SaaS Exposed: Unmasking Cyber Risks in Cloud Integrations

Luke Jennings, VP of Research & Development at Push Security joins Wendy Zenone and Nic Fillingham on this week's episode of The BlueHat Podcast. Luke explains his recent presentation on a new SaaS cyber kill chain, exploring how attackers might target modern organizations heavily reliant on cloud and SaaS services, even when traditional infrastructure is minimal. The latest kill chain involves developing attack techniques specific to this environment, covering topics like lateral movement without conventional network infrastructure and adapting known techniques such as password guessing attacks to the SaaS landscape. Luke, Wendy, and Nic discuss the complexities of SaaS security, the intricacies of evil twin integrations, detection challenges, mitigation strategies, and the overall impact of these security issues on organizations. 

In This Episode You Will Learn:    

• Identifying malicious activities and understanding normal application behavior 
• The importance of having structured methodologies for approving SaaS app usage 
• Challenges organizations face in detecting and preventing SaaS application threats 

Some Questions We Ask:     

• How can an organization create alerts for new, unknown SaaS app integrations? 
• What happens when a SaaS app integration is duplicated by an attacker? 
• Would having a structured methodology for SaaS app usage help minimize risk? 

Resources:  

View Luke Jennings on LinkedIn  

View Wendy Zenone on LinkedIn 

View Nic Fillingham on LinkedIn 

Related Microsoft Podcasts:  

• Microsoft Threat Intelligence Podcast  
• Afternoon Cyber Tea with Ann Johnson  
• Uncovering Hidden Risks  

Discover and follow other Microsoft podcasts at microsoft.com/podcasts  

Hosted on Acast. See acast.com/privacy for more information.