The Obsidian Security SaaS Threat Landscape shares emerging trends and techniques impacting the security of SaaS applications today. It is informed by true positive data points aggregated from across our customer base, as well as hundreds of engagements with incident response partners who leveraged our platform to investigate and address breaches that spread to SaaS over the last 12 months.

The report begins with a broad examination of security incident volume, targeted applications, and affected industries. Then, it drills into specific threat vectors that security teams should understand and account for when formulating their SaaS security strategies.

Discover firsthand Obsidian threat intel with data that includes:

  • 10 times more successful SaaS breaches identified over a 30-day period year over year
  • 93.1% of SaaS breaches are direct account takeovers with no prior endpoint compromise
  • 27.6% of SaaS security incidents involve credential or session token interception by an adversary in the middle