BREAKING: UNC6395 – The Biggest SaaS Breach of 2025

ShinyHunters and Scattered Spider: A Merger of Chaos in the 2025 Salesforce Attacks

From DNS Takeover to Org Admin: Secondary Attacks on Atlassian Cloud

The Hunt for Malicious Browser Extensions: What Security Teams Need to Know

Solving Insider Risk in the Age of SaaS and AI

SaaS Security Shared Responsibility Model: Who’s Responsible for SaaS Security?

Shadow AI Risks: How ChatGPT’s New Features Threaten Enterprise Data Security

Recent Trends In Advanced SaaS TTPs

OneDrive Security Risks: Microsoft Grants Full Access to Third-Party Apps

Behind the Shield: Cracking the Limits of Okta FastPass

Salesforce Misconfiguration Continues to Expose Links to the Public

How to Build an Ethical AI Framework

Lessons Learned from the DeepSeek Cyber Attack

Identity Threat Prevention: Email Security vs In-Browser Detections

How Do Attackers Bypass Email Security?

What Are Adversary-in-the-Middle (AiTM) Attacks?

Shadow SaaS Discovery: Email Scanning vs. In-Browser Monitoring

Why Shadow AI and Unauthorized GenAI Tools Are a Growing Security Risk

What Is Shadow SaaS?

Defeat Fake CAPTCHA Attacks from the Source

2025 NYDFS Deadlines Expose SaaS Security Gaps—How to Avoid Paying Millions in Fines

Demystifying Okta AiTM

Ten Tactics for Introverts in Open Office Plans

How to Build Your Dynasty: Hire for Passion, Train for Skill, Coach for Performance

Sticking The Drop — My Journey to Obsidian

Why to Stop Writing Negative Code

Javascript Arrow Functions are Overhyped

Trashing Shared Documents Is Harder Than it Looks

Insider Threats Can Come from Negligence and Carelessness

Case Study: Fighting Account Bloat and Identity Sprawl with Obsidian

Data Guardianship Core Principles: 1 of 3

Data Guardianship, Linking Data Privacy to Power: 2 of 3

You Need More Than Identity Governance to Secure Non-Employee Access

Data Guardianship – GDPR: Live it, Love it

Applying the NIST Framework to Protect Cloud Access

Who’s Building Your AI? Research Brief

Security for “Space as a Service” aka Co-working Spaces

Cloud Detection and Response Is the Missing Element of Cloud Security

Obsidian Makes the CNBC 2019 Upstart 100 List

Reflecting on the Obsidian Internship Experience

Obsidian is an RSAC Innovation Sandbox Finalist!

The Beauty of Code: A Painting Series

Healthy Remote Work in the Cloud

Conference Confidently on Zoom with Obsidian

Introducing Obsidian Search

Obsidian Now Offers SSO with SAML Authentication

SaaS Security is an Efficiency Problem

Obsidian + CrowdStrike: Detection and Response Across Cloud and Endpoints

Obsidian for Workday is Here!

Custom Alerts: Focus on What You Care About

SaaS Security Posture Management: Why You Need More

DIY SaaS Security: Should You Do It?

Continuous SaaS Security Monitoring is Mandatory in a Globally Connected, Always On World

2020: The Year of SaaS

Obsidian Security Welcomes Investor Promod Haque and Norwest Venture Partners

Five Challenges of Workday Security

The Components of a Holistic SaaS Security Strategy

Log4j Vulnerability Impact on SaaS

Extending Zero Trust to Your SaaS Applications

Abusing HR Self-Service for Crime and Profit

Stopping Identity Provider Session Hijacking

Better OAuth Security for your Core SaaS Applications

7 Tips to Manage Data Privacy With a Lean Team

A Deep Dive into SaaS Session Hijacking

Modern Threat Detection: Making Impossible Travel Possible

ServiceNow Security with the Obsidian Platform

Responding to Cybersecurity Risks from the Russia-Ukraine War

What is the Obsidian CODE?

Securing OAuth for Microsoft Environments

Responding to the Twilio SMS Incident with Obsidian

Spotting SaaS Application Vulnerabilities

SaaS Security Soars at Fal.Con 2022

The Evolution of SSPM

Obsidian Outlook: 2023 SaaS Security Predictions

Obsidian’s Security and Privacy Compliance Journey

CircleCI and Slack Security Incidents Highlight Risks of Token Compromise and SaaS Integration Threats

Reducing Risks and Threats with Continuous SaaS Compliance

Welcome to SSPM Week

Introducing The Next-Gen of SaaS Security Posture Management

SaaS Security Posture, Made to Measure with Customization

Making SaaS Compliance Easy with Automated Report Generation

Navigating SaaS Posture Management in an Era of Evolving Regulatory Compliance

Introducing Obsidian Integration Risk Management: Reducing the Risk of Third-Party SaaS Integrations

Secure Your Entire SaaS Estate with Obsidian Extend

Learn with Obsidian Lightboards: SaaS Compliance, SaaS Incident Response, and More!

Obsidian Security Wins Top Honor At Global InfoSec Awards

Salesforce Misconfigurations are Exposing Sensitive Data

Regulatory Amendments Have One Thing in Common: SaaS

Pure Storage on Launching a Corporate SaaS Security Program

Microsoft Teams Phishing Exploit

Behind the Breach: Phishing & Token Compromise in SaaS Environments

The Power of Audit Logs: Critical Lessons from the Recent Storm-0558 Threat

Behind The Breach: Self-Service Password Reset (SSPR) Abuse in Azure AD

SSPM to the Rescue: Accelerating SaaS Incident Response by 90%

The Growth of SaaS Security: An Astrophysical Perspective

Obsidian Security Receives the 2023 SINET16 Innovator Award

Understanding Social Engineering Attacks on Helpdesk Agents

SaaS Security in Healthcare: What You Need to Know

Behind the Breach: Cross-tenant Impersonation in Okta

Fortify Okta Against Session Token Compromise

ShinyHunters Breach Workday in Latest Salesforce Attack

Allianz Life Salesforce Data Breach: Scattered Spider & ShinyHunters Attack

143,000 Claude, Copilot, ChatGPT Chats Publicly Accessible. Were You Exposed?

UNC6040 Breaches SaaS Apps at Google and Other Major Companies

Grok API Key Leak Exposes xAI Models to Major Security Risks

ServiceNow Vulnerability Exposes Sensitive Data to Unauthorized Users

2025 NYDFS Cybersecurity Compliance Checklist

Malicious Browser Extensions Infect 2.3 Million Users

Scattered Spider Now Targeting Airlines and Transportation, FBI Warns of Imminent Data Theft

A Complete SSPM Guide: 6 Steps to SaaS Security Posture Success

SaaS Security Posture Management (SSPM) Checklist 2025

16 Billion Passwords Leaked Online in Record Data Breach

UNC6040 Vishing Campaigns Targets Salesforce for Data Theft

Secure Your Browser-Based Workplace

SaaS Security Insights from the Frontlines

Obsidian Security vs Proofpoint

Obsidian Security vs Abnormal

Security Where You Need It Most

Prevent and Detect Threats to Your Slack Environment with Obsidian Security

Taming The Unknown: SaaS Security Challenges

Obsidian Security’s SaaS Security Threat Report 2025

Free Risk Assessment for Microsoft 365

Obsidian Security Available on the AWS Marketplace

Demo vereinbaren

Start Your Journey to Safer SaaS Today With A Customized Risk Assessment

How to Secure Saas Against Emerging Threats

5 Ways Attackers are Targeting Your SaaS Identities

Lessons Learned from the Microsoft Breach by Midnight Blizzard

Session Hijacking and Zero-Day Exploits

How Sigma Computing Secures SaaS

Breaking Down SaaS Security Posture Management (SSPM)

The Elements of Comprehensive SaaS Security

Zero Trust Security for SaaS Applications

Identify and Mitigate SaaS Session Hijacking

Prevent OAuth Abuse in the SaaS Environment

How Databricks Customers Can Protect Their Data with Obsidian Security

Cloud-first Snowflake Secures SaaS with Obsidian

SSPM The Obsidian Way

CISO Tradecraft Podcast: SSPM with Ben Johnson

What is SSPM?

What is SaaS Security?

BigCommerce Enhances SaaS Threat Detection With Obsidian

How to Secure Your Snowflake Environment

SaaS Backdoors: The Risks of OAuth Integrations

SaaS Check-Up: Strategies for Combating SaaS Threats

How NIS2 and DORA Impact SaaS Compliance

Identity Threat Detection & Response (ITDR) Plus: Stop Every Attack Targeting Your SaaS

SaaS Security Posture Management (SSPM) Plus: Eliminate Risk Across Your SaaS Attack Surface

Achieve Continuous Compliance in SaaS

SaaS Incident Response

The Three Pillars of SaaS Security

Techniques of SaaS Compromise

Third-Party SaaS Integration Risk

The Obsidian Security Platform: Total Protection for Your SaaS Applications

Shadow SaaS Management: Stop Unfederated Apps from Bringing Unwanted Risk to Your Organization

Identity Threat Prevention: Stop SaaS Threats Before They Impact Your Business

How to Build an Effective SaaS Security Strategy

Behind the Breach: Malicious Attack on Cyberhaven’s Chrome Extension Developer Team

Obsidian Security for SaaS Compliance

It’s Time to Rethink SaaS Security

What is SaaS Security Posture Management (SSPM)?

SSPM Bigger Picture—Posture Management, Shadow SaaS, and Integrations

SSPM for Regulated Industries–Streamlining SaaS Compliance

Preventing SaaS Spear Phishing–A Comprehensive Defense Strategy

Uncovering Blind Spots in Your SaaS Security Ecosystem

Obsidian Security Expands Go-to-Market Leadership Team to Scale SaaS Protection in the Age of AI

Obsidian Security Launches Shadow SaaS, AI App Management and Threat Prevention Capabilities Built for Mid-Sized Enterprises

Obsidian Security Taps New Chief Product Officer, Veteran Cybersecurity Product Leaders To Lead Charge Ahead Of New Saas Challenges Posed By Agentic AI

Obsidian Security Partners with SentinelOne to Deliver Unified Threat Protection Across Endpoint and SaaS

Ex-Cylance Tech Chief Starts New Company

Obsidian Appoints Data Ethicist Laura Norén as VP of Privacy & Trust

Obsidian Makes the CNBC 2019 Upstart 100 List

Top 10 Finalist in RSAC Innovation Sandbox Contest

Obsidian Partners with Snowflake to Consolidate Security Visibility at Scale

Obsidian Launches Zoom Protection to Accelerate Secure Business Adoption of Video Communication

Why Data Ethics Is a Growing CISO Priority

How Businesses Can Protect Their SaaS: Cloud Security Tips From a Former NSA Agent

Cloud Detection and Response Vendor Obsidian Launches First Channel Program to Support 100% Channel Commitment

Obsidian Announces New Partner Program with 100 Percent Channel Commitment

Trump’s WeChat and TikTok App Store Bans Are a Cybersecurity Nightmare

Obsidian Delivers Industry-First Continuous Security Solution for Workday

US Agencies, Companies Secure Networks After Huge Hack

Hackers Used Obscure Texas IT Vendor to Attack U.S. Agencies

Obsidian Cloud Detection and Response Now Available in AWS Marketplace

Want To Win? Create The Right Early GTM Strategy.

Obsidian Security Releases Industry-First SaaS Session Hijacking Detection Feature to Protect Today’s Cloud-First Organizations

Obsidian Security Hires Industry-Leader Xinran Wang as New EVP of Engineering

Obsidian Security Lands $90M to Detect and Fix Major SaaS Risks

Obsidian Security Raises $90 Million Series C Round to Cement its Leadership in SaaS Security

Obsidian Security Names Reena Choudhry as Chief Revenue Officer

Obsidian Security Launches EMEA CIO Advisory Board and Partnership with NORMA Cyber to Build Upon Accelerating Traction in the EMEA Market

Obsidian Security Receives 2022 Cloud Computing Security Excellence Award

Obsidian Security Unveils Next-Gen SaaS Security Posture Management (SSPM) Solution

Obsidian Launches New SaaS Security and Compliance Tools

The Gap in SaaS Security – Techstrong TV

Obsidian Solidifies Market Leadership Position, Expanding Posture Hardening Support to 11 New Applications

Cyber Essentialism & ‘Doing Less With Less’

0mega Ransomware Gang Changes Tactics

SaaS Ransomware Attack Hit Sharepoint Online Without Using a Compromised Endpoint

Obsidian Security Now Available for Purchase on the CrowdStrike Marketplace

Obsidian Security Recognized as Strong Performer by Independent Research Firm

Obsidian Security Now Available on the Google Cloud Marketplace

Obsidian Security Partners with Databricks to Bolster SaaS Data Governance

Sunil Seshadri, Former Global CISO of Wells Fargo, Joins Board of Directors at Obsidian Security

Obsidian Security Expands in Australia to Protect Critical SaaS Applications for Organisations Across the Region

Obsidian Security Announces New Integration with CrowdStrike Falcon® Next-Gen SIEM to Accelerate SaaS Threat Detection and Response

Obsidian Security Launches New Australian Data Centre Built on AWS to Strengthen Customer Data Sovereignty

Obsidian Security Expands in Germany to Protect Critical SaaS Applications for Organizations Across the Region

Obsidian Security Strengthens Public Sector Credentials with IRAP Assessment

Obsidian Security Advances Security Capabilities for AI Data Cloud

Obsidian Security’s German Data Center, Built on AWS, Strengthens European Customer Data Sovereignty

Obsidian Security Launches 2025 SaaS Security Threat Report

SaaS Security Integration for Custom connect: Gain visibility, Monitor risk, Enforce compliance

SaaS Security Integration for Zuora: Control integrations, Monitor activity, Safeguard customer data

SaaS Security Integration for Zoom: Secure collaboration, Detect insider threats, Prevent data leakage

SaaS Security Integration for Zscaler Private Access: Gain visibility, Monitor risk, Enforce compliance

SaaS Security Integration for SentinelOne: Control access, Monitor risk, Enforce compliance

SaaS Security Integration for Zoho CRM: Control integrations, Monitor activity, Safeguard customer data

SaaS Security Integration for Webex: Secure collaboration, Detect insider threats, Prevent data leakage

SaaS Security Integration for Smartsheet: Secure collaboration, Detect insider threats, Prevent data leakage

SaaS Security Integration for Wiz: Control access, Monitor risk, Enforce compliance

SaaS Security Integration for Zendesk: Control integrations, Monitor activity, Safeguard customer data

SaaS Security Integration for Tines: Gain visibility, Reduce misconfigurations, Protect sensitive data

SaaS Security Integration for Versa Concerto: Harden posture, Secure configurations, Prevent downtime

SaaS Security Integration for SailPoint: Enforce MFA, Detect credential abuse, Automate compliance

SaaS Security Integration for Tableau: Gain visibility, Monitor risk, Enforce compliance

SaaS Security Integration for SuccessFactors: Protect employee data, Monitor access, Enforce compliance

SaaS Security Integration for Sharefile: Gain visibility, Monitor risk, Enforce compliance

SaaS Security Integration for Slack Enterprise: Secure collaboration, Detect insider threats, Prevent data leakage

SaaS Security Integration for N8n: Gain visibility, Monitor risk, Enforce compliance

SaaS Security Integration for alphaPostman: Gain visibility, Monitor risk, Enforce compliance

SaaS Security Integration for SendGrid: Gain visibility, Monitor risk, Enforce compliance

SaaS Security Integration for Salesforce Commerce Cloud B2C: Control integrations, Monitor activity, Safeguard customer data

SaaS Security Integration for alphaSalesforce Marketing Cloud: Control integrations, Monitor activity, Safeguard customer data

SaaS Security Integration for PagerDuty: Gain visibility, Reduce misconfigurations, Protect sensitive data

SaaS Security Integration for Ping Federate: Enforce MFA, Detect credential abuse, Automate compliance

SaaS Security Integration for Ping: Enforce MFA, Detect credential abuse, Automate compliance

SaaS Security Integration for Oracle Fusion HCM: Protect employee data, Monitor access, Enforce compliance

SaaS Security Integration for Onelogin: Enforce MFA, Detect credential abuse, Automate compliance

SaaS Security Integration for Mulesoft: Gain visibility, Reduce misconfigurations, Protect sensitive data

SaaS Security Integration for alphaNotion: Secure collaboration, Detect insider threats, Prevent data leakage

SaaS Security Integration for Monday.com: Secure collaboration, Detect insider threats, Prevent data leakage

SaaS Security Integration for MongoDB Atlas: Gain visibility, Reduce misconfigurations, Protect sensitive data

SaaS Security Integration for Microsoft Graph - Entra ID: Enforce MFA, Detect credential abuse, Automate compliance

SaaS Security Integration for Microsoft - PowerShell Access: Harden posture, Secure configurations, Prevent downtime

SaaS Security Integration for HubSpot: Control integrations, Monitor activity, Safeguard customer data

SaaS Security Integration for Miro: Secure collaboration, Detect insider threats, Prevent data leakage

SaaS Security Integration for Logz: Harden posture, Secure configurations, Prevent downtime

SaaS Security Integration for Microsoft Power Platform: Manage permissions, Monitor pipelines, Secure code integrity

SaaS Security Integration for LastPass: Enforce MFA, Detect credential abuse, Automate compliance

SaaS Security Integration for Meraki: Harden posture, Secure configurations, Prevent downtime

SaaS Security Integration for LaunchDarkly: Gain visibility, Monitor risk, Enforce compliance

SaaS Security Integration for Kintone: Gain visibility, Monitor risk, Enforce compliance

SaaS Security Integration for Juniper Mist: Harden posture, Secure configurations, Prevent downtime

SaaS Security Integration for Greenhouse Recruiting: Protect employee data, Monitor access, Enforce compliance

SaaS Security Integration for JumpCloud: Enforce MFA, Detect credential abuse, Automate compliance

SaaS Security Integration for GitLab: Harden posture, Stop token abuse, Protect repositories

SaaS Security Integration for Jamf: Gain visibility, Reduce misconfigurations, Protect sensitive data

SaaS Security Integration for Fireblocks: Control access, Monitor risk, Enforce compliance

SaaS Security Integration for Insightly: Control integrations, Monitor activity, Safeguard customer data

SaaS Security Integration for GitHub Posture: Harden posture, Stop token abuse, Protect repositories

SaaS Security Integration for Fastly: Harden posture, Secure configurations, Prevent downtime

SaaS Security Integration for DocuSign: Gain visibility, Reduce misconfigurations, Protect sensitive data

SaaS Security Integration for Dialpad: Gain visibility, Monitor risk, Enforce compliance

SaaS Security Integration for Fabric: Harden posture, Secure configurations, Prevent downtime

SaaS Security Integration for Datadog: Harden posture, Secure configurations, Prevent downtime

SaaS Security Integration for Drata: Gain visibility, Reduce misconfigurations, Protect sensitive data

SaaS Security Integration for Duo: Enforce MFA, Detect credential abuse, Automate compliance

SaaS Security Integration for Dropbox: Gain visibility, Detect risky behaviors, Prevent data loss

SaaS Security Integration for Asana: Secure collaboration, Detect insider threats, Prevent data leakage

SaaS Security Integration for CrowdStrike: Control access, Monitor risk, Enforce compliance

SaaS Security Integration for Cloudflare: Harden posture, Secure configurations, Prevent downtime

SaaS Security Integration for Cradlepoint: Harden posture, Secure configurations, Prevent downtime

SaaS Security Integration for Clockify: Secure collaboration, Detect insider threats, Prevent data leakage

SaaS Security Integration for ClickUp: Secure collaboration, Detect insider threats, Prevent data leakage

SaaS Security Integration for Auth0: Enforce MFA, Detect credential abuse, Automate compliance

SaaS Security Integration for Box: Gain visibility, Detect risky behaviors, Prevent data loss

SaaS Security Integration for Airtable: Secure collaboration, Detect insider threats, Prevent data leakage

SaaS Security Integration for Adobe Marketo Engage: Control integrations, Monitor activity, Safeguard customer data

SaaS Security Integration for Artifactory: Gain visibility, Monitor risk, Enforce compliance

SaaS Security Integration for Slack: Secure collaboration, Detect insider threats, Prevent data leakage

SaaS Security Integration for Arista: Harden posture, Secure configurations, Prevent downtime

SaaS Security Integration for Adobe Acrobat Sign: Gain visibility, Reduce misconfigurations, Protect sensitive data

SaaS Security Integration for Aha: Gain visibility, Monitor risk, Enforce compliance

SaaS Security Integration for Oracle Fusion Apps: Gain visibility, Reduce misconfigurations, Protect sensitive data

SaaS Security Integration for Azure DevOps: Manage permissions, Monitor pipelines, Secure code integrity

SaaS Security Integration for Add to Microsoft Power Platform: Manage permissions, Monitor pipelines, Secure code integrity

SaaS Security Integration for GitHub: Harden posture, Stop token abuse, Protect repositories

SaaS Security Integration for 1Password: Enforce MFA, Detect credential abuse, Automate compliance

SaaS Security Integration for ZScaler: Control access, Monitor risk, Enforce compliance

SaaS Security Integration for Atlassian: Secure collaboration, Detect insider threats, Prevent data leakage

Void Arachne (Silver Fox APT) Targets Taiwanese Government & Tech Firms in Spear‑Phishing‑Driven Espionage Campaign

UNC2452 Targets Government IT Supply Chain in Supply‑Chain Espionage Campaign

APT34 (OilRig / Helix Kitten) Targets Middle Eastern Government Email Infrastructure via Power Exchange Server Backdoor

BlindEagle (APT‑C‑36) Targets Latin American Entities in Spear‑Phishing‑Driven Espionage Campaign

Scattered Spider Targets Airlines & Retail in Social‑Engineering‑Driven Cyberattack

APT28 (Fancy Bear) Russian Military Intelligence Targets Western Logistics Supporting Ukraine

APT41 (Barium / Salt Typhoon)Targets Telecom Providers via Kernel‑Level Backdoor Espionage Campaign

APT29 (Cozy Bear/Midnight Blizzard) Targets Diplomatic IT via Token‑Theft‑Driven Espionage Campaign

APT32 (OceanLotus) Targets Dissidents & Corporate Media via Fake‑Site‑Driven Espionage Campaign

APT33 (Elfin Team) Targets Aerospace & Energy Firms via Spear‑Phishing‑Driven Espionage Campaign

BigCommerce Enhances SaaS Threat Detection With Obsidian

Leading Finserv Company Stops Phishing Threats and Unauthorized AI

Upwork Enables Remote Work, Protecting Against Internal and External Threats

Snowflake Embraces SaaS Security To Unlock the Power of Data