New features address critical identity risks and misconfigurations in Google Workspace and Microsoft 365
Nudge Security today unveiled new SSPM (SaaS security posture management) capabilities for its SaaS security and governance platform. This enhancement creates the industry’s most comprehensive solution of its kind, combining SaaS discovery, security posture management, spend management, third-party risk, and identity governance in a single, self-service offering that deploys in minutes.
Also Read: Implementing a Digital Adoption Platform in Your Organization? This can help!
As digital identities become prime targets for cyber threats, organizations are prioritizing efforts to strengthen and monitor identity infrastructure. Nudge Security’s SSPM capabilities enable IT and security teams to quickly identify and address identity risks and misconfigurations in their Google Workspace and Microsoft 365 environments, as part of the platform’s comprehensive SaaS security and governance capabilities.
“SSPM is crucial for any organization’s SaaS security strategy, but it’s only one piece of the puzzle,” said Russell Spitler, CEO and Co-Founder of Nudge Security. “While most SSPM solution providers begin and end with API integrations into a handful of known SaaS applications, Nudge Security tackles the broader SaaS security problem. We begin by discovering an organization’s entire SaaS ecosystem—applications, identities, and integrations—on Day One, and then provide critical risk insights and automation workflows that enable our customers to prioritize, plan, and execute their SaaS security and governance program end to end.”
Nudge Security’s new SSPM capabilities continually monitor technical controls for Google Workspace and Microsoft 365 against a set of common misconfigurations and security risks included in CIS security benchmarks, enabling customers to:
Also Read: Cloud and AI: Data management and data protection are primary pain points for CIOs and CISOs
- Surface identity risks like delegated email access, inactive privileged accounts, email forwarding outside of the organization, and other evidence of excessive or insecure access.
- Detect SaaS-to-SaaS integration risks, including unused OAuth grants with privileged access, active integrations associated with inactive users, and unapproved grants with risky scopes.
- Address critical misconfigurations such as high-risk or unrestricted groups, missing SSO or MFA, suspicious email audit rules, and domains without full DMARC configuration and enforcement.
- Prioritize findings based on risk severity
- Resolve issues efficiently with nudge workflows that guide the right stakeholders through remediation tasks.
[To share your insights with us as part of editorial or sponsored content, please write to psen@itechseries.com]
