Learning Center

Gaining visibility into all the SaaS apps used across an enterprise is hard enough, but it becomes an even greater challenge when only a portion of the apps go through the company’s established policies for acquiring new tech. What do other organizations do differently to reduce their SaaS risks more effectively?

Cybersecurity is much like a relentless game of “whac-a-mole”--the advent of new technologies invariably draws out threats that security teams must quickly address.

Frameworks such as NIST CSF, SOC2, and ISO/IEC 27001 are intended to improve an organization’s cybersecurity posture and demonstrate program maturity to potential customers. At least in theory. However, in practice, there’s a thin and widening crack below the surface—shadow SaaS—and overreliance on these frameworks may create a false sense of security.

Explore how Grip Security could have preempted Midnight Blizzard's recent cyberattack on Microsoft, effectively intervening at several junctures prior to the data exfiltration.

As enterprises strive to modernize legacy identity and access management (IAM) systems as companies embrace business-led IT, understanding and mitigating the risks associated with shadow SaaS is crucial.

Hewlett Packard Enterprise (HPE) recently filed a mandatory SEC disclosure indicating that Russian hackers breached its cloud email environment, and that the incident was possibly linked to a prior internal email security breach that took place in 2023.

In today's dynamic business landscape, mergers and acquisitions (M&A) are frequently employed strategies for growth and diversification. While M&A endeavors offer the promise of extended market presence and competitive advantages, they often introduce significant challenges, especially in the realm of IT system integration.

The volume of cybersecurity transactions increased in 2023 compared to the previous year, but the total amount of funding secured by companies decreased significantly, according to cybersecurity recruitment firm Pinpoint Search Group.

The Grip SaaS Security Control Plane now integrates with Slack to enable the seamless flow of real-time risk alerts directly to designated channels.

U.S. global apparel and footwear company VF Corporation, which owns Vans, Timberland, and North Face, has confirmed having its operations disrupted by a cyberattack, which has led to the encryption of some of its systems and the theft of data, including personal information.

Grip Security, a leader in SaaS identity risk management, announced it has been named to the ‘Cyber 60’ list of top venture-backed startups that offer enterprise-grade cybersecurity solutions in the marketplace.

Fortune teamed up with Lightspeed Venture Partners to identify the fastest-growing startups.

On November 20, 2023, the politically-motivated hacking group SiegedSec said it breached the INL nuclear lab and stole “hundreds of thousands of user, employee, and citizen data.”

The Grip SSCP stands as a unique solution, as it has the potential, in some cases, to generate savings significant enough to offset or even entirely fund the initial purchase cost of the product, making it a financially wise investment for organizations seeking to bolster their digital security and risk governance programs.

In our annual Stellar Startups (previously Emerging Vendors) special report, CRN shines a spotlight on some of the most exciting channel-focused startup vendors with leading-edge technologies that are creating new opportunities for solution providers.

Genetic testing company 23andMe has confirmed a data theft incident from a credential stuffing attack targeting user accounts.

A threat actor is selling data belonging to nearly one million customers of DNA testing company 23andMe, BleepingComputer reports.

One of the significant challenges that companies have faced in complying with 23 NYCRR 500 is their tendency to prioritize traditional Software as a Service (SaaS) solutions while neglecting the critical issue of shadow IT SaaS.

18 members of Forbes Technology Council discuss some of the amazing new and emerging biotech tools and developments everyone should know about and why they’re so exciting.

Secure the SaaS identity risk landscape, neutralize identity threats and stop SaaS breaches

Johnson Controls International (JCI) has suffered a ransomware attack that encrypted devices and affected internal and partners’ operations.

In this special Grip Workshop, we share strategies and real-world examples. Grip enables security teams to navigate the future of innovation together, with identity-first SaaS security that is consistent, contextual, and continuous.

Johnson Controls International (JCI) this week reported in a filing with the US Securities and Exchange Commission (SEC) that it had suffered a cyberattack that caused disruptions to its internal IT infrastructure.

Organizations often recognize the imperative of implementing MFA across their SaaS environments to protect sensitive data and maintain compliance. Here, we explore the benefits of “MFA Everywhere”, the projects driving it, and why it is so difficult to achieve.

Every day, employees are using SaaS and creating a new, dynamic identity perimeter that is the top target of attacks. This creates an identity security challenge that is growing bigger moment-by-moment. In such an environment, how do organization achieve digital trust across the sprawling SaaS-Identity risk landscape?

The top 67 cybersecurity startups to watch in 2023, their innovations in new and emerging technologies, length of operation, funding rounds, scalability, and more, followed by a discussion of broader trends affecting buyers, startups, and investors.

Identity and SaaS security are inextricably linked and leads to increased SaaS-Identity risk. In this workshop, our guests from Inversion6, Craig Burland and Chris Prewitt — an expert team of CIOs, offer strategies and recommendations to mitigate this risk.

SSPM solutions are one facet of a broader enterprise SaaS security issue. SaaS-Identity risk management is an emerging principle the focuses on the intersection of identities and SaaS apps, mitigating risk at the most foundational level — accounts and access.

By managing user identities, authentication mechanisms, and access permissions effectively, organizations can bolster their security posture and reduce the risk of data breaches and unauthorized activities; the foundations of SaaS-Identity Risk Management.

Discover non-SSO apps and secure user access for SaaS that do not support federated authentication protocols like SAML or OIDC.

Discovery, govern, and prioritize shadow SaaS for integration with JumpCloud single sign-on (SSO).

Grip Security has secured $41 million in series B funding, bringing our total funding to an impressive $66 million.

Grip Security, a distinguished leader in SaaS identity risk management, is celebrating a major achievement as it announces the procurement of $41m in its Series B fundraising endeavour.

Grip Security just raised $41M in Series B funding! In conjunction with the announcement, CEO Lior Yaari answered our questions about the company, the product, the funding round and future plans.

Grip’s SaaS identity risk management is a hot one, which has helped their growth, as has the continued evolution of their channel-centric strategy.

Grip Security, a Boston-based SaaS identity risk management provider, raised $41m in Series B funding. Third Point Ventures led, and was joined by YL Ventures, Intel Capital and The Syndicate Group.

Grip Security, a software-as-a-service identity risk management startup, scored $41 million in Series B funding.

Grip Security, a leader in SaaS identity risk management, today announced it is raising $41 million in Series B funding led by Third Point Ventures, with participation from YL Ventures, Intel Capital and The Syndicate Group.

Grip Security raised $41 million in Series B funding led by Third Point Ventures, with participation from YL Ventures, Intel Capital and The Syndicate Group. The investment brings Grip Security’s total funding to $66 million and marks a major milestone for the company.

Israeli startup Grip Security has banked $41 million in new financing from a group of investors led by Third Point Ventures.

Israeli software-as-a-service security platform startup Grip Security Ltd. announced today that it has raised $41 million in new funding to accelerate its growth trajectory, including expanding investment in go-to-market teams, research and development, operational functions and global expansion.

Grip Security, which provides businesses with the tools to protect their SaaS applications and describes itself as the “industry’s first SaaS security control plane,” today announced that it has raised a $41 million Series B funding.

Tesla filed a data breach notification to Maine regulators saying a data leak carried out by two former employees resulted in the exposure of personal data for 75,735 current and former employees.

In May, American automotive giant Tesla suffered a massive data breach that exposed a range of data belonging to past and present employees and customers.

The carmaker also reported it's taken legal action against the former employees involved in the data breach, which involved more than 75,000 names.

This article takes a lighthearted approach, leveraging the captivating Mission: Impossible narrative to shed light on a serious topic and promote a heightened awareness of cybersecurity practices.

This article takes a lighthearted approach, leveraging the captivating Mission: Impossible narrative to shed light on a serious topic and promote a heightened awareness of cybersecurity practices.

In this Grip Workshop, we are joined by special guest Jon Mendoza of Technologent as we examine how to secure the SaaS-Identity attack surface and stay audit-ready in an unknown world.

Two ransomware gangs have breached the multinational cosmetics company The Estée Lauder Companies, with one attack being an apparent MOVEit data breach.

We explore the implications of identity-first security on identity governance and identity security, converged identity and access management (IAM), the adoption of the cybersecurity mesh architecture, and interdisciplinary fusion teams that will shape the future of IAM.

The Estée Lauder Companies Inc. disclosed an incident in which unauthorized parties gained access to some company systems.

HCA, a Nashville-based healthcare network of 180 hospitals and more than 2300 ambulatory sites in both the UK and the US, confirmed sensitive patient information was leaked during a recent cyber attack – and is now up for sale on the dark web.

Automated, one-click user offboarding for hundreds of active and dormant SaaS services and apps

A data breach at TSMC, a Taiwan-based hardware supplier, has been confirmed to be the work of LockBit.

Taking a step back and understanding the problem of SaaS discovery, Grip has developed a method that has the advantages of all the other discovery methods without the downsides.

Stay audit-ready and enable secure access controls, protections, and safeguards for identities — whenever and wherever SaaS is used

In episode 92 of the Acceleration Economy Minute, Kieron Allen discusses a new analysis of the software-as-a-service (SaaS) applications market from Grip Security, which is on their Top 10 Shortlist of Cybersecurity Enablers.

Taiwan Semiconductor Manufacturing Company (TSMC) has blamed one of its equipment suppliers for the LockBit breach that has exposed the chip-making giant to a $70 million ransom demand.

Grip has teamed up with CrowdStrike and its cutting-edge Falcon Identity Threat Protection module for unified identity security — whenever and wherever SaaS is used — a game-changing solution that empowers businesses to fortify their identity perimeter and safeguard modern work.

Secure user access to non-SSO apps or those that do not support federated authentication protocols like SAML or OIDC

With extensive analysis of the SaaS landscape, Grip uncovered an astounding 74,979 unique SaaS applications. Our research and global data collection have allowed us to gain valuable insights across the SaaS-Identity attack surface.

Discover the crucial role of identity management in fortifying security for Software-as-a-Service (SaaS) platforms in this insightful Forbes Tech Council article.

Unify identity policy, governance, and security across the SaaS-Identity attack surface — integrated and orchestrated with ServiceNow.

Protect your organization from security breaches with our guide to understanding Identity Access and Management (IAM). Learn how to secure your data today.

While zero-trust security offers significant advantages over traditional perimeter-based controls, it also comes with its own set of challenges. Here are the top five challenges of zero-trust security:

Channel allies become more valuable as startups look for cost-efficient routes to market and vie to stand out in crowded sectors such as cybersecurity.

More employees are working remotely on unmanaged devices and using unmanaged SaaS services, and a company’s data and critical applications are increasingly beyond the enterprise perimeter and out of the domain of SSE solutions.

Discover the limitations of SSPM in protecting the identity fabric of SaaS security and explore alternative solutions for a comprehensive security strategy.

Neutralize identity threats, stop SaaS breaches with Grip and CrowdStrike.

Leverage Torq building blocks to easily offboard SaaS users, triggering Grip workflows to revoke access to targeted SaaS, users, or both.

Here, we cover the synergy between SOAR and identity security, outlining their individual functionalities and exploring the benefits that arise from their integration.

Continuous visibility and automated action to secure the SaaS-Identity attack surface.

When a data breach occurs at a critical SaaS provider and gains media attention, it often creates a sense of urgency for security teams.

Identities are assets, not people. And for more than a decade, the enterprise identity fabric has been one of the most difficult attack surfaces to contain or protect. Security teams are confronting these challenges with visibility to their SaaS-Identity attack surface and establishing identity-first security.

Learn how to extend zero trust security to SaaS apps you don't control. Discover strategies and best practices to enforce identity security policies.

CIO Influence Interview with Lior Yaari, CEO, Grip Security, discusses on the “adaptive security” management from a modern context.

Delivering on top cloud security priorities — visibility, risk, and access control — across the enterprise SaaS layer.

Over time, employees can have hundreds of SaaS accounts, with the average user having 182 SaaS relationships. Many are dormant or unused, but they may contain sensitive or confidential company information or data that should be secured also known as SaaS security.

The nature of the risks are different, which is why security is a significant focus of digital transformation initiatives. For SaaS in particular, there are a set of best practices CISOs can implement that can help companies embrace digital transformation and balance their risk management policies with the business objectives.

Access control and management are central components of SaaS-Identity security. Sprawling SaaS services can expose companies to several risks if left unchecked, nearly all of which compromise corporate identities. This guide helps security leaders achieve more effective SaaS-Identity access management and control.

We talked to 100+ CISOs to understand how SSO helps them with SaaS-Identity security and why more SaaS applications are not monitored through their SSO implementations. Security leaders shared the five key reasons for why SSO is not able to fully solve the SaaS-Identity security or complexity.

Protect your organization with Identity Fabric for Identity Threat Detection and Response (ITDR). Learn how to enhance security and mitigate identity-related risks.

To secure SaaS properly requires an architectural change, where there is a SaaS security control plane that discovers, prioritizes, secures, and orchestrates security. Implementing a strategy with this approach can help companies address the following five risks every company needs to address.

Based on the work Grip has done with hundreds of companies, we have seen the following five step framework highly effective in helping companies create a secure, workable framework — safeguarding identities, whenever and wherever SaaS is used.

Every new Gartner magic quadrant complicates the marketplace but at the same time helps us understand the other vectors we need to protect. Do new categories of security products help or hurt the industry? Listen to the podcast, Defense in Depth to find out.

18 members of Forbes Technology Council speculate about some of the functions and features mobile devices might have within 10 years and how those advances will change what users can do with them.

Leading American payment services firm NCR has disclosed it suffered a ransomware attack targeting a data center in Aloha, Hawaii.

Thousands of restaurants impacted by what Aloha PoS parent company NCR says was a ransomware attack on one of its data centers.

While zero-trust security offers significant advantages over traditional perimeter-based controls, it also comes with its own set of challenges. Here are the top five challenges of zero-trust security:

We examined the risks of identity sprawl across 46 unique enterprises, constructing a SaaS-Identity fabric and found that every organization is affected by the ever-expanding growth of SaaS and identity decentralization.

In the latest episode of the Cybersecurity Minute, an Acceleration Economy analyst discusses Grip Security and how it fits into SaaS security.

Get a full understanding of cloud identity security and how to use it to enhance security and stay ahead of the game with this comprehensive guide.

The members of Forbes Technology Council share the details (both positive and negative) they watch for when assessing job candidates and why they’re so important.

Weak SaaS security is an opportunity for cyber attackers to infiltrate your organization and hijack your data. A SaaS risk management program identifies SaaS usage across your organization and identifies the risky and unattended accounts.

11 Forbes Technology Council members, including Lior Yaari, share some key tech skills and related knowledge they believe every professional should have, even if just at a basic level.

Understand what an identity fabric is and its significance for modern Identity Security. Learn why it's crucial for protecting digital identities.