Subscribe to all Changelog posts via RSS to stay updated on everything we ship at Nudge Security.
Nudge Security delivers a risk score for each OAuth grant in your environment to help you prioritize and manage OAuth risks at scale. Previously, risk scores were based on the permissiveness of each grant’s scopes.Â
‍
Now, Nudge Security has updated these risk scores to account for our recently-added OAuth risk insights, which highlight signals such as popularity, trust signals from vendors, and indicators of potential phishing. For example, a grant with an unusually high level of access may have a lower risk score if the grant was created by Google or Microsoft or has passed a security review. In contrast, a grant may have a high risk score despite more limited access if Nudge Security detects malicious domains or potentially deceptive practices within an app’s registration information.
‍
Today, we’ve expanded our SaaS security and governance capabilities with SaaS security posture management (SSPM) for Google Workspace and Microsoft 356, enabling you to remediate risks and misconfigurations in your identity infrastructure.Â
‍
Now, Nudge Security regularly checks your Google Workspace or Microsoft 365 environment against technical benchmarks to detect:
‍
‍
You can see an overview of findings from those checks in the new Posture dashboard, which highlights top findings, riskiest users, and remediation activities. See a full list of issues under Findings and resolve risks quickly with remediation workflows, including nudges to engage the right stakeholders and track resolution outcomes. Learn more in today’s blog.
‍
Nudge Security provides an AI Usage dashboard summarizing AI apps and usage trends across your organization, which includes AI tools users sign up for using SSO, username and password, and OAuth.Â
‍
Now, we’ve added a list of integrations associated with AI tools to the AI Usage dashboard, making it easier to surface OAuth risk insights for these integrations and discover opportunities to revoke OAuth grants for AI tools automatically.
‍
For each app in Nudge Security, customers are able to set an Approval Status of In Review, Approved, Acceptable, or Not Permitted. These statuses can be used to determine which apps appear in an employee-facing App Directory.Â
‍
Now, Nudge Security has added Approval Status as an available trigger for notification rules. For example, customers can create a rule to alert them if an employee creates an account with an Unapproved app, or automatically nudge the user to delete their account. New notification rules can be created by going to Notifications > Rules from the left menu bar and clicking “Create new rule.”
‍
We’ve released new filters to help you view and prioritize OAuth grants based on OAuth risk insights from Nudge Security. You can sort and filter your organization’s OAuth grants based on insight into an app’s popularity, configuration choices, vendor trust signals, use of restricted or sensitive scopes, and indicators of deceptive practices.Â
‍
We’ve added new filtering options for accounts and OAuth grants within Nudge Security to help you manage your organization's SaaS estate.
‍
Now, you can filter accounts by MFA status to surface and prioritize enrollment gaps. You can also filter accounts and OAuth grants based on categories such as organizational unit, department, division, location, and cost center, which are fields set within Google Workspace or Microsoft 365.
‍
Nudge Security has released new SaaS spend data and cost optimization insights to help security and IT teams drive smarter, more efficient SaaS investment decisions and surface opportunities to optimize SaaS spend.
‍
To help organizations take advantage of new spend data, Nudge Security has released a Spend dashboard highlighting SaaS expenses that may be unnecessary or redundant. With this new dashboard, customers can:
‍
‍
Nudge Security has added new SaaS spend discovery, empowering customers to make better SaaS investment decisions by triangulating insights into SaaS spend, risk, and usage.
‍
Now, Nudge Security automatically categorizes apps as paid based on data from email invoices and other billing communications from the previous three years, enabling organizations to track SaaS spend alongside app risk and usage insights. Nudge Security also automatically identifies a billing owner and cost center for each paid app. You customize the Google or Microsoft field Nudge Security uses to allocate spend to cost centers by going to Settings > Organization Settings.
‍
Customers can add additional spend data manually, such as estimated annual spend, billing frequency, and renewal date. This information can be found in a new Spend card within each App Overview, or you can sort, filter, and edit these new fields in bulk directly from the App view.
‍
Note: By default, Nudge Security will only extract billing information from emails associated with users that have accounts for an app, which means we will not analyze mailboxes without associated accounts such as accounts payable (ex: [email protected]) or group accounts. If there are additional mailboxes used to receive billing information that you would like to analyze, you can add them under Settings > Spend Settings.
‍
We’ve made it easier to consolidate SaaS usage by adding a new chart to the App Overview page showing similar apps in use at your organization. Now, you can visualize the adoption of apps with similar purposes and quickly assess how much their usage overlaps, helping you identify areas where you may be paying double.
‍
Nudge Security has introduced a chart within the App Overview pane to help you visualize app usage across different areas of your organization.
‍
Now, you can see how app usage breaks down by organizational unit, cost center, department, location, or organization, based on employee data from Google Workspace or Microsoft 365.
‍
