The rapid uptake of cloud services is presenting a challenge for organizations to keep their ecosystems safe from security breaches. To provide guidance, Gartner® recently published a Quick Answer report for security and risk management leaders on security posture management tools for cloud environments.
As “cloud incidents continue to be dominated by configuration and identity errors on the part of the users, security and risk management leaders can ensure their clouds are configured securely by using the capabilities identified in this research,” Gartner says in the report.
The research, “Quick Answer: How to Choose the Right Security Posture Management Tools for Your Clouds,” covers infrastructure-as-a-service (IaaS), platform-as-a-service (PaaS), and software-as-a-service (SaaS) cloud environments. It provides organizations with a checklist of capabilities to look for when selecting a security posture management solution.
However, “SaaS protection remains segregated from IaaS and PaaS, and is covered by a separate family of SSPM products,” the report notes. According to the checklist, the primary function of Security Posture Management (SSPM) is “validation of secure configuration and interconnection of SaaS platforms.”
Adaptive Shield is named in the report as a Representative Vendor in SSPM.
In the report, Gartner provides a list of six key capabilities and criteria for selecting an SSPM. “Each SaaS platform is different, so SSPM vendors must be chosen based on both depth of visibility and which SaaS they support,” the report says.
Here’s how we believe the Adaptive Shield SSPM solution delivers on Gartner recommendations.
SSPM key capabilities:
- SaaS configuration for major SaaS platforms
A core SaaS stack of business-critical SaaS apps includes solutions such as Microsoft Office 365, Google Workspace, Salesforce, Workday, Slack, Teams, Zoom, Okta, GitHub, and ServiceNow. As the report notes, “each SaaS platform is different.”
These major SaaS apps are all sophisticated, each built with a complex set of security settings. The combined configurations for these apps alone can reach from hundreds to thousands that must be configured correctly and continuously to limit risk.
Adaptive Shield’s platform supports all these and other business-critical SaaS integrations. The platform conducts automated security checks to ensure proper configurations, identifies security drifts across all SaaS application security controls, and provides detailed step-by-step remediation.
- Visibility into SaaS-to-SaaS connections via API and OAuth integrations
One of the first steps when shrinking the threat surface is gaining an understanding of the full environment.
Adaptive Shield’s App Inventory shows all SaaS apps discovered, including API keys and OAuth apps, and the user who granted the OAuth consent, among many other important details. The inventory detects unsanctioned apps that are connected to apps integrated within the Adaptive Shield platform.
- Visibility into SaaS identities and permissions, including life cycle management
According to Gartner, a key selection criterion for an SSPM is the ability to provide visibility into identities, as identity errors are a factor currently dominating cloud incidents.
Every user identity is a potential entrance into a SaaS application. These include human and non-human accounts, including service accounts, API keys, and OAuth authorizations.
Adaptive Shield’s User Inventory delivers a robust Identity Security Posture where each SaaS user has consolidated information on permissions, roles, privileges, and user-specific failed security checks. By gaining in-depth knowledge of user permissions and behavior, security teams can identify users who put the application at risk, as well as inactive users, overprivileged admins, and other user-specific threats.
Key SSPM selection criteria:
- Support for both configurations and interconnection of SaaS apps
Monitoring settings and identifying misconfigurations that could compromise the security of the SaaS application is a key component of SaaS security. The thousands of security checks within the Adaptive Shield platform form the foundation of our SSPM.
Through automated monitoring, Adaptive Shield identifies weaknesses in the application’s posture, and alerts stakeholders of the issue. It includes remediation directions needed to harden the app and reduce the attack surface.
Adaptive Shield also detects connected applications. It monitors their scopes and alerts stakeholders when applications request high-risk permissions, such as write, delete, or download capabilities. The security team can review the connected app, and make a determination as to whether the functionality it provides is worth the risk.
- Coverage of less common critical SaaS applications
Enterprises are connected to hundreds of apps on average across business departments.
Adaptive Shield supports the industry’s widest portfolio of out-of-the-box integrations. In addition to 150+ out-of-the box apps, Adaptive Shield can integrate with any SaaS app. The Integration Builder covers custom, proprietary, or any other apps on top of the out-of-the-box SaaS integrations.
The Adaptive Shield Integration Builder enables the addition of less common or niche apps that could be critical for the needs of legal or medical teams, all with the same level of security.
- Depth of control assessment in each application
To secure a company's SaaS stack, the security team needs to be able to identify and monitor all that happens within their SaaS ecosystem.
Adaptive Shield’s security checks are both numerous and complex. They review and capture a great deal of information, allowing those tasked with SaaS app security to make informed decisions.
Each security check includes:
- Security Domain: area of the application that the configuration impacts, such as Access Control, Data Leak Protection, and Malware Protection
- Impact Level: risk level of the misconfiguration
- Affected Users: users who are affected by the misconfiguration
- Current Status: passed/failed/dismissed
- Remediation Plan: step-by-step instructions to secure the configuration and ticketing process
- Reason for Alert: detailed explanation of the potential risk of the misconfiguration
- History Log: detailed log, including comments about the security check
Gartner, Quick Answer: How to Choose the Right Security Posture Management Tools for Your Clouds, Charlie Winckless, Manuel Acosta, and 1 more, 21 February 2024
GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
About the writer
.webp)
