SaaS Alerts, a cybersecurity firm focused on protecting SaaS applications for Managed Service Providers (MSPs), has released its inaugural SaaS Application Security Insights (SASI) Report.
Highlighting an average of over 3,000 brute force attacks daily against the small-to-mid-sized businesses (SMBs) it monitors, the bi-annual report outlines concerning patterns in risky file-sharing behavior and identifies top countries that are sources of these attacks.
Monitoring SaaS Application Security
From January 1st to May 31st, 2021, SaaS Alerts scrutinized more than 15 million events, gathering anonymized security records from over 750 SMBs and over 30,000 end-users. This data equips SaaS Alerts with a detailed and current understanding of SaaS application security, particularly within SMBs serviced by MSPs.
Insights on MSP Practices
The SASI report also delivers insights into how MSPs are structuring and marketing their SaaS Security Monitoring services.
"Overall, the findings in our first-ever SASI report emphasize that MSPs need to reassess their security posture when it comes to protecting their customers’ SaaS Applications," stated Jim Lippie, CEO of SaaS Alerts. He further emphasized the importance of sharing data to help MSPs develop strategies and processes to better handle customer security in a cloud-dominated data environment.
Evolution of the Threat Landscape
The transition from local devices to cloud-based data storage is influencing how threats are perceived and addressed.
This shift necessitates a re-evaluation of how users and networks are protected
This shift necessitates a re-evaluation of how users and networks are protected, particularly as bad actors increasingly target SaaS environments. SaaS Alerts’ findings reveal that the threat landscape is shaped significantly by common user behaviors, including careless file-sharing and reliance on third-party app credentials linked to platforms like M365 and Google Workspace.
Addressing Emerging Risks
Despite advancements in security protocols, end-users often prioritize convenience, bypassing established safeguards.
This behavior often leads to increased risks; however, with the right tools and practices, the SASI report suggests that many threats can be mitigated. By analyzing threats, trends, and user activities, the report provides valuable insights for MSPs aiming to safeguard their clients more effectively.
Proprietary Data Analysis
Analysis in the SASI report is based on proprietary anonymized data collected through SaaS Alerts' services, in accordance with its Master Services Agreement.
This anonymized data facilitates the identification of security trends, enabling SaaS Alerts to enhance its offerings to meet the evolving needs of its MSP partners and their customers.
SaaS Alerts, the cybersecurity company purpose-built for MSPs to protect and monetize their customers’ business SaaS applications released the results of its first-ever SASI (SaaS Application Security Insights) Report.
The report, scheduled to be released semi-annually, reveals a shocking trend of over 3,000 Brute Force Attacks per day [against the current SMBs being monitored by the platform] and sheds light on risky file-sharing behavior and the top countries where bad actors are originating their attacks on SMBs.
SaaS application security records
During the period dating January 1st to May 31st, 2021, SaaS Alerts monitored over 15M events and gathered and analyzed anonymized SaaS application security records for over 750 small-to-mid-sized businesses and more than 30,000 end-users.
Access and visibility into this unique dataset provides SaaS Alerts a comprehensive and timely view of the current state of SaaS Application Security within the SMB market – and more specifically, within SMBs who are served by MSPs.
First-ever SASI report
How MSPs are currently pricing and marketing their new SaaS Security Monitoring services
Additionally, the report provides insight into how MSPs are currently pricing and marketing their new SaaS Security Monitoring services.
“Overall, the findings in our first-ever SASI report emphasize that MSPs need to reassess their security posture when it comes to protecting their customers’ SaaS Applications,” said Jim Lippie, CEO of SaaS Alerts
Customer security management
"We believe that sharing this data will help MSPs to identify strategies and develop new processes to manage customer security in a data environment now increasingly dominated by off-premise resources."
“Our goal is to continue to share this critical information in the hopes that together with our MSP Partners, we can better navigate the current cybersecurity threat landscape and enhance our understanding to better combat the risks that lie ahead.”
View of the SMB threat landscape
The data environment is also shifting – from local devices and network servers to Cloud-based data creation
With this inaugural edition of the report, SaaS Alerts has made a commitment to release its findings twice a year – and as the platform grows to include more users, these insights will become increasingly more valuable and give MSPs a more comprehensive view of the SMB threat landscape.
Businesses of all sizes are shifting to SaaS applications and away from locally installed applications. Naturally, at the same time, the data environment is also shifting – from local devices and network servers to Cloud-based data creation and storage.
User and network protection
This transition requires that technology service providers reconsider the notion of protecting users and networks and reimagine how they think about users and how they follow user behaviour.
This is accomplished by understanding how user negligence impacts a company’s security posture while also appreciating how bad actors are able to compromise SaaS environments.
Common user behaviours
SaaS Alerts saw an average of 3,000 brute force attacks per day leveraged against 750+ small businesses
In the first half of 2021, SaaS Alerts saw an average of 3,000 brute force attacks per day leveraged against 750+ small businesses while also uncovering a significant attack vector stemming from common user behaviours such as neglectful file-sharing practices and using M365 and Google Workspace credentials for authenticating third-party integrated applications.
These threats will not just go away, they will continue as the data in SaaS applications is valuable to bad actors and their attacks are successful enough to warrant continued effort.
Threats, trends, and activities
Meanwhile, end users will continue to take shortcuts, share anonymous files, and bypass safeguards in the name of convenience and increased productivity. As a community of technology professionals, with the right tools and a commitment to regular hygiene, many of these risks can be mitigated.
The SASI Report analyzes the current threats, trends, and activities of SaaS Application users and provides valuable insights to help MSPs protect the companies they serve.
SaaS Alerts
Report analysis was carried out using proprietary anonymized data gathered via the usage of SaaS Alerts pursuant to its Master Services Agreement.
This and other data are used by SaaS Alerts to identify security and access trends in order to further advance its product and offerings and in order to meet the needs of its growing MSP partner community and the end customers whom it serves. User and business information is anonymized to protect corporate and individual usage data.
