SaaS sprawl and AI adoption surged in 2025, creating new security challenges. Here are the key product updates we delivered to help teams stay ahead.
As 2025 comes to a close, we’ve been reflecting on how quickly the landscape shifted this year. Workforce AI use matured faster than any of us expected—moving from one-off productivity helpers to interconnected agents embedded across the SaaS tools we all rely on. And with MCP servers linking those agents into business-critical systems, organizations suddenly needed new compensating controls just as quickly as they were adopting new capabilities.
‍
2025 was also a milestone year for us. We raised our Series A funding, giving us the fuel to accelerate our mission to secure the modern workforce without blocking productivity. As we head into 2026, we’re more energized than ever—and grateful to everyone who partnered with us along the way.
‍
Here’s a look back at what we accomplished together.
‍
‍
If 2025 proved anything, it’s that AI security isn’t a separate category at all—it’s an extension of SaaS security. The surge of SaaS-delivered AI tools made this clearer than ever. Employees are adopting AI tools the same way they adopt SaaS tools, and those tools plug into the same browsers, the same identity systems, the same data flows, and the same supply chains.
‍
In other words, the risks aren’t new—they’re amplified. And the controls organizations need haven’t changed either. Real-time visibility, powerful automation, and active workforce participation remain the only scalable ways to secure the modern workplace.
‍
With that philosophy at the center, we invested heavily this year in capabilities to help customers discover, protect, and govern workforce AI use at scale. We released:
Read more about our approach to AI governance at scale →
‍
‍
Third-party risk no longer ends with the vendors you contract with. It extends to the thousands of connections, plugins, and integrations your employees authorize every day, as well as the vendors in your vendors' supply chains.
‍
The Salesloft Drift breach was a prime example of a modern SaaS supply chain attack: The attackers gained access to Salesforce instances not by breaching Salesforce directly, but by leveraging stolen OAuth grants, bypassing MFA and exfiltrating data. These app-to-app access pathways are often unmonitored and forgotten, providing a hidden doorway for attackers.
‍
This year, we doubled down on helping you see and manage that expanding digital supply chain—without slowing down the business. We’ve given you:
Read more about third-party risk management with Nudge Security →
‍
‍
Managing identities across a sprawling SaaS estate is a heavy lift. Accounts, credentials, and non-human identities continue to multiply—and manual workflows can’t keep up.
‍
This year, we focused on improving automation and visibility to ease that burden:
‍
‍
Security operations should be seamless, not a bottleneck. That’s why we’ve invested deeply in usability, automation, and customization—so you can move faster and manage more without increasing manual work.
‍
This year, we delivered:
Subscribe to our changelog and you’ll never miss an update.
‍
These updates have empowered our customers to stay ahead of emerging risks, automate tedious workflows, and govern AI and SaaS adoption at scale—all without slowing down innovation. We’re proud to provide the real-time visibility and proactive controls modern IT and security teams need to protect their organizations while keeping the business moving forward.
‍
Thanks for being part of our journey this year. Here’s to a secure and innovative 2026!
