Choose your favorite sci-fi saga set in the multiverse: The Matrix, Into the Spider-Verse, Everything Everywhere All at Once, Loki, any recent Marvel film. They all share a common plot device: our hero peers behind the existential curtain to reveal multiple, parallel universes that exist at the same time. The hero then figures out how to bop around these universes, chasing bad guys and such.
‍
This is not unlike modern IT environments, actually.
‍
‍
When IT security and risk management leaders begin to peer behind the curtain of their corporate IT estates, they often discover a multiverse of cloud and SaaS instances running in parallel, usually in siloes. For example, a sales team decides to evaluate Zendesk without knowing that a support team is already using it. An acquisition results in multiple, redundant instances of Salesforce, Workday, and other business-critical apps. A contractor creates an individual Dropbox account outside of the company’s managed Dropbox environment. The list goes on.
‍
As if SaaS sprawl weren't already a big enough challenge, the proliferation of SaaS instances compounds this issue exponentially. When an organization uses multiple instances of a single SaaS app, several critical problems can emerge:
‍
The first problem we solved with Nudge Security was getting visibility of all SaaS apps and identities everywhere modern work happens. Done and dusted.
‍
From the start, we’ve used our patented email discovery method to detect sprawl and shadow tenants across cloud infrastructure (IaaS), code repositories, and artifact hosting, summarized in our attack surface dashboard. And, we’ve helped customers bring rogue and abandoned AWS accounts under centralized governance with our playbook automation.
‍
‍
Still, we saw the need and the potential to extend our SaaS discovery method even further to capture deeper insights into SaaS instances like subdomains (think: company-prod.datadog.com), Notion Workspaces, GitHub Organizations, Slack Projects, and much more. To date, we’ve been capturing many of these instance types as resources within an app.
‍
In today’s product release, we updated Nudge Security to display some instance types (namely, instances defined by a unique subdomain) in an Instances tab a SaaS app. We’ve also begun to associate individual users with the SaaS instances they have access to. And, through our integration with Okta, we can discover and enrich our understanding of which specific instances are managed through SSO, which is also captured in the new instance inventory. Check it out in the demo below:
‍
‍
This is just the beginning. By establishing a solid foundation for instance discovery and management, we can begin to explore interesting use cases such as:
‍
Find out how else Nudge Security can help you meet your SaaS security and governance goals. Start your free 14-day trial today.
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur.
Block quote
Ordered list
Unordered list
Bold text
Emphasis
Superscript
Subscript