Arye Zacks

Sr. Technical Content Specialist
Arye takes complicated concepts and makes them easy to understand. A gifted storyteller with a marketing background dating back to the 90s, he knows how to engage readers with stories that address the challenges they face. Oh, and he is beloved for his skills on the grill and smoker.

Blog posts by

Arye Zacks

SaaS Compliance through the NIST Cybersecurity Framework

The NIST cybersecurity framework is one of the world's most important guidelines for securing networks. It can be applied to any number of applications, including SaaS. In this article, we'll explore some universal configurations, explain why they are important, and guide you in setting them in a way that improves your SaaS apps' security posture.

Automating the Remediation Process: Connecting Your SSPM and SIEM/SOAR

While SSPMs find security misconfigurations and identify high-risk elements within the SaaS stack, it is the SOAR-driven automated remediation that is essential to limiting risks and handling these threats. Read our blog to learn how SSPM and SOAR work together in action.

The Fast Evolution of SaaS Security from 2020 to 2024 (Told Through Video)

Over the last few years, the access vectors to SaaS data have widened well beyond misconfiguration management, as explained by these videos. This blog article breaks down the fast evolution of SaaS security from 2020 to 2024, including videos on key topics.

New Year’s Resolution: 5 Steps to Clean Out Your User Inventory

As we near the end of 2023, it's an opportune moment to assess your roster of SaaS users. Beyond the potential cost savings from eliminating unnecessary license fees, maintaining a well-organized user inventory plays a crucial role in fortifying the security of your SaaS applications. Here are five compelling security reasons to clean your user list.

Your Guide to Offboard Users from Your SaaS Apps

With 31% of ex-employees having access to critical company data stored on SaaS apps, organizations need to efficiently and effectively offboard users to reduce this risk and ensure a secure SaaS stack. The NEW Offboarding Guide provides organizations with a step-by-step on how to ensure all ex-employees are properly offboarded.

How to Handle Retail SaaS Security on Cyber Monday

Everyone's favorite retail store holiday relies heavily on SaaS apps to facilitate every sale, inventory check, and delivery. While retailers are hyper-focused on sales for Cyber Monday, they must also remain vigilant in protecting their entire SaaS app stack.

Top 5 Marketing Tech SaaS Security Challenges

Marketing professionals are dependent on apps like Salesforce, Hubspot, and Outreach to enable Marketing professionals to develop and execute marketing campaigns. However, just like any other SaaS apps, these tools present their own set of SaaS security challenges that organizations need to handle.

Right Sizing Permissions Across the SaaS Stack

Customizing permission sets that match the needs of employees is not always easy, but right-sizing permissions across the SaaS stack is crucial in keeping data protected.

7 Steps to Kickstart Your SaaS Security Program

A 7-step breakdown of Kickstart Your SaaS Security Program guide that explores the challenges inherent in SaaS security, shows why SaaS security became a top priority for most CISOs, and provides nuts-and-bolts guidance on how to establish the foundations of a strong SaaS security strategy.

GitHub: Leakier than an Unsecured S3 Bucket

Simple Storage Service (S3) buckets in Amazon Web Services (AWS) have been known to be the leakest buckets, but recently analysts have started referring to GitHub as the new S3 bucket, find out why.

Understand Your SaaS Security Challenges: Use Cases Overview

SaaS security is not a new problem, however, the attack surface has widened. It started with managing misconfigurations and now goes far beyond.

SaaS in the Real World: How Global Food Chains Can Secure Their Digital Dish

Like all businesses, franchises need to prevent their data from falling into the hands of threat actors. However, food franchises also pose a unique challenge as restaurants are often individually owned while still operating under the same organization.

Why Telecoms Struggle with SaaS Security

Telecom companies are facing challenges when it comes to securing their SaaS applications. This is due to the complexity of the SaaS model and the fact that telecom companies are not always equipped to handle the unique security requirements of SaaS.

Think Before You Share the Link: SaaS in the Real World

There are essentially two ways to share files and documents out of a SaaS application: Make the resource available to specific users or make it available to "anyone with a link". Many users think that the latter is far more convenient, but the truth is that it opens organizations to significant risk.

How to Apply NIST Principles to SaaS in 2023

NIST is considered a leading authority in the field of global cybersecurity standards. Understanding how to set these standards for your SaaS ecosystem security may be challenging but is crucial.

SaaS in the Real World: Who’s Responsible to Secure This Data

When SaaS apps first grew in popularity, it wasn't clear who was responsible for securing the data/ Nowadays, most security and IT teams are aware of the shared responsibility model, where the provider is responsible for the app and the organization is responsible for the data. The bigger question today is where does the data responsibility lies on the organization's side?

What Are the Cyber Risks with SaaS?

Oftentimes, security teams assume that data stored within SaaS apps is less sensitive than other corporate IP and accept that the security tools built into the SaaS app are strong enough to provide adequate protection. This assumption, however, is leaving critical data exposed online, putting organizations at risk of data exposure, ransomware, and regulatory fines.

SaaS Security Posture Management (SSPM) as a Layer in Your Identity Fabric

The move to SaaS and other cloud tools has put an emphasis on Identity & Access Management (IAM), and the tools used to define IAM make up its identity fabric. Unfortunately, these tools are being pushed to their limits due to decentralized IT, evolving threats, and zero-trust tools. An SSPM solution helps add a layer to an organization's identity fabric by enabling continuous monitoring and suspicious behavior alerts.

Why Do User Permissions Matter for SaaS Security?

User permissions are considered a headache to configure by both admins and users, but they remain crucial to protect organizations from both external attacks and internal data-sharing errors.

SaaS in the Real World: User Access After Downsizing

Over the last year, we’ve seen increasing evidence of an upcoming recession. While no one knows exactly what 2023 will bring to the labor market, organizations need to be prepared for potential downsizing.

SaaS in the Real World: M&A Due Diligence

As executives are planning an acquisition or divestiture within the next 12-18 months, M&A due diligence is key to business resurgence, strategic growth, and capability expansion. Unfortunately, one area that’s often overlooked during M&A due diligence is a target company’s SaaS landscape.
Awards:
2023 Adaptive Shield. All rights reserved