Organizations are faced with an increasing volume of attacks from a constantly evolving threat landscape. Cybersecurity is largely a game of cat and mouse—with attackers and IT security professionals taking turns leapfrogging each other’s capabilities—and digital transformation, accelerated dramatically by the COVID pandemic for many companies, has expanded the attack surface and created new opportunities for attackers. Thankfully, the rise of detection and response offerings strives to change the game and provide more effective protection. Qualys introduced a new service this week—Qualys SaaS Detection and Response (SaaSDR) to help customers defend SaaS applications and platforms.
It wasn’t that long ago that everything suddenly seemed to become “as-a-service”. If it exists at all—whether software, infrastructure, platform, or a myriad of other options—pretty much anything in technology can have an “aaS” thrown on the end and be offered “as-a-service”. Now, it seems the focus has shifted to detection and response. We started with endpoint detection and response (EDR), which has evolved to extended detection and response (XDR), and now SaaS detection and response (SaaSDR).
Pros and Cons of SaaS
SaaS platforms like Office 365, Google Docs, and Salesforce, and applications like Zoom have been crucial in enabling companies to shift overnight to working remotely during COVID pandemic lockdowns. The ability to access cloud-based applications and data from virtually any device and location has played an essential role in helping maintain productivity in these unprecedented times.
They also pose some unique security concerns as well, though. Just as with cloud hosting and cloud services in general, there is a shared responsibility model that organizations need to be aware of when it comes to SaaS platforms and applications. The vendor will generally own responsibility for protecting the backend infrastructure the platform or application runs on, and for securing and patching the application itself, but what you do with it and the data you place in it is your burden to protect. Essentially, the SaaS provider will secure the things they are providing, but everything you do with it is still your responsibility.
“As applications migrate from on-premises to IaaS and subsequently SaaS, blind spots develop for security analysts as traditional security tools do not have the necessary visibility for SaaS application stacks,” said Frank Dickson, program vice president, security products at IDC, in a Qualys press release. “The reality of the SaaS shared responsibility model is the application of security and maintenance in a SaaS context is fundamentally different as the SOC does not have control of the operating system and application layer. The security, hygiene and management have to be applied using an API-centric approach, leveraging data and identity disciplines.
Qualys promises a streamlined solution that gives customers a single console that provides comprehensive visibility and the monitoring and management of security across the whole environment. According to the press release from Qualys, the SaaSDR offering specifically provides:
User and Device Visibility – Automatically inventory SaaS application users and user groups (internal and external) along with the files and folders users own and can access. It also gathers detailed information on endpoints, such as an asset’s details, location, running services, installed software and more, all in a single, unified view.
Powerful Access Controls – Get complete control over users and data access rights to quickly review and granularly assign the proper access levels – all from a single interface.
Data Exposure Insights – Shine a spotlight on SaaS applications and third-party apps to immediately identify security weaknesses like incorrect permissions, at-risk files, file changes, misconfiguration issues, critical vulnerabilities, and exploits using advanced threat intelligence.
Security and Compliance Posture – Realize continuous and automated security posture and configuration assessments for SaaS applications along with enforcement of compliance aligned with industry benchmarks like O365 via CIS, PCI-DSS, NIST, and CIS.
Assess Risk – Leverage the Qualys Cloud Platform to correlate SaaS application data insights such as user access rights and data exposure, with additional security telemetry, like user location, time of access, file changes, host vulnerabilities and configurations, advanced threats, and more to manage risk.
Protect Your SaaS Environment
Qualys SaaSDR is generally available now. Pricing starts at $20 per user per SaaS application. You can participate in the free trial of Qualys SaaSDR by clicking here: www.qualys.com/trySaaSDR. Qualys is also hosting a webinar on March 3 titled Navigating the SaaS Technology Stack for Continuous Visibility and Compliance if you’re interested in learning more.