A former cybersecurity intelligence officer in the IDF, Maor has over 16 years in cybersecurity leadership. In his career, he led SaaS Threat Detection Research at Proofpoint and won the operational excellence award during his IDI service. Maor got his BSc in Computer Science and is CEO and co-founder of Adaptive Shield. Oh and he is a globally-ranked chess player.
Blog posts by
SaaS Rootkit Exploits Hidden Rules in Microsoft 365
A vulnerability within Microsoft's OAuth application registration allows an attacker to create hidden forwarding rules that act as a malicious SaaS rootkit.
As the investment in SaaS apps continues, new critical SaaS challenges emerge beyond the classic use case of misconfiguration and user permissions management, such as SaaS-to-SaaS access and device-to-SaaS-user posture management. This blog will give a brief overview of the trends in SaaS security.
When threat actors decide to target your SaaS applications, they can use more basic to the more sophisticated methods. In this blog, I’m going to take you through a SaaS ransomware attack and discuss the 3 steps to protect yourself from being a victim.
Remember when cybersecurity was mostly about firewalls, VPNs, and antivirus software? Those days are long gone. Now one of the most prevalent places for exploitation has to do with misconfigurations found in an organization's SaaS apps.
SaaS Attacks: Lessons from Real-Life Misconfiguration Exploits
There is a way to protect users from deceptive OAuth apps, misconfigurations and misappropriated user permissions. SaaS Security Posture Management (SSPM) takes an automated approach to tracking, and even remediating, the exploitable misconfigurations in organizations’ SaaS apps.
For enterprise organizations, ensuring that all the SaaS apps are configured properly and have the correct user roles and privileges is not only a never-ending, time-consuming endeavor, but an impossible one. Here is a rundown of the main issues security teams face that make SaaS security complex, laborious and just...hard.