AppOmni

RSA Conference, here we come! That's right: your favorite SaaS security leader is heading to #rsac2025 April 28th - May 1st. https://hubs.la/Q03cZRcZ0 Visit the AppOmni team at ?????????? ??-???????? to hear how we can help you simplify your SaaS security, and if that's not tempting enough...we're even giving away fun prizes! So make sure to stop by for a chance to win a FREE Nintendo Switch. ?? Let the countdown begin. ? Ahead of time, see what events we have planned, and don't forget to book a meeting with us.

Cisco don't innovate they just buy other businesses! ?? Blah blah blah - I'm bored of hearing that! ?? What often get's overlooked/not mentioned/intentionally ignored is the fact that they also have a specialised investment practice for helping early stage start ups develop their platforms and bring them to the market. Oh - Who knew Cisco Investments was a thing! Yes, they will of course go on to purchase some of these businesses as they grow in market share and when it makes sense to bring them into the portfolio. But why shouldn't they? I'm pretty sure the founders of these organisations will be pretty happy with the few million they'll be receiving, and I'm sure in some cases, these companies wouldn't have had the chance if it wasn't for the investments mad by Cisco. Look at some of the excellent names we'll hopefully eventually see being brought under the Cisco Security banner: ? Aliro - Advanced Secure Networks which include Post-Quantum Cryptography (PQC). ? AppOmni - LOVE these guys. Pioneered SSPM and huge value added to SSE solutions. Done some posts about them already. ? Binalyze - Investigation and response automation. I wonder if this kind of DFIR function will find it's way into XDR? ? Expel - A great offering for MDR services. ? GetReal - Malicious digital content and deepfake protection. ? HYCU, Inc. - SaaS Data Protection Platform. ? JupiterOne - Been around a while. Asset management but explains how assets are connected. ? Query - a federated search platform delivering a single search bar to access all your security-relevant data, wherever it is stored. ? Securiti - ONE TO KEEP AN EYE ON - a centralised platform that enables the safe use of data and GenAI. ? SGNL - grants and revokes contextual access in real-time, drastically reducing the blast radius of a possible breach ? Upstream Security - a cloud-based, AI-powered data management platform purpose-built for connected vehicles, smart mobility, and IoT ecosystem. If you have any questions on these or any other components of the broader Cisco Security Portfolio, please feel free to give me or any of the team at CAE Technology Services Limited a shout. [87/100]

Heading to RSA Conference 2025? Celebrate Day 1 with us and Synack, Inc. at Fogo de Chao with some Brazilian fire-roasted steak and premiere whiskey. ?? ?? https://hubs.la/Q03dxqWb0 Grab a glass and meet us for a meal to remember at 6:00pm PT. P.S. The fun doesn't end there. Make sure to head AppOmni's booth (S-2339) throughout the week to see how we provide effortless SaaS security.

?? ???????? ?????? ?????? ???????? ???????? ?????? ?????????????? ???? ?????????? ??????????? Even after changing passwords or logging off, OAuth tokens maintain persistence. OAuth 2.0 protocol, while helpful in eliminating passwords and the risks that come with them, could become a backdoor for hackers if left unmanaged. Martin Vigo, Lead Offensive Security Engineer at AppOmni, details OAuth grant exploits in recent GitHub repository and Google Chrome extension hijacks. He also shares why attackers are changing tactics from email phishing → legit-looking bogus login pages → OAuth abuse. https://hubs.la/Q03dFcXB0 We encourage you to review connected apps to your GitHub repos and explicitly revoke access for the malicious app called ????????????????????????????.

?? ServiceNow news ?? ICYMI: Hackers are exploiting ServiceNow vulnerabilities that Assetnote uncovered last year. AppOmni encourages orgs with ServiceNow instances to apply security patches ASAP (if you haven't already). Plus, limit the exposure of management interfaces to prevent unauthorized access. Aaron C., AppOmni's Chief of Security Research, shares with Emma Woollacott in ITPro about the need for organizations to continue implementing security guardrails to prevent attacks like these: "Organizations should continue striving to implement security guardrails through proper configuration of their SaaS wherever possible. Inbound IP address access controls could have prevented this issue from being exploited by attacks coming from untrusted network ranges" Learn more in ITPro below, and head to the comments to see how AppOmni minimizes ServiceNow security risks. ?? https://hubs.ly/Q03dc8Rs0

SaaS is the new attack surface. ?? CISOs: are you prepared? This panel session is a must-attend for CISOs heading to Gartner C-Level Communities UK & Ireland CISO Town Hall on 2 April. At 11:00 - 12:00?BST, AppOmni's Brandon Romisher moderates a panel session with CISOs James Edwards-Scott, Paul Griffiths, and Michell Martins about: 1?? SaaS attack surface management and effective risk mitigation strategies 2?? Combining posture management with threat detection 3?? Strengthening developer and business stakeholder collaboration See you there!

As the UK’s leading property portal, Rightmove's SaaS environment was quickly expanding. However, the FTSE 100 company faced SaaS security challenges including limited visibility, inconsistent configurations, and ineffective audits. Rightmove needed the strategic support from both Peritus Cloud Security and AppOmni to secure their SaaS apps while maintaining operational efficiency. Working together as partners, Peritus Cloud Security’s cloud security expertise paired with AppOmni’s SaaS Security Platform helps their customers gain deeper visibility and control over their SaaS environments. Rightmove saw immediate results: ?? Centralized SaaS visibility ?? Prevented a 100,000-user capacity issue with NetSuite setup ?? Strengthened security and streamlined processes See why AppOmni + Peritus Cloud Security = the right move for Rightmove in order to drive SaaS security and growth https://hubs.la/Q03cvzx-0 Tim Barrow

What a whirlwind week of events. ?? 22 AppOmniers, 9 events, and 6 speaking sessions later, we're reflecting on the memories and conversations had at some of our March events last week. We loved connecting with our worldwide cybersecurity community at: ?? FS-ISAC 2025 Americas Spring Summit ?? SINC USA Southeast Forum? ?? C-Vision International Think Tank? ?? Cisco Workshops in Philly and Charlotte ?? Billington CyberSecurity State & Local Cybersecurity Summit ?? SecureWorld Boston ?? Core to Cloud Cheltenham ?? Cisco Security Roadshow Thanks to those that visited our booth to discover how AppOmni can help your org prevent SaaS data breaches and simplify your SaaS security. Shoutout to our onsite AppOmniers for making these events to remember! Next stop: IT and Cybersecurity Meetings in Cannes 18 - 20th March. https://lnkd.in/gWuwtfnT

?? We interrupt your scroll to spotlight the University of Cincinnati, who future-proofed their SaaS cybersecurity strategy with AppOmni. Previously, the university faced challenges with access control, data sharing, and compliance. With AppOmni, the University of Cincinnati effectively addressed these security gaps, bolstered compliance measures, and achieved much more. Katrina Biscay, Associate Vice President and CISO, shares how they gained real-time visibility into their SaaS environments: https://hubs.la/Q03bvCm70