Today, our team at Obsidian Security has been recognized as a Strong Performer by The Forrester Wave™: SaaS Security Posture Management, Q4 2023. We believe such acknowledgment is reflective of the work that has been done to build a team and a product that indeed provides true value to our customers, and we are thrilled to have received it.
When we began this journey, it was clear that SaaS security had been neglected by the vendor community, and we had failed to provide our customers with the tools they needed to succeed. As a community, we had not considered the risks posed by SaaS, how those risks should be managed in an enterprise environment, and, most importantly, what part the security team plays in that journey. The revolution of SaaS in enterprise environments has changed how businesses purchase, consume and leverage software, bringing agility and innovation in ways previously not considered. Such a series of changes should have shown us as a community that we needed to innovate how we think about securing this new segment.
Over the last five years, we have helped lead the discussion from its inception, innovating, where many asked, “Do we need SaaS Security?” to an acknowledgment that SaaS brings with it new and exciting challenges for the security team, some of those technical, but many of those organizational.
The next five years will be even more exciting as we refine, adapt and innovate to secure the SaaS ecosystem. Our vision requires us at Obsidian Security to enable our customers to truly protect their SaaS estate.
Attackers are increasingly leveraging identity-centric attacks to compromise organizations; we should only expect this to increase as generative AI allows attackers to mimic employees’ voices and LLMs allow social engineering to scale in ways not previously possible. Obsidian has been a true innovator in detecting and preventing attacks where the attacker may never even touch the enterprise devices or network, especially in places such as token theft and replay. As we evolve, we will be the glue that connects the SSO, the IDP and the applications, how they are being used, by whom and ensuring that attackers do not exploit this vulnerability.
SaaS provides value by allowing us to manage and use the electronic gold that is data in new and exciting ways. Data moves between our data center to our SaaS applications to third and fourth parties at speeds that can be frightening. Obsidian delivers a world-class experience in understanding and managing that connectivity, identifying, understanding and mitigating the risk as we move forward; we will provide control and protection for your most sensitive data, how it is transferred, to whom and when.
Empowering the security team to assist the diverse application owners in their enterprise to be more secure is a fundamental part of SaaS Ecosystem Security; it is, after all, the origin of the SSPM name. As we dive deeper into managing the posture of your applications, driving business value with secure usage and deployment. Key to this are two core concepts:
- Shifting left by driving the concept of SecDevOps into SaaS and providing the tools and mechanisms to bring a proven approach into the SaaS world.
- Working with enterprises and SaaS vendors to drive standards into SaaS compliance and configuration. Common APIs and syntax are key to enabling enterprises to scale and achieve the outcomes they owe their customers and shareholders.
Obsidian has only just begun to innovate and build, I am excited at what the next five years brings in our journey to secure SaaS.
