Does your SaaS footprint implement CIS Controls?

CIS Control 15: Service Providers

SaaS being short for “Software as a Service” means all SaaS usage implies a service provider to your organization. Therefore, under Control 15, you are required to establish and maintain an inventory of all SaaS providers your organization uses alongside other service providers.

Detexian can help you discover, catalog and monitor SaaS usage in your organization.

CIS Control 5: Account Management

The sheer number of SaaS applications in use in modern organizations as well as the tremendous effort associated with the implementation of automated user provisioning and deprovisioning over a vast and heterogenous SaaS landscape often leaves significant gaps in account management.

Detexian will discover and monitor user activity, find dormant accounts and accounts which have been dormant and unexpectedly come back into use (a potential indicator of compromise) and help remediating risks arising from detected issues.

Control 6: Access Control Management

Many SaaS applications will have a large number of user accounts for legitimate reasons. These range from human administrators, through ordinary human users of the application to service accounts which enable integration with other SaaS products or legacy systems.

Detexian will discover and monitor all user accounts and their associated privileges and current status. You will gain visibility of privilege over-provisioning as well as accounts which are provisioned inconsistently across multiple SaaS applications.

Control 4: Secure Configuration

Most SaaS applications allow for a wide range of security configurations allowing the user to choose an individual balance of security and convenience. However, the default settings are often more focused on convenience and require hardening for a good security posture.

Detexian can detect and remediate many common security misconfigurations in your SaaS applications to establish a good security posture.

Control 8: Audit Log Management

When using SaaS applications, organizations are at the mercy of the service provider where audit logging is concerned. What is logged and how long logs are retained for can vary wildly between SaaS applications as well as licence tiers.

Detexian not only monitors the status quo but also keeps an audit log of changes which is held indefinitely. This enables you to determine when certain events occurred even if they were only investigated long after the fact. As Detexian monitors your SaaS applications externally, this also separates the audit logs fully from the service they pertain to.

Control 3: Data Protection

While historically data was largely stored within the defined perimeter of the corporate network infrastructure this is less and less the case today. Instead, most corporate data is held across a large number of SaaS applications which by their very nature cannot be contained within a defined perimeter. This is particularly critical to organizations that operate under data privacy and protection legislation frameworks like GDPR or CCPA.

Detexian can monitor data access including posture configurations like the use of multi-factor authentication (MFA), user privilege levels and activity as well as data sharing and mail forwarding across a large number of SaaS platforms.

Control 14: Security Awareness and Skills Training

With more and more data moving into the cloud and SaaS applications, it is important to train users in order for them to be aware of the new threats that come with this environment. It is no longer enough to know not to click any suspicious links in emails. Users now routinely share data in many different ways and need to know how to do so securely.

Detexian can help develop a tailored awareness program which is based on actual issues found in the organization’s SaaS footprint.