Our Series A: Why we're betting on the workforce as security's greatest asset

Nudge Security’s Series A accelerates its mission to provide visibility, automation, and workforce engagement across SaaS and AI security.

How SaaS discovery is useful in a merger or acquisition

Five ways Nudge Security helps you gain the visibility you need, secure your newly expanded SaaS estate, and plan for the future.

How to eliminate wasted SaaS spend and fund your 2026 priorities

Nudge Security is the only SaaS management platform that discovers up to two years of historical SaaS spend within minutes of starting a free trial.

CamoLeak: Prompt injection in GitHub Copilot enables code exfiltration

A critical vulnerability in GitHub Copilot Chat (”CamoLeak”) allowed attackers to silently exfiltrate private repository content and secrets.

OpenAI AgentKit and Agent Builder: Building secure AI agents

Learn how OpenAI’s AgentKit and Agent Builder work—and what security teams need to know to build safe, governed AI agents that protect enterprise data.

A deep dive on SaaS spend management

How to use spend data and insights to prioritize your SaaS rationalization efforts, maximize impact, and earn quick wins.

Shadow AI: The emerging threat in IBM's 2025 breach report

IBM's annual report reveals that while global breach costs have declined for the first time in five years, a new threat has emerged: shadow AI.

Shadow AI is the new shadow IT: Why a SaaS-first approach wins

Shadow AI is just the latest form of shadow IT. Learn why a SaaS-first security approach gives you the visibility and control to manage AI risks at scale.

Google OAuth vulnerabilities explained—and how to protect against them

A newly disclosed Google OAuth vulnerability allows former employees to retain access to corporate resources like Slack and Zoom, even after suspending their corporate Google accounts. Here’s what it means for your SaaS security posture and how Nudge Security can help.

Is it safe to connect ChatGPT to Google Drive & Microsoft OneDrive?

While the convenience of integration can boost productivity, the hidden dangers and cybersecurity risks can be significant.

How to discover and secure AI adoption with Nudge Security

Learn how our AI dashboard and dedicated playbooks help you to visualize and manage AI adoption at scale across your organization.

ForcedLeak indirect prompt injection in Salesforce Agentforce

Noma Labs disclosed a critical vulnerability chain in Salesforce Agentforce that allowed adversaries to exfiltrate sensitive CRM data.

A guide to identity and access management for SaaS

How to streamline IAM, starting with a complete inventory of every and SaaS app that’s been introduced into your organization.

SaaS security checklist: 9 best practices to try

How to expose shadow IT, eliminate SaaS sprawl, and take control of your supply chain.

SaaS discovery tools compared: a guide to finding and managing shadow IT in 2026

Not all SaaS discovery methods are created equal. Learn the pros and cons of different approaches and how Nudge Security delivers full visibility on Day One.

The Salesloft Drift breach and the rise of SaaS supply chain risk

The Salesforce breach exposed serious SaaS supply chain risks. Learn how OAuth integrations create blind spots and what to do about them.

What is a SaaS management platform? A 2026 complete guide

SaaS management platforms provide organizations with centralized visibility, control, and security for all their SaaS applications.

Breach of Salesloft Drift OAuth tokens leads to Salesforce data exposure

Attackers stole OAuth tokens from the Salesloft Drift app to bypass MFA and exfiltrate Salesforce data from hundreds of organizations.

DOM-based clickjacking vulnerabilities in popular password managers

Marek Tóth presented at DEF CON 33 a new attack technique called DOM-based Extension Clickjacking that impacts popular browser-based password manager extensions.

The rise of agentic AI: How autonomous AI changes governance

Discover how agentic AI is reshaping enterprise security and governance. Learn the risks, workforce impacts, and steps to stay ahead.

It’s time to move beyond the CASB

As the nature of work evolves, avoid falling victim to the sunk cost fallacy of CASB.

GreedyBear: Malicious Firefox extensions targeting crypto users

Security researchers at Koi Security have uncovered a large-scale, multi-faceted cybercrime campaign dubbed GreedyBear.

How to conduct an AI risk assessment

A practitioner's guide to running an AI risk assessment in order to safeguard organizational data and reputation.

5 ways customers use security nudges to drive action and results

From cutting SaaS costs to managing AI use, discover how Nudge Security customers use nudges to improve security outcomes and change workforce behavior.

Critical vulnerability identified in Base44 Vibe Coding platform

A critical vulnerability was discovered in the Base44 vibe coding platform, recently acquired by Wix.