Join our daily and weekly newsletters for the latest updates and exclusive content on industry-leading AI coverage.
Enterprises use a massive number of Software as a Service (SaaS) applications. According to an estimate, the largest organizations use up to 371, a 32% increase from 2021. However, these apps are often scattered across departments with no clear oversight on who’s using what. Whether intentionally or unintentionally, they can easily be misconfigured, leading to numerous security issues.
Joseph Thacker, principal AI engineer for SaaS Security Posture Management (SSPM) provider AppOmni, highlighted the complexity of today’s SaaS applications, stating that a dedicated expert is almost needed for each one to ensure they are secure. Such expertise is rare, resulting in overworked security teams scrambling to understand all the security settings.
To address this issue, AppOmni has introduced its new tool, AskOmni, a generative AI-powered SaaS security assistant. With AskOmni, users can inquire about critical security questions, and the system will respond in plain language with essential data and remediation steps.
Thacker emphasized that enterprises often don’t prioritize SaaS security adequately, even though it houses core IP and sensitive data. Organizations need to shift their mindset about SaaS because threat actors can directly access data, bypassing devices or frameworks, creating a different security ecosystem.
The myriad of apps makes it challenging to manage security, leading to a deluge of security alerts that can feel overwhelming. Understanding which issues to tackle first is the initial hurdle. The situation is reminiscent of “shadow IT,” with AI now playing a similar role. Additionally, constantly evolving platforms like Salesforce and Microsoft 365 complicate the security landscape with continuous changes made by thousands of developers.
Thacker noted that amidst the overwhelming alerts, much of it is just noise with minimal malicious activity. However, effective permissions management remains difficult. For example, verifying username-to-admin correlations across different SaaS apps is complex due to inconsistent field names.
AskOmni aims to solve these problems by utilizing generative AI and natural language queries for common SaaS security decisions. The platform conducts contextual analysis, aggregates disparate data points, identifies issues, assesses risks, and alerts users in clear language, providing remediation steps. It brings in relevant findings on alerts for context and can identify attack chains, notify administrators of privilege overprovisioning issues, flag new threats, and offer remediation advice.
One of AskOmni’s main features allows users to ask how to secure specific environments with AppOmni, like securing Slack or interacting with Azure Active Directory to write PowerShell scripts for Microsoft 365 components. Thacker mentioned that the platform can guide users through remediation steps and write the necessary scripts.
While AskOmni is still in its early stages, Thacker shared ambitions for the tool to handle comprehensive questions like prioritizing remediation efforts or securely managing SaaS apps used by former employees. He believes that giving AI full data access within a tenant remains a future goal, but anticipates continuous improvements and cost reductions for AI models.
Thacker argued that, despite skepticism about AI capabilities, these limitations can be overcome with better context, examples, and enhanced harnesses or libraries around the language models. He concluded that AI will revolutionize tasks, making them more efficient and allowing teams to focus on solving new problems.