Savvy launches Identity-First Security offering

TEL AVIV, Israel – Savvy, a software-as-a-service (SaaS) security platform provider, announced its Identity-First Security offering that uncovers risks created by a combination of identity access management (IAM) permissions, user behavior, and business context.

According to Savvy, individually these elements may appear benign, but together pose extreme organizational risk that can lead to data breaches, financial loss, compliance violations and brand damage. Risks that can be alleviated with Savvy’s new offering as it arms users with comprehensive visibility into SaaS applications, as well as associated user and app identities.

“Enterprise SaaS growth is empowering employees to be more productive, but is also allowing identity risks to grow unfettered because businesses have little-to-no visibility or control,” said Guy Guzner, CEO of Savvy. “Our platform helps organizations safely embrace all the benefits of SaaS by discovering the most damaging identity risks and then using our automation playbooks and just-in-time security guardrails to guide users at scale towards proper identity hygiene.”

The company said that rapidly growing SaaS adoption has led to a wealth of challenges. According to Stratecast and Frost & Sullivan, 80% of employees adopt SaaS apps without IT approval, and Savvy’s research revealed 400% more shadow SaaS apps than federated apps, and, of those, 60% of employees used weak, reused or compromised passwords.

Savvy also found that over 35% of employees access federated SaaS apps directly, bypassing SSO and multi-factor authentication (MFA). Savvy said that in every organization analyzed, incomplete offboarding of app identities with access to sensitive data were discovered, a finding that has wide-ranging implications for regulatory compliance requirements.

“Savvy’s free assessment revealed identities of former employees that I believed were offboarded but still had access to SaaS apps containing sensitive company information,” said Andrew Wilder, retained CISO and advisor for multiple organizations. “The offering allowed me to more effectively offboard users and properly maintain compliance. It also opened my eyes to just how many shadow identities existed across our organization due to third-party software.”

Interested parties can register for the companion webinar for a deeper dive on these SaaS security topics by visiting https://go.savvy.security/identityfirst.