SaaS Exposed: Unmasking Cyber Risks in Cloud Integrations

Luke Jennings, VP of Research & Development at Push Security joins Wendy Zenone and Nic Fillingham on this week's episode of The BlueHat Podcast. Luke explains his recent presentation on a new SaaS cyber kill chain, exploring how attackers might target modern organizations heavily reliant on cloud and SaaS services, even when traditional infrastructure is minimal. The latest kill chain involves developing attack techniques specific to this environment, covering topics like lateral movement without conventional network infrastructure and adapting known techniques such as password guessing attacks to the SaaS landscape. Luke, Wendy, and Nic discuss the complexities of SaaS security, the intricacies of evil twin integrations, detection challenges, mitigation strategies, and the overall impact of these security issues on organizations.       In This Episode You Will Learn:       Identifying malicious activities and understanding normal application behavior  The importance of having structured methodologies for approving SaaS app usage  Challenges organizations face in detecting and preventing SaaS application threats      Some Questions We Ask:        How can an organization create alerts for new, unknown SaaS app integrations?  What happens when a SaaS app integration is duplicated by an attacker?  Would having a structured methodology for SaaS app usage help minimize risk?    Resources:   View Luke Jennings on LinkedIn   View Wendy Zenone on LinkedIn  View Nic Fillingham on LinkedIn      Related Microsoft Podcasts:     Microsoft Threat Intelligence Podcast   Afternoon Cyber Tea with Ann Johnson   Uncovering Hidden Risks         Discover and follow other Microsoft podcasts at microsoft.com/podcasts   Hosted on Acast. See acast.com/privacy for more information.