Enrich your understanding of SaaS and AI usage with real-time data and promote safe security practices with browser nudges.
Enrich your understanding of SaaS and AI usage with real-time data and promote safe security practices with browser nudges.
How SSPM solutions help automate the detection, remediation, and reporting of configuration issues, identity risks, and other SaaS security threats.
How SSPM solutions help automate the detection, remediation, and reporting of configuration issues, identity risks, and other SaaS security threats.
How to expose shadow IT, eliminate SaaS sprawl, and take control of your supply chain.
How to expose shadow IT, eliminate SaaS sprawl, and take control of your supply chain.
On March 14, 2025, attackers compromised a popular GitHub action, injecting malicious code to expose sensitive CI/CD secrets within workflow logs.
On March 14, 2025, attackers compromised a popular GitHub action, injecting malicious code to expose sensitive CI/CD secrets within workflow logs.
On March 20, 2025, global hacking group HellCat launched a widespread ransomware attack specifically targeting Jira servers.
On March 20, 2025, global hacking group HellCat launched a widespread ransomware attack specifically targeting Jira servers.
Within six months, KarmaCheck recovered 150% of its annual investment in Nudge Security.
Within six months, KarmaCheck recovered 150% of its annual investment in Nudge Security.
A widespread phishing campaign has recently targeted nearly 12,000 GitHub repositories with fake “Security Alert” issues.
A widespread phishing campaign has recently targeted nearly 12,000 GitHub repositories with fake “Security Alert” issues.
Microsoft Threat Intelligence revealed that Silk Typhoon is exploiting stolen API keys, OAuth credentials, and PAM credentials in supply chain attacks.
Microsoft Threat Intelligence revealed that Silk Typhoon is exploiting stolen API keys, OAuth credentials, and PAM credentials in supply chain attacks.
Harden your Google Workspace environment with these five essential security settings and configurations.
Harden your Google Workspace environment with these five essential security settings and configurations.
On February 27, 2025, security researchers revealed that LLMs were trained on datasets containing approximately 12,000 live API keys and passwords.
On February 27, 2025, security researchers revealed that LLMs were trained on datasets containing approximately 12,000 live API keys and passwords.
On February 27, 2025, security researchers from cybersecurity company Lasso discovered a serious data exposure issue involving Microsoft's Copilot.
On February 27, 2025, security researchers from cybersecurity company Lasso discovered a serious data exposure issue involving Microsoft's Copilot.
While SaaS features and discounts offer many conveniences, some of the industry's darker patterns can put your organization at risk.
While SaaS features and discounts offer many conveniences, some of the industry's darker patterns can put your organization at risk.
Six essential Okta security configurations that every security practitioner should monitor.
Six essential Okta security configurations that every security practitioner should monitor.
Protecting your organization’s data from NHI risks shouldn’t be a guessing game. Our app-to-app integrations table is here to help.
Protecting your organization’s data from NHI risks shouldn’t be a guessing game. Our app-to-app integrations table is here to help.
The swift success of DeepSeek comes with pressing concerns about data security, regulatory compliance, and the hidden risks of shadow AI.
The swift success of DeepSeek comes with pressing concerns about data security, regulatory compliance, and the hidden risks of shadow AI.
As the nature of work evolves, avoid falling victim to the sunk cost fallacy of CASB.
As the nature of work evolves, avoid falling victim to the sunk cost fallacy of CASB.
How to implement a structured framework to manage user access rights effectively across diverse applications and environments.
How to implement a structured framework to manage user access rights effectively across diverse applications and environments.
Please enjoy our reflections on the big moments, releases, breaches, and outages that defined the year in cybersecurity.
Please enjoy our reflections on the big moments, releases, breaches, and outages that defined the year in cybersecurity.
Gain deeper insight into your SaaS environments and strengthen your SaaS security posture with our growing library of connected apps.
Gain deeper insight into your SaaS environments and strengthen your SaaS security posture with our growing library of connected apps.
Nudge Security CEO Russell Spitler explores the possibility of an AI-fueled cyberattack in this OpEd published in The Information (subscription required).
Nudge Security CEO Russell Spitler explores the possibility of an AI-fueled cyberattack in this OpEd published in The Information (subscription required).
Proactively find and fix misconfigurations in Okta, Google Workspace, and Microsoft 365 with our new SSPM capabilities.
Proactively find and fix misconfigurations in Okta, Google Workspace, and Microsoft 365 with our new SSPM capabilities.
With a new, deeper integration for Okta, Nudge Security customers can further harden and protect their critical identity stack.
With a new, deeper integration for Okta, Nudge Security customers can further harden and protect their critical identity stack.
Nudge Security is the only SaaS management platform that discovers up to two years of historical SaaS spend within minutes of starting a free trial.
Nudge Security is the only SaaS management platform that discovers up to two years of historical SaaS spend within minutes of starting a free trial.
Thus far, IT automation has failed to address the hardest parts of employee offboarding. Here’s what IT and operations professionals need to know.
Thus far, IT automation has failed to address the hardest parts of employee offboarding. Here’s what IT and operations professionals need to know.
LastPass has reported a social engineering campaign using fake reviews on the Chrome Web Store.
LastPass has reported a social engineering campaign using fake reviews on the Chrome Web Store.
On October 30, 2024, a security flaw was detected in Okta’s AD/LDAP Delegated Authentication (DelAuth) service.
On October 30, 2024, a security flaw was detected in Okta’s AD/LDAP Delegated Authentication (DelAuth) service.
