As organizations adopt hundreds of SaaS platforms, users are interconnecting thousands of third-party applications to critical platforms like Atlassian, Microsoft 365, Salesforce, Google Workspace, and Slack without any oversight from IT teams.
Many SaaS applications are designed to enable third-party application integrations using plugins to extend their capabilities. These plugins are typically available through marketplaces such as Microsoft Azure and Google Workspace, and users can authorize their usage with a single click of a button. This authorization happens without any security team review, resulting in unknown third-party services having immediate access to sensitive resources and data.
Why Is Security for Interconnected SaaS Important?
Most apps are developed by reputable companies and come from trusted sources. However, individuals and companies without any insights into security practices also produce plugins, leaving the door open for malicious actors to access private and sensitive data.
Even some of the seemingly benign applications employees use daily—including calendar and video conferencing apps—might have access to sensitive employee or customer information. Employees are also sharing sensitive data and information in GenAI apps like ChatGPT.
While third-party plugins may provide a good user experience and increase productivity, they also create security risks, exposures, and potential compliance violations. Complex SaaS app-to-app relationships lead to the risk of unauthorized data sharing, overprovisioning of permissions, and high privileges granted to unknown SaaS vendors.
To address these concerns and to protect sensitive data, cloud access security broker (CASB) solutions must evolve to address these emerging threats. As a result, Palo Alto Networks has introduced Security for Interconnected SaaS, a feature integrated within our NG-CASB SaaS Security Posture Management (SSPM) solution and available with Prisma Access, to help mitigate the risks associated with the deep integration of enterprise SaaS applications.
Figure 1. Palo Alto Networks SSPM Interconnected SaaS Security solution showing a summary view of all third-party plugins detected within the Office 365 environment, severity levels, active users, and an application-level revocation option.
Security for Interconnected SaaS enables organizations to safely manage SaaS app-to-app plugins and integrations across marketplaces, providing the following benefits:
- Automatically discover and profile third-party apps or plugins to provide comprehensive visibility across the ecosystem when a SaaS app is onboarded for SSPM. This uncovers rogue or vulnerable apps and assesses each integration posture, behavior, and the risk involved with its API access.
- View and determine the organizational impact on all the apps or plugins installed for a given marketplace, workspace or by users.
- Understand the impact of these apps or plugins based on the access permissions granted to them.
- Understand the workspaces or users who have granted permissions to these plugins in your environment.
- Understand the level of access to sensitive data these plugins have based on the access scopes granted.
- Understand the GenAI apps or plugin usage in the environment, the users, or workspaces utilizing them and the access permissions granted.
Figure 2. Sample view of access scopes and permissions granted to ChatGPT for Slack plugin.
- Provide granular control for SaaS applications to manage access policies that can limit or revoke the use of plugins and integrations that do not align with security policies or serve a valid business function.
- Provide revocation control at a per-user level (users who are critical and therefore not allowed to have certain plugins) or at the application-level to deny access to a plugin at an organizational level.
- Provide continuous monitoring and auditing with an ongoing scanning protocol to immediately capture any changes in the SaaS environment and assess for risk.
What Marketplaces Does Palo Alto Networks Interconnected SaaS Currently Support?
Security for Interconnected SaaS currently supports the following SaaS application marketplaces:
- Atlassian (JIRA & Confluence)
- Google Workspace
- Microsoft Azure
- Salesforce
- Slack Enterprise
Secure against SaaS App-to-App Integration Vulnerabilities with Security for Interconnected SaaS
Security for Interconnected SaaS delivers a comprehensive solution to protect against the vulnerabilities created by SaaS app-to-app integrations. By providing essential visibility and control, this new feature empowers businesses to safeguard their data effectively.
Take action to secure your SaaS ecosystem and protect your enterprise against the hidden risks of interconnected apps. Interested in learning more? Reach out to get started with a demo today.