Obsidian Security

☕ It’s #CybersecurityAwarenessMonth! Every Wednesday, we’ll share a fact to help you stay cybersmart. Did You Know? Scattered Spider was able to pivot into an org's network <4 minutes after gaining access through SaaS. That’s faster than your coffee run😳 Learn more below

Our threat research team has identified a novel attack vector in the wild: abuse of the Azure AD self-service password reset (SSPR) feature obsidiansecurity.com/blog/behind-th… #SaaS #Azure #CyberSecurity

Understanding the phases of the #SaaS incident response lifecycle is vital. Watch our co-founder and CTO @chicagoben explain how to apply NIST’s four principles of security incident handling to your own SaaS incident response program. obsidiansecurity.com/saas-incident-…

Our Co-Founder and CTO, @chicagoben recently wrote that security leaders should encourage strategic thinking, then move the culture needle to promote that policy. Read that piece also in @DarkReading: darkreading.com/vulnerabilitie…

In his latest for @DarkReading, our CTO @chicagoben describes how we can make sure we're providing functional value to our organizations: ✅ Measure and test results ✅ Focus on items of greatest impact ✅ Get C-suite members involved Read more ⬇️ darkreading.com/vulnerabilitie…

Pure Storage is leading the way for forward-thinking organizations that understand the unique but substantial security challenges posed by their #SaaS ecosystem. Learn about how they’ve achieved success and the lessons they’ve learned in the process. ⬇️ obsidiansecurity.com/blog/pure-stor…

Did you hear the news? 📰 We're so excited to say that 94% of our employees say this is a great place to work! We care about giving people an opportunity to do meaningful, rewarding work. Learn about opportunities to join our team 👇 obsidiansecurity.com/careers/

Want to secure data in your critical #SaaS applications, but unsure where to start? Start your journey to safer SaaS today with a customized risk assessment. Check it out ⬇️

Working at Obsidian means contributing to an industry-leading cybersecurity product in an environment where customer satisfaction, privacy, and data ethics are paramount. And did we mention that we're @GPTW_US certified? If you're #OpenToWork, reach out to us!

We're proud to be certified as a Great Place to Work for the 2nd year in a row! And we're #hiring! See our open roles here: obsidiansecurity.com/careers/

Read our blog for details what exactly the exploit is and how to implement proactive measures based on your unique Teams instance that will minimize risk without causing any surprise disruptions to business operations.obsidiansecurity.com/blog/microsoft…

To ensure the integrity and privacy of sensitive Salesforce data, security teams should tightly control the permission and access levels of these unauthenticated guest users. How? Let's talk about it 👇 obsidiansecurity.com/blog/salesforc…

Whether by an update, a miscommunication, or just a simple mistake, application configurations can change discreetly over time. We help your team stay on top of #SaaS configuration drift. Learn more ⬇️ obsidiansecurity.com/stay-on-top-of…

We want to give people an opportunity to do meaningful, rewarding work. If you’re dedicated to solving real #cybersecurity problems, you’ll like it here. If you're #OpenToWork, we're #hiring engineers, account executives, and more. Learn about our open positions:

ICYMI: Last week, we announced an extension of our Posture Hardening capabilities. We're dedicated to optimizing security for a rapidly expanding mesh of SaaS applications, without burdening customers with the complexities of an SDK approach. Learn more ⬇️

Adapting #SaaS security strategies for the new era requires: ✅ the adoption of automation ✅ embracing collaboration to include more stakeholders ✅ advancing the strength of controls and policies It's no easy task. But we can help ⬇️ obsidiansecurity.com/blog/regulator…

SaaS Ransomware Attack Hit Sharepoint Online Without Using a Compromised Endpoint - securityweek.com/saas-ransomwar…

With cybersecurity, essentialism is more necessary than ever. Our Co-Founder and CTO, @chicagoben writes that security leaders should encourage strategic thinking, then move the culture needle to promote that policy. Read more in @DarkReading: darkreading.com/vulnerabilitie…

Our Threat Research team observed a #SaaS #ransomware attack against a company’s Microsoft 365 without using a compromised endpoint. Check out all the details of how our team and product were leveraged to determine the specifics of the attack. ⬇️