SaaS Alerts, the cybersecurity company purpose-built for MSPs to protect and monetize their customers’ business SaaS applications released the results of its first-ever SASI (SaaS Application Security Insights) Report.
The report, scheduled to be released semi-annually, reveals a shocking trend of over 3,000 Brute Force Attacks per day [against the current SMBs being monitored by the platform] and sheds light on risky file-sharing behavior and the top countries where bad actors are originating their attacks on SMBs.
SaaS application security records
During the period dating January 1st to May 31st, 2021, SaaS Alerts monitored over 15M events and gathered and analyzed anonymized SaaS application security records for over 750 small-to-mid-sized businesses and more than 30,000 end-users.
Access and visibility into this unique dataset provides SaaS Alerts a comprehensive and timely view of the current state of SaaS Application Security within the SMB market – and more specifically, within SMBs who are served by MSPs.
First-ever SASI report
How MSPs are currently pricing and marketing their new SaaS Security Monitoring services
Additionally, the report provides insight into how MSPs are currently pricing and marketing their new SaaS Security Monitoring services.
“Overall, the findings in our first-ever SASI report emphasize that MSPs need to reassess their security posture when it comes to protecting their customers’ SaaS Applications,” said Jim Lippie, CEO of SaaS Alerts
Customer security management
"We believe that sharing this data will help MSPs to identify strategies and develop new processes to manage customer security in a data environment now increasingly dominated by off-premise resources."
“Our goal is to continue to share this critical information in the hopes that together with our MSP Partners, we can better navigate the current cybersecurity threat landscape and enhance our understanding to better combat the risks that lie ahead.”
View of the SMB threat landscape
The data environment is also shifting – from local devices and network servers to Cloud-based data creation
With this inaugural edition of the report, SaaS Alerts has made a commitment to release its findings twice a year – and as the platform grows to include more users, these insights will become increasingly more valuable and give MSPs a more comprehensive view of the SMB threat landscape.
Businesses of all sizes are shifting to SaaS applications and away from locally installed applications. Naturally, at the same time, the data environment is also shifting – from local devices and network servers to Cloud-based data creation and storage.
User and network protection
This transition requires that technology service providers reconsider the notion of protecting users and networks and reimagine how they think about users and how they follow user behaviour.
This is accomplished by understanding how user negligence impacts a company’s security posture while also appreciating how bad actors are able to compromise SaaS environments.
Common user behaviours
SaaS Alerts saw an average of 3,000 brute force attacks per day leveraged against 750+ small businesses
In the first half of 2021, SaaS Alerts saw an average of 3,000 brute force attacks per day leveraged against 750+ small businesses while also uncovering a significant attack vector stemming from common user behaviours such as neglectful file-sharing practices and using M365 and Google Workspace credentials for authenticating third-party integrated applications.
These threats will not just go away, they will continue as the data in SaaS applications is valuable to bad actors and their attacks are successful enough to warrant continued effort.
Threats, trends, and activities
Meanwhile, end users will continue to take shortcuts, share anonymous files, and bypass safeguards in the name of convenience and increased productivity. As a community of technology professionals, with the right tools and a commitment to regular hygiene, many of these risks can be mitigated.
The SASI Report analyzes the current threats, trends, and activities of SaaS Application users and provides valuable insights to help MSPs protect the companies they serve.
SaaS Alerts
Report analysis was carried out using proprietary anonymized data gathered via the usage of SaaS Alerts pursuant to its Master Services Agreement.
This and other data are used by SaaS Alerts to identify security and access trends in order to further advance its product and offerings and in order to meet the needs of its growing MSP partner community and the end customers whom it serves. User and business information is anonymized to protect corporate and individual usage data.