Reveals SaaS Application Security Insights via Analysis of 15+ Million SMB SaaS Application Events
Report identifies key areas where MSPs should focus SaaS Security efforts by analyzing trends and activities of over 15M SaaS App events and the anonymized application security records for over 750 small-to-mid sized businesses and more than 30,000 end-users.
SaaS Alerts, the cybersecurity company purpose-built for MSPs to protect and monetize their customers’ business SaaS applications, today released the results of its first-ever SASI (SaaS Application Security Insights) Report. The report, scheduled to be released semi-annually, reveals a shocking trend of over 3,000 Brute Force Attacks per day [against the current SMBs being monitored by the platform] and sheds light on risky file- sharing behavior and the top countries where bad actors are originating their attacks on SMBs.
During the period dating January 1st to May 31st, 2021, SaaS Alerts monitored over 15M events and gathered and analyzed anonymized SaaS application security records for over 750 small-to-mid sized businesses and more than 30,000 end-users.
Access and visibility into this unique dataset provides SaaS Alerts a comprehensive and timely view of the current state of SaaS Application Security within the SMB market – and more specifically, within SMBs who are served by MSPs.
Additionally, the report provides insight into how MSPs are currently pricing and marketing their new SaaS Security Monitoring services. “Overall, the findings in our first-ever SASI report emphasize that MSPs need to reassess their security posture when it comes to protecting their customers’ SaaS Applications. We believe that sharing this data will help MSPs to identify strategies and develop new processes to manage customer security in a data environment now increasingly dominated by off-premise resources,” said Jim Lippie, CEO for SaaS Alerts. “Our goal is to continue to share this critical information in the hopes that together with our MSP Partners, we can better navigate the current cybersecurity threat landscape and enhance our understanding to better combat the risks that lie ahead.”
With this inaugural edition of the report, SaaS Alerts has now made a commitment to release its findings twice a year – and as the platform grows to include more users, these insights will become increasingly more valuable and give MSPs a more comprehensive view of the SMB threat landscape.
Businesses of all sizes are now shifting to SaaS applications and away from locally installed applications. Naturally, at the same time, the data environment is also shifting – from local devices and network servers to Cloud-based data creation and storage.
This transition requires that technology service providers reconsider the notion of protecting users and networks and reimagine how they think about users and how they follow user behavior. This is accomplished by understanding how user negligence impacts a company’s security posture while also appreciating how bad actors are able to compromise SaaS environments.
In the first half of 2021, SaaS Alerts saw an average of 3,000 brute force attacks per day leveraged against 750+ small businesses while also uncovering a significant attack vector stemming from common user behaviors such as neglectful file-sharing practices and using M365 and Google Workspace credentials for authenticating third- party integrated applications.
These threats will not just go away, they will continue as the data in SaaS applications is valuable to bad actors and their attacks are successful enough to warrant continued effort. Meanwhile, end users will continue to take shortcuts, share anonymous files and bypass safeguards in the name of convenience and increased productivity. As a community of technology professionals, with the right tools and a commitment to regular hygiene, many of these risks can be mitigated.
The SASI Report analyzes the current threats, trends and activities of SaaS Application users and provides valuable insights to help MSPs protect the companies who they serve.
Report analysis was carried out using proprietary anonymized data gathered via the usage of SaaS Alerts pursuant to its Master Services Agreement. This and other data is used by SaaS Alerts to identify security and access trends in order to further advance its product and offerings and in order to meet the needs of its growing MSP partner community and the end customers who they serve. User and business information is anonymized to protect corporate and individual usage data.
For more details and to download a complimentary version of the report, visit: https://saasalerts.com/sasi- report/
SaaS Alerts, Inc.