2024-09-14 –, Room 402
Whether it’s proof of concept attacks, dev-environment data exposure, or full-blown leaked customer credentials, one thing is clear – SaaS applications continue to be a growing threat vector for vendors and customers alike. SaaS customers are often playing catch up to the latest attacks for a given application, chasing down ghost tenants and struggling to maintain security best practices across the enterprise. In this talk, we discuss our successes and failures implementing an enterprise-scale SaaS configuration management program. We cover topics such as overcoming technical limitations of vendor APIs, educating app owners to be security champions of their tools, building a robust monitoring platform to identify posture drift for our apps, stack ranking your crown jewel apps to prioritize work, identifying key metrics that security leadership cares about, as well as the woes of non-burdensome ticketing for app owners to manage their security risk alongside their other expected job functions. We share a multi-year roadmap that takes us from near-zero protection or visibility to operationalized KTLO with quantitative value at each step. Securing SaaS apps from risky configurations such as ghost admins, SSO-bypass and weak MFA is a mountainous task when you may have anywhere from dozens to thousands of apps across your company. It takes a village!
Gabe is a senior security engineer with experience in endpoint security, SaaS security, DLP, and threat detection. He focuses on enterprise threats to high-tech businesses, building scalable engineering solutions to materially reduce risk for organizations. He also volunteers time with Columbus State University and with extracurricular organizations in the community towards Cybersecurity students looking to enter the field.
Gabe holds a B.S. in Computer Science from Columbus State University and a M.S. in Cybersecurity from NYU.