SaaS Alerts - Experts & Thought Leaders

SaaS Alerts, the cybersecurity company purpose-built for MSPs to protect and monetize their customers’ business SaaS applications unveiled the findings of its latest edition of the SaaS Application Security Insights (SASI) Report. Published semi-annually, the free downloadable report is the only one of its kind to analyze approximately 136 million SaaS security events across 2,100 small and medium businesses (SMBs) globally and identify cyber trends negatively impacting businesses. SASI report The statistically significant findings of the latest SASI report take into account security events occurring across more than 120,000 user accounts from January 1st to December 31st, 2021, and show that the vast majority of attacks on top SaaS platforms such as Microsoft 365, Google Workspace, Slack and Dropbox are originating from the countries of Russia and China. The data set is statistically significant and enables solution providers to manage a portfolio of SaaS applications with pertinent data and trends to support defensive IT security re-alignments as required. Recent Activity The vast volumes of data analyzed suggest these countries may even be coordinating attack efforts Additionally, over the last several weeks, SaaS Alerts has seen a sharp rise in activity from countries with consistently high levels of both attempted and successful attacks originating within their borders — Russia and China. The vast volumes of data analyzed suggest these countries may even be coordinating attack efforts. Per analysis available from SaaS Alerts, attack trend lines that compare Russia and China show almost the same pattern. Juxtaposed to a chart from Germany indicates that it is not even close to the same pattern, leading to educated speculation that these countries could be coordinating efforts. A mixture of cooperation and competition According to the Brookings Institute, “The U.S. National Security Strategy declares Russia and China the two top threats to U.S. national security. At the best of times, U.S.-Russia ties are a mixture of cooperation and competition, but today they are largely adversarial." "Russia’s increasingly close relationship with China represents an ongoing challenge for the United States." SaaS application security data From January 1st to December 31st, 2021, SaaS Alerts monitored more than 136 million SaaS security events "While there is little that Washington can do to draw Moscow away from Beijing, it should not pursue policies that drive the two countries closer together, such as the trade war with China and rafts of sanctions against Russia.” During the period ranging from January 1st to December 31st, 2021, SaaS Alerts monitored more than 136 million SaaS security events, collecting and analyzing the anonymous SaaS application security data to identify a breakdown of cyberattacks on the most popular SaaS applications in use by SMBs today. Key findings of the report 1) On average, SaaS Alerts is seeing approximately 10,000 Brute Force Attacks per day against the user accounts monitored by SaaS Alerts. 2) The origin of potential attacks can be traced back to specific countries with current data indicating that Attempted Unauthorized Logins are coming from actors located in China, Vietnam, Russia, Korea, and Brazil. 3) Successful Unauthorized Logins are originating in Russia, China, Vietnam, Korea, and Brazil. These are countries where an actor has successfully logged in using a valid user’s credentials. 4) The report finds that the Three Most Common Critical SaaS Application Security Alerts stem from: Alert: “User Location Outside Approved Location” is an alert that is triggered when there’s a successful login to a user account from outside of an approved location or an approved IP address range. Alert: “SaaS Integration” which indicates that account credentials have been used to connect to a third-party application which may lead to data and other account information sharing between SaaS Apps. Users often establish these connections for convenience without consideration of potential security violations. Alert: “Multiple Account Lockouts” which is recorded when an account is locked out 4 or more times within 12 hours. Often indicating that malicious actors are actively (typically programmatically) trying password combinations to gain access to the account and have succeeded in validating a correct account name. 5) Other key findings from the report focus on common threat vectors that are putting SMBs at risk including a shocking ratio of Guest User Accounts (versus Licensed Accounts) being leveraged by SMBs with 42% of the over 129,000 monitored SaaS accounts being Guest User Accounts, the report also identifies the top five Third-party OAuth App Integrations being leveraged by SMB users and details a threat vector around Risky File Sharing Behavior with 19% of cloud-based file sharing activity being to external sources versus internal file-sharing. Each of these activities poses a significant threat vector as they potentially open pathways for malicious attacks if not properly monitored and managed. Uncertain cyber-climate “In the uncertain cyber-climate we all reside in today, detailed SaaS security oversight and robust defenses are a requirement for ensuring high resiliency and business continuity,” said Jim Lippie, CEO, of SaaS Alerts. “The loss, theft or corruption of mission-critical or sensitive customer data can be operationally and financially troublesome for SMBs that depend on continuous and unrestricted business operations to bolster revenues which have been the target of threat actors for years. We offer this useful threat level breakdown to assist businesses and the MSPs that support them with highly accurate insights about the security landscape they reside in.” Security management and compliance The security management and compliance of SaaS applications in use by SMBs have become a greater concern for MSPs as the deployment of cyber defenses takes center stage. Protection of both the SaaS application and data is critical and must receive SaaS-optimized security controls. Building a security-minded employee culture that centers on security controls, SaaS-native cyber defenses, and procedural compliance can play a significant role in reducing the risk of a successful attack.

SaaS Alerts, the cybersecurity company purpose-built for MSPs to protect and monetize their customers’ business SaaS applications released the results of its first-ever SASI (SaaS Application Security Insights) Report. The report, scheduled to be released semi-annually, reveals a shocking trend of over 3,000 Brute Force Attacks per day [against the current SMBs being monitored by the platform] and sheds light on risky file-sharing behavior and the top countries where bad actors are originating their attacks on SMBs. SaaS application security records During the period dating January 1st to May 31st, 2021, SaaS Alerts monitored over 15M events and gathered and analyzed anonymized SaaS application security records for over 750 small-to-mid-sized businesses and more than 30,000 end-users. Access and visibility into this unique dataset provides SaaS Alerts a comprehensive and timely view of the current state of SaaS Application Security within the SMB market – and more specifically, within SMBs who are served by MSPs. First-ever SASI report How MSPs are currently pricing and marketing their new SaaS Security Monitoring services Additionally, the report provides insight into how MSPs are currently pricing and marketing their new SaaS Security Monitoring services. “Overall, the findings in our first-ever SASI report emphasize that MSPs need to reassess their security posture when it comes to protecting their customers’ SaaS Applications,” said Jim Lippie, CEO of SaaS Alerts Customer security management "We believe that sharing this data will help MSPs to identify strategies and develop new processes to manage customer security in a data environment now increasingly dominated by off-premise resources." “Our goal is to continue to share this critical information in the hopes that together with our MSP Partners, we can better navigate the current cybersecurity threat landscape and enhance our understanding to better combat the risks that lie ahead.” View of the SMB threat landscape The data environment is also shifting – from local devices and network servers to Cloud-based data creation With this inaugural edition of the report, SaaS Alerts has made a commitment to release its findings twice a year – and as the platform grows to include more users, these insights will become increasingly more valuable and give MSPs a more comprehensive view of the SMB threat landscape. Businesses of all sizes are shifting to SaaS applications and away from locally installed applications. Naturally, at the same time, the data environment is also shifting – from local devices and network servers to Cloud-based data creation and storage. User and network protection This transition requires that technology service providers reconsider the notion of protecting users and networks and reimagine how they think about users and how they follow user behaviour. This is accomplished by understanding how user negligence impacts a company’s security posture while also appreciating how bad actors are able to compromise SaaS environments. Common user behaviours SaaS Alerts saw an average of 3,000 brute force attacks per day leveraged against 750+ small businesses In the first half of 2021, SaaS Alerts saw an average of 3,000 brute force attacks per day leveraged against 750+ small businesses while also uncovering a significant attack vector stemming from common user behaviours such as neglectful file-sharing practices and using M365 and Google Workspace credentials for authenticating third-party integrated applications. These threats will not just go away, they will continue as the data in SaaS applications is valuable to bad actors and their attacks are successful enough to warrant continued effort. Threats, trends, and activities Meanwhile, end users will continue to take shortcuts, share anonymous files, and bypass safeguards in the name of convenience and increased productivity. As a community of technology professionals, with the right tools and a commitment to regular hygiene, many of these risks can be mitigated. The SASI Report analyzes the current threats, trends, and activities of SaaS Application users and provides valuable insights to help MSPs protect the companies they serve. SaaS Alerts Report analysis was carried out using proprietary anonymized data gathered via the usage of SaaS Alerts pursuant to its Master Services Agreement.  This and other data are used by SaaS Alerts to identify security and access trends in order to further advance its product and offerings and in order to meet the needs of its growing MSP partner community and the end customers whom it serves. User and business information is anonymized to protect corporate and individual usage data.

Kaseya, the global provider of AI-powered cybersecurity and IT management software announced Kaseya 365 User, joining Kaseya 365 Endpoint which launched in April 2024, at DattoCon Miami. Kaseya 365 User gives managed service providers (MSPs) the ability to help their customers prevent, respond to, and recover from threats to user identity and security. SaaS Alerts Kaseya also announced it has acquired SaaS Alerts, an industry-pioneering cybersecurity company that helps MSPs monitor and protect customers’ SaaS application usage. SaaS Alerts’ technology is included for free as part of the Kaseya 365 User subscription, adding significant value to the new subscription for MSPs. AI-based automation "Our mission is to make our partners more profitable, by providing them a platform that provides far more AI-based automation than otherwise available, and offering that platform at a fraction of the cost,” said Fred Voccola, CEO, of Kaseya. “When we launched Kaseya 365 Endpoint earlier this year, the market response was astounding." Financial benefits "Our goal from the beginning of our journey was to ensure our MSP partners get the recognition and financial benefits that match the enormous value they provide to SMBs around the world. Now, with Kaseya 365 User, we get to take another major step." "Our partners can better protect themselves and their customers, automate service delivery, and once again vastly improve their unit economics for greater profitability.” Comprehensive protection While small businesses power the global economy, their technology infrastructure is largely dependent on MSPs While small businesses power the global economy, their technology infrastructure is largely dependent on MSPs to protect user data and respond to ever-present cyber threats. With Kaseya 365 User and Kaseya 365 Endpoint, MSPs can offer comprehensive protection for small business owners and their customers. Competitive advantage “Now more than ever, there is a massive advantage to being an MSP powered by Kaseya,” said Nick Martin, Director of Managed Services, at Mainstreet IT Solutions. “It’s a true competitive advantage because with Kaseya 365 User we’re getting more for less money, and we can pass along savings to our customers without sacrificing anything.” Cloud detection and response SaaS Alerts, a critical component of Kaseya 365 User, is the SaaS security platform for MSPs. This innovative technology allows MSPs to monitor and remediate any potential threat to their critical business applications or users in SaaS environments in real-time and ensure critical business applications are safe from both internal and external threats. “As cyber threats are becoming more sophisticated, MSP tools need to evolve,” said Jim Lippie, CEO, of SaaS Alerts. “With cloud detection and response, MSPs can identify breaches and act on them quickly. This is a must-have for MSPs to protect their customers.” DattoCon Miami highlights Kaseya DattoCon event includes nine training sessions and six workshops so attendees can become better 2024's Kaseya DattoCon event includes nine training sessions and six workshops so attendees can become better versed in the products they already own.  Notable sessions include keynotes with Kaseya CEO Fred Voccola, philanthropist and innovator Mick Ebeling, and wildlife photographer Ron Magill. The event will end with the much-anticipated Golden Datto and Cooper Cares Awards and a Fright Night Halloween party. Additional key announcements from Kaseya Backup Concierge Program: Backup is the last line of defense and one of the most important tools for an MSP, but it represents one of their largest spends and highest risks. Kaseya is committed to solving the challenge, both commercially and technically, with a $10M investment in the new Backup Concierge Program. This program is free for Kaseya Datto backup customers and is purpose-built to ensure they are optimizing their profitability, as well as supporting their technical needs throughout the data protection journey for new and existing clients. Next-Gen Endpoint Backup: Building on its commitment to protecting data everywhere, Datto's Endpoint Backup expands to offer better control, more flexibility, and greater restore options - while still at a price point that makes it more profitable than any competitive solution on the market. Purpose-built for MSPs, it boasts centralized, policy-based management; smart scheduling with custom controls (ie, business hours); full control over throttling, data regions, and selective backup configurations (inclusions/exclusions); and is fully integrated with popular MSP solutions like IT Glue, PSAs, RMMs and more. Cooper Copilot Expands to PSA: With new AI features, Kaseya BMS and Autotask both amplify technicians' ability to swiftly act and communicate. Smart Ticket Summary saves time spent reading through tickets to see actions already taken, distilling it into a succinct recap. Smart Writing Assistant empowers technicians to send clear and professional messages to end-users by transforming their technical expertise into simple communication. Smart Resolution Summary automatically captures and documents the steps, actions, and outcomes involved in resolving IT tickets, creating a detailed record for future reference and faster issue resolution. These features streamline the ticket resolution process so techs can do more in less time. Better Together: Network Detective Pro and audIT are one platform delivering unparalleled audit, discovery, and reporting to MSPs to close more business and increase profits by showcasing IT value. New and existing partners get the automated capabilities of Network Detective Pro coupled with the dynamic presentation layer of audIT at no additional cost. New Capabilities to Vonahi: Vonahi has introduced a new prospecting test feature that allows MSPs to offer potential clients a preliminary pentest evaluation to demonstrate immediate value. Further, custom-branded reports can be exported to Microsoft Word for full customization allowing MSPs to add additional data and customize report themes to fit their company brand.  Subscription offering Kaseya 365 User is a new subscription offering in addition to Kaseya 365 Endpoint (formerly Kaseya 365), which was introduced in April 2024.  Less than six months after launching, Kaseya 365 Endpoint protects more than 5.5 million devices.