Axonius announced the release of two new capabilities within Axonius SaaS Management
December 2022 by Marc Jacob
Axonius announced the release of two new capabilities within Axonius SaaS Management to help organisations better understand their overall SaaS application risk. Behavioural Analytics and SaaS App-to-Device Correlation allow IT and security teams to gain added visibility and context into the users and devices accessing SaaS applications, and whether suspicious activity is occurring for critical SaaS apps.
SaaS continues to represent an ever-expanding component of an organisation’s attack surface. Not only does the increase in adoption of SaaS applications change IT and security operations, it also adds new role and skill expectations for IT and security team members – like using already scarce resources to track organisation SaaS app utilisation and identify misconfigured SaaS settings potentially exposing sensitive data. All of this adds to more complexity and can have a profound impact on an organisation’s security posture.
SaaS App-to-Device Correlation
SaaS App-to-Device Correlation helps understand if unmanaged and unauthorised devices are being used to access various SaaS apps. By leveraging Axonius Cybersecurity Asset Management and its hundreds of adapters across the technology stack, Axonius SaaS Management will now automatically correlate each SaaS user to their associated devices and provide a more comprehensive view of an organisation’s security posture. Organisations will now have visibility into unmanaged or unauthorised devices accessing SaaS apps, and be able to decrease the risk of data loss.
Over the past year, we’ve seen an increase in data breaches originating from SaaS applications. For example, the Okta breach in early 2022 demonstrated how one compromised SaaS application can often have a domino effect throughout an entire organisation.
By adding Behavioural Analytics capabilities within Axonius SaaS Management, organisations will gain visibility into user behaviour within SaaS applications over time – and be able to detect any anomalies or suspicious activity that could pose organisational risk. The solution aggregates log data across various sources, including Okta, Microsoft Azure AD, and Google Workspace, to identify suspicious activity, events, and complex behavioural patterns. As a result, Axonius helps facilitate in-depth investigations by the incident response and SOC teams within the organisation.
Beyond identifying suspicious behaviour, the behavioural analytics capability can help organisations investigate temporary privileges granted for existing users, identify anomalous login activities that deviate from the user’s normal activity and other baselines, minimise data theft or leakage of confidential data, and more.