Changelog

Nudge Security is expanding our capabilities to strengthen your SaaS security posture with the addition of our most recent connected apps for OpenAI, Cloudflare, and Fastly.

‍

With these new connected apps, you can gain deeper insight into these apps' configurations and user activities, and you can take actions to resolve and report on findings directly from within Nudge Security.

‍

For more info, refer to the dedicated connected apps webpages for OpenAI, Cloudflare, and Fastly.

‍

Nudge Security automatically discovers SaaS spend and delivers cost optimization insights in a Spend dashboard to help you make data-driven investment decisions and identify quick savings wins.

‍

Now, we’ve enhanced our Spend dashboard with new insights to help you monitor and optimize your SaaS expenses. With these updates, you can:

‍

• Track high-level insights such as total discovered SaaS spend, potential cost savings, total paid apps, and average spend per user.
• Monitor overall SaaS spend by category and cost center.
• Prioritize cost optimization interventions based on app spend and potential savings impact.

‍

ICYMI, we recently released security posture management capabilities for Google Workspace and Microsoft 365 to help you harden your identity infrastructure.

‍

Now, we’ve expanded these SaaS security posture management capabilities to Okta with a new Okta connected app, allowing you to: 

• Resolve Okta identity risks such as inactive privileged accounts, admin accounts with weak or missing MFA, and suspended admin accounts.
• Address Okta misconfigurations and risky policies, such as excessive session lifetimes and disabled threat detection functionality.
• Monitor Okta integrations and automatically revoke risky app-to-app connections.
• Prioritize findings with severity ratings and address configuration drift swiftly by kicking off automated remediation workflows.

‍

To get started, create a read-only token in your Okta tenant using an Okta read-only administrator account or a custom administrator account. Next, go to Apps > Connected Apps within Nudge Security and enter your Okta token to connect the app.

‍

Note: Customers using our existing Okta integration will need to enable the Okta connected app to access these new features.

‍

Nudge Security continually monitors your Google Workspace or Microsoft 365 environment to surface security posture findings and helps you resolve them quickly with remediation workflows. Our open API includes endpoints for security posture findings so you can keep your team’s work centralized within your existing tools. 

‍

Now, we’ve released a new Tines story to give you more options for taking action on findings from Nudge Security. With the new story, you can use Tines automation to create Jira tickets for Nudge Security SaaS security posture findings.

‍

Nudge Security continually monitors the security posture of your Google Workspace and Microsoft 365 environments so you can detect, prioritize, and fix risks and misconfigurations. 

‍

Now, we’ve added new rules to surface Microsoft Sharepoint security posture risks and misconfigurations. Nudge Security enables you to resolve risks efficiently with nudge workflows and context-aware remediation guidance for each finding. 

‍

Note: Existing customers using Microsoft 365 will need to accept additional scopes to enable these new security posture checks. To do so, go to Settings > Email Analysis, select “Update Permissions,” and accept the scope allowing Nudge Security to read the tenant-level settings of SharePoint and OneDrive.

‍

Nudge Security enables you to scale your SaaS security and governance efforts by nudging users through Slack or email. We’ve made several improvements to make it easier for you to re-nudge users who haven’t responded yet. Now, you can:

‍

• Re-nudge manually from the Nudge History page
• Customize automated re-nudging settings, including how many times to re-nudge and how long to wait between nudges
• Re-nudge directly from playbooks, either in bulk or to individual users

‍

Manage the authorizing user for your Microsoft 365 or Google Workspace integration

‍

Nudge Security enables email discovery using delegated permissions from the email administrator who serves as the authorizing user for your Microsoft 365 or Google Workspace integration. Now, we’ve made it easier for you to update your authorizing user when someone leaves your organization or the structure of your team changes. 

‍

You can change your authorizing user by going to Settings > Email Analysis. Before making the change, just make sure the new user has sufficient email admin privileges. 

‍

Nudge Security enables you to engage your workforce at scale by nudging users through Slack or email with just-in-time interventions that can be sent through playbooks, automated rules, or manually. Now, Nudge Security will automatically send a second nudge if a user doesn’t respond within three days. Users have 30 days to respond before the nudge expires.

‍

You can keep track of nudges, follow-up nudges, and responses within Nudge History, where you can filter apps by nudge type, response status, date range, app, or user. You can see each app’s Nudge History within its App Overview, or check out your global Nudge History under Notifications > Nudge History within the lefthand navigation.

‍

Nudge Security has extended our patented SaaS discovery method to include SaaS spend data from invoices in your users’ mailboxes, uncovering SaaS expenses that may not be captured by financial software.

‍

Now, Nudge Security discovers and analyzes invoices from the last two years to extract spend data such as billing frequency, amount, renewal date, billing owner, cost center, and most recent transaction, powering the platform’s cost optimization insights. For additional context, we’ve added an inventory of invoice details we’ve uncovered for each app, including information like invoice ID, date, payment status, payee, and description of services.

‍

These new discovery capabilities enable SaaS spend forecasting that accounts for previously-unknown spend and changes in SaaS adoption. You can track your own estimated annual budget for each app alongside Nudge Security’s record of historical spend for the last 12 months and projected spend based on actual usage. Nudge Security also calculates each app’s average cost per user, helping you prioritize SaaS deployment and investment decisions.

‍

‍

Nudge Security has released new API endpoints to help you search and retrieve security posture findings for Google Workspace and Microsoft 365. Now, you can use Nudge Security’s API to report on findings or ingest security posture data into your SIEM or SOAR tool to correlate events and accelerate incident response. 

‍

See our API documentation for more information on the new endpoints

‍