By Allan Kristensen, Chief Customer Officer, AppOmni
The recent Sisense data breach serves as a stark reminder of the vulnerabilities embedded in SaaS platforms. Sisense — a business intelligence (BI) and data analytics platform — was hit by a data compromise that allowed malicious actors to steal terabytes worth of customer data including credentials, secrets (e.g. API keys), SSL certificates, tokens, and email account passwords.
This incident triggered an alert from the U.S. Cybersecurity and Infrastructure Agency (CISA), underscoring the direct risks to a single SaaS application.
BI platforms like Sisense are also an ideal target for hackers interested in launching advanced supply chain cyber attacks due to its interconnected ecosystem of SaaS applications. Its products are designed to allow the building of custom dashboards by connecting to third-party services and data pipelines. “Attackers have realized how much value software suppliers have as targets due to the amount of data companies hand over willingly and which are often-times not protected adequately enough.” — The Record
What does this mean for my organization?
Organizations need to ensure they can swiftly navigate complex SaaS app connections — or “SaaS-to-SaaS” — and neutralize risks, safeguarding their digital environments against similar vulnerabilities.
When we say SaaS-to-SaaS, we refer to the way online services (or machines) integrate with other cloud-based apps, requesting and sharing data freely and automatically. This enables streamlined business operations and better productivity. But such seamless integration also comes with its own challenges.
Once an issue surfaces in one online service, it can trigger problems in other connected SaaS apps (a.k.a. the “blast radius” of a breach). The term describes the potential damage that can occur when a security breach happens in one service or app, creating a cascading effect across an entire network of connected services. The implications are far-reaching due to the interconnected nature of Sisense into Google for analytics, GitHub for repo code, Mailchimp, and many others. This breach potentially exposes not just its own data, but also sensitive data stored and managed within connected services, significantly expanding the blast radius.
What to do ASAP
- Reset credentials and secrets (e.g. API keys) potentially exposed to or used to access Sisense services (including Periscope Data).
- Investigate and report to CISA any suspicious activity involving credentials potentially exposed to or used to access Sisense services.
- Read guidance from Sisense’s CISO, as shared with customers.
How can AppOmni help with the Sisense breach?
AppOmni steps in with its powerful capabilities to monitor and manage SaaS applications, enabling organizations to promptly detect and tackle security threats.
Utilizing AppOmni’s advanced security features, companies can achieve a clear view of how their SaaS applications are interconnected, helping to identify and handle risks linked to third-party integrations. This capability is especially crucial in situations like the Sisense breach, where understanding the blast radius is essential for rapid response and mitigation.
SaaS-to-SaaS alerts from AppOmni ensure that companies are not only notified about breaches in near real-time but also equipped with the tools needed to effectively assess complex SaaS connections and minimize damage. In this case, the AppOmni platform can be used to identify Sisense or Periscope services connected to your SaaS environment so that you can quickly block those connections and take the recommended steps to reset credentials and secrets.
As incidents like the Sisense breach become increasingly common, deploying comprehensive SaaS Security Posture Management platforms like AppOmni is vital for protecting critical business data from sophisticated cyber threats.
Let’s get you started on a path towards secure SaaS productivity.
- Schedule a demo with the AppOmni team. Get answers to your questions, insights and visibility into third-party applications connected to your SaaS platforms, and learn if AppOmni is right for your organization.
- Download our SaaS Security Buyer’s Guide. Learn the 5 most important criteria for choosing the right SSPM platform.
- Share this blog with anyone who needs further guidance.
Related Resources
-
AppOmni Guidance on the Digital Operational Resilience Act (DORA)
Learn how traditional and non-traditional financial services institutions can comply with DORA requirements with AppOmni.
-
Sisense Customer Data Compromise: What to Know
Read about the Sisense data breach, implications of SaaS-to-SaaS connections (or third-party integrations), and how AppOmni can help.
-
Why Your SaaS Security Strategy is Incomplete Without SSPM
Relying on native SaaS security settings and CASBs can leave your organization vulnerable to cybersecurity threats. Read how.