively and control SaaS-related expenses

Other Posture Management Use Cases

Reduce the SaaS Attack Surface

Discover and manage your SaaS integrations to reduce your attack surface.

Learn more

Govern App-to-App Data Movement

Avoid data breaches and non-compliance by managing risky data movement.

Learn more