Adaptive Shield: Gaining Control of SaaS Security
Ever since SaaS made its way into the business management table, it has been widely changing how organizations run their business and manage their data. Even though SaaS increases productivity and efficiency, there are security issues to be addressed ranging from data leaks, unauthorized control over sensitive information, and possible identity thefts due to security misconfigurations.
Despite the fact that SaaS applications are provided with security built-in to the provider’s architecture, it falls on the organization to make sure the security settings of each app are configured correctly. Not an easy feat as security teams often lack the visibility and control to manage their organization’s whole SaaS app stack and all the configurations successfully. “The multiple levels of individual security models and settings make maintaining a consistent policy across platforms and user groups a real battle,” begins Maor Bin, CEO & Co-Founder, Adaptive Shield. “But not anymore with Adaptive Shield’s continuous, automated solution and built-in knowledge base crafted for true native SaaS security,”
The Adaptive Shield platform enables you to automatically discover security weaknesses, get full context on their nature and impact, then receive instructions every step of the way until each issue is resolved. Adaptive Shield is all about automating this process by monitoring and assessing the risks caused by misconfigurations in all SaaS apps. As a SaaS app that instantly connects with any SaaS app, Adaptive Shield enables companies to gain visibility into their SaaS estate, improve their SaaS security posture and reduce risk on the day of the integration. “Adaptive Shield comes to equip CISOs and security teams with a solution that integrates with all their SaaS apps, interprets every SaaS app’s configurations, and gives them full visibility and control in a single pane of glass.”
The Challenge of Managing the SaaS App Stack
SaaS security has been in the industry for a while, and there is a broad level of adoption going on today. Implementing security capabilities with each policy containing 100s of security configurations and going line by line to align with the business requirements is not just a piece of cake. Not to mention, often the SaaS app owner in control of these configurations sits outside of the security team in the department that most uses the app (think Sales has CRM app, Marketing has automation app), and they are untrained and not focused on the security upkeep of the app.
In addition to the staggering amount of configurations to manage, the lack of visibility and control of the SaaS app ownership, is the skills gap that compounds the challenges faced by security teams for securing the SaaS app stack. Each SaaS app has its own setup and ‘language’ — and it’s on the security teams to learn each app’s specific setup and configurations to ensure they are compliant with their company’s policies. As the security team is often not the ones using the apps on a daily basis, they are rarely familiar with the settings, making it even harder to optimize the configuration maintenance process.
This is where Adaptive Shield stands out with a cutting-edge SaaS Security Posture Management Platform that enables security teams to analyze, identify, and prioritize weaknesses in a SaaS to help maintain continuous security for all global settings and user privileges. “What we bring in is the capability to connect to any data or any object by looking for misconfigurations and security loopholes and help teams resolve this while offering complete visibility and control,” adds Bin.
The Day-to-Day of SaaS App Security
Since opening its doors, Adaptive Shield’s core mission has been to help security teams secure their entire SaaS ecosystem. “We love seeing our clients’ ‘aha’ moment when seeing their SaaS security posture for the first time. It’s such a quick integration and shows them all the missing details and misconfigurations they’ve been chasing after for so long, their relief is almost palpable” describes Bin.
“Another recurring situation we see with clients and prospects is the dichotomy of their SSO implementation,” Bin says. “The security team implements SSO to get the complete coverage of multi-factor authentication. However, most SSO providers enable super admins to bypass the service for maintenance reasons. This creates a situation where the users with the most privileges are the ones most exposed.” Adaptive Shield can easily identify this concerning scenario and give the exact details for how the security team can remediate the situation.
When it comes to day-to-day management of the organization’s SaaS security posture, Adaptive Shield provides not only the risk level and misconfigurations, but also gives in-context remediation advice. “We’re able to integrate to the ticketing system of choice to be able to send the exact info of what needs to take place for the remediation. Organizations can also opt-in to a ‘Fix now’ functionality if they want Adaptive Shield to resolve these errors directly,” adds Bin.
For enabling seamless compliance, Adaptive Shield provides a compliance-based view for the users to view specific compliance standards and drills down into how the standard’s subsections comply with ISO, NIST, CIS, SOC2, and more, covering all security domains, from Identity and Access Management to Malware Protection and Privacy Control. Adding up to many unique feature sets, Adaptive Shield can connect with any app and run checks on every data type.
The Origin & Vision of Adaptive Shield
The company’s CEO, Maor Bin and Co-Founder & CTO, Jony Shlomoff are the driving forces behind Adaptive Shield. “We served together in the IDF, and each have over 17 years of experience in cybersecurity. Day in and day out, working with security professionals, we kept hearing about how SaaS security was becoming too complex. The lack of visibility of SaaS misconfigurations was a top concern, and as many described, ‘we can deal with what we see, but are scared of what is beneath our radar’”. This pain point was constantly reiterated through their respective work lives, and after many late night conversations and product roadmaps, it led Maor and Jony to come up with Adaptive Shield as the solution.
In its short lifespan, Adaptive Shield’s innovative offering and service support has already announced a $30 million Round A funding, led by Insight Partners, including Okta Ventures and Vertex Ventures, in addition to earning a variety of awards, including the Global InfoSec Award 2021 and Top 10 Baby Black Unicorn Award 2021.
“Today, we are focused on innovation around research and development of new integrations, new features, and expansion in the SaaS Security domain and will also support more and more tech alliances with other major security players,” explains Bin.
Looking ahead, the company has an out-of-the-box roadmap that can redefine the way SaaS security performs today. Thanks to the latest $30M series, Adaptive Shield will be able to extend its team and reach to meet growing demands from businesses around the globe. “We are also about to announce some major tech partnerships with industry-leading security solution providers that will reinforce our SaaS Security zero-trust approach,” concludes Bin.