The MITRE ATT&CK framework provides a common taxonomy for offensive and defensive cybersecurity teams while also serving as an invaluable reference tool for organizations looking to improve their security posture and threat response capabilities.

With Obsidian’s unique SaaS security expertise and extensive threat research, we’ve compiled some findings around emerging adversarial techniques being used against SaaS environments within a slightly modified version of the ATT&CK framework. Find out the tactics attackers are employing to gain access to SaaS applications, the measures they implement to maintain persistence, and the ways in which they tamper with or outright steal sensitive data while evading detection by traditional security solutions.