Learning Center

While the SEC cybersecurity rule aims to elevate cybersecurity as a boardroom priority, many organizations still grapple with the depth of changes required to meet these standards.

Integrating ServiceNow and Grip delivers a robust solution for managing shadow SaaS by reducing operational costs, increasing efficiency, and strengthening security.

Imagine this hypothetical scenario: due to a critical system failure, you're forced to choose between two less-than-ideal options: go without MFA and all second-factor verifications for a month, or go a month without data backups. What would you do?

Our list below highlights startups that offer innovative key features and solutions for improving cloud security to meet the shifting customer needs.

The increased adoption of SaaS has enabled businesses to scale and innovate faster than ever before. However, this rapid rise in SaaS use introduces an underestimated challenge: SaaS governance.

The current state of SaaS security is sometimes like a game of hot potato—everyone knows it’s critical, yet no one wants to hold onto the responsibility long enough to claim ownership.

Discover how Believer tackled shadow SaaS and shadow AI risks, enabling innovation and creativity while securing their SaaS environment with Grip's solution.

Introducing Grip Extend, an advanced suite of features powered by a browser extension, giving security teams greater visibility and control over risks that users introduce when they adopt SaaS applications.

Consumers expect personalized and secure services, and financial organizations rely on SaaS applications to deliver them. However, shadow IT and shadow AI threaten all that financial organizations seek to protect.

A clean vendor risk score is only part of the puzzle in today's complex SaaS landscape. Without visibility into how those SaaS tools are used, you’re operating with blind spots that could turn into full-blown incidents.

Alert Center and Policy Center are two powerful new features designed to simplify SaaS identity risk management, empowering your team to take timely and effective action at scale.

Shadow IT: You’ve heard the term more times than you can count, and maybe you’ve even thought about taking action. But honestly, how urgent is it, really?

As SaaS becomes more intertwined with how a business operates, the value of a successful merger no longer hinges solely on the numbers but on understanding the SaaS in use and the unseen risks it brings.

The stakes are high, and organizations must take a proactive approach to SaaS security. This article explores common SaaS security pitfalls and takeaways from SaaS identity incidents, and provides actionable strategies to help you build a robust SaaS security foundation before it’s too late.

SSPM platforms are well-liked for their ease of use, and many solutions are available on the market today. Here, we highlight different SSPM vendors, key platform features, and ideal use cases to help you determine the best fit for your organization.

These companies impact major industries such as endpoint security, compliance, and DevSecOps, demonstrating their potential for substantial growth and influence in the industry.

PDS Health faced a challenge familiar to many large-scale organizations: overseeing SaaS security across more than 1,000 locations in a decentralized security environment. 

Identity Governance and Administration (IGA) solutions play a central role in ensuring that individuals have the appropriate access to resources while maintaining compliance with regulatory requirements. However, despite these tools' strengths, organizations still have SaaS security risks, namely, shadow SaaS.

As enterprises accelerate the adoption of cloud technologies and expand their infrastructures, a glaring oversight is putting their organizations in jeopardy. The culprit? Their own identities.

This blog delves into why having a savvy security strategy is indispensable for modern enterprises.

The collaboration offers combined risk ratings for both SaaS vendor risk and enterprise identity risks.

Grip Security, an identity risk management startup focused on SaaS, also announced a new channel move with the debut of a partnership with cybersecurity powerhouse GuidePoint Security.

This collaboration offers the industry's first combined risk ratings for both SaaS vendor risk and enterprise identity risks, setting a new standard in cybersecurity.

Grip Security and SecurityScorecard have announced a strategic partnership involving SaaS security risks.

SaaS identity risk management company Grip Security partnered with SecurityScorecard, which focuses on cybersecurity ratings, to introduce a new approach to managing SaaS security risk.

This collaboration offers the industry's first combined risk ratings for both SaaS vendor risk and enterprise identity risks to offer one of the most complete views of SaaS risks in an enterprise...

Explore the intricacies of shadow IT and what you can learn from employee behaviors, as it just might change your cyber security strategy.

This integration offers unprecedented capabilities in many areas including automating content creation, data analysis, and personalized user experiences.

Though the Ticketmaster breach may appear to be a consumer data issue, companies should not dismiss the incident, as your organization may now be at risk.

Recent high-profile breaches like Change Healthcare, Broward Health, and L’Assurance Maladie highlight the importance of protecting and securing identities and the costly consequences when compromised.

BioTech faces unique challenges due to the critical nature of its data, stringent regulatory environments, and a dynamic workforce. Addressing these challenges requires a robust SIRM strategy.

AI and SaaS tools accelerate claims processing, personalize customer experiences, and monitor behaviors, influencing insurance rates. However, they also introduce new risks and expand the attack surface.

What follows are the key details on 10 of the hottest cloud security startups of 2024 so far.

Every company has a SaaS problem, regardless of industry. The Interpublic Group (IPG), a publicly traded Fortune 300 advertising company, was no exception. Containing SaaS sprawl and reducing SaaS risks were significant challenges for the premier global advertising conglomerate—problems they could not solve with other tools.

Two or three years ago, AI tools weren’t readily accessible for everyday use. Today, they are mainstream in our workplaces, yet AI tools are not being secured, and in many organizations, the C-Suite prioritizes innovation over security.

The Snowflake breach highlights threats Grip can help prevent, ensuring robust security measures across your entire SaaS and IaaS landscape.

While the details surrounding the recent Snowflake security incident are still emerging, numerous reports point to a concerning trend.

As leaders of our organizations, we must cultivate a secure business-led IT culture, retaining our innovative spirit while protecting our digital assets. To do so starts with understanding what’s driving business-led IT, managing the risks, and creating a safe environment to explore and innovate without fear of repercussion.

SaaS tools support increased business and operational productivity but also introduce new security risks. Unused and unmonitored software can be gateways for bad actors to exploit networks and breach systems. Explore how to reduce your risks from shadow IT and zombie accounts.

SaaS applications support many facets of modern business operations, yet these services often lie beyond traditional security perimeters, complicating user management and access control. This article explores securing SaaS access more effectively, regardless of how the app was acquired.

Innovation has always been a catalyst for transformation, driving significant changes across industries. Now, tech innovations are fueling changes in SaaS security. See how the shifts impact your organizational risks.

The Grip SSCP enhances CCPA compliance by providing an in-depth view of all SaaS applications, including those outside the IT department's direct control — Grip helps you manage and secure consumer data effectively.

Shadow AI is growing as SaaS makes it more accessible and employees seek innovative solutions to enhance their work efficiency.

Shadow SaaS challenges traditional IT and SaaS processes but also opens the door to a more dynamic and competitive enterprise. While shadow IT can feel like a backdoor undermining our security protocols, employee-initiated SaaS demonstrates the innovative spirit of our workforce seeking to optimize their productivity. The big question is, how can an organization move from shadow IT risks to a culture of employee empowerment?

SaaS security ought to be a major priority for every organization. The widespread adoption of SaaS applications without IT oversight has led to a significant surge in unmanaged SaaS risks, presenting a complex security challenge. But just how extensive is the issue of SaaS sprawl, and what are the resulting risks to SaaS security?

Organizations recognize the critical need to implement Multi-Factor Authentication (MFA) across their SaaS environments, a security measure vital for protecting sensitive data and maintaining regulatory compliance. In this discussion, we explore the concept of "MFA Everywhere," the initiatives driving its adoption, and the challenges involved in its implementation.

Gaining visibility into all the SaaS apps used across an enterprise is hard enough, but it becomes an even greater challenge when only a portion of the apps go through the company’s established policies for acquiring new tech. What do other organizations do differently to reduce their SaaS risks more effectively?

Cybersecurity is much like a relentless game of “whac-a-mole”--the advent of new technologies invariably draws out threats that security teams must quickly address.

Frameworks such as NIST CSF, SOC2, and ISO/IEC 27001 are intended to improve an organization’s cybersecurity posture and demonstrate program maturity to potential customers. At least in theory. However, in practice, there’s a thin and widening crack below the surface—shadow SaaS—and overreliance on these frameworks may create a false sense of security.

Explore how Grip Security could have preempted Midnight Blizzard's recent cyberattack on Microsoft, effectively intervening at several junctures prior to the data exfiltration.

As enterprises strive to modernize legacy identity and access management (IAM) systems as companies embrace business-led IT, understanding and mitigating the risks associated with shadow SaaS is crucial.

Hewlett Packard Enterprise (HPE) recently filed a mandatory SEC disclosure indicating that Russian hackers breached its cloud email environment, and that the incident was possibly linked to a prior internal email security breach that took place in 2023.

With Grip SSCP, the security team can help the production teams leverage SaaS and realize benefits such as reducing costs, greater collaboration, and utilizing the newest technologies

The company recognized the need to contain identity and SaaS sprawl. Grip's panoramic view of all SaaS usage, without proxies, agents, or user disruptions, helped them to do just that.

The volume of cybersecurity transactions increased in 2023 compared to the previous year, but the total amount of funding secured by companies decreased significantly, according to cybersecurity recruitment firm Pinpoint Search Group.

The Grip SaaS Security Control Plane now integrates with Slack to enable the seamless flow of real-time risk alerts directly to designated channels.

U.S. global apparel and footwear company VF Corporation, which owns Vans, Timberland, and North Face, has confirmed having its operations disrupted by a cyberattack, which has led to the encryption of some of its systems and the theft of data, including personal information.

Texas Baptists leveraged Grip’s automated offboarding enabled them to remove the risk of unauthorized access to SaaS (such as dangling access for former users) and helped the security team get more done and effectively integrate new identities and initiatives.

Customer chooses Grip because of its innovative identity-based discovery, uncovering user-SaaS relationships and automating actions such as offboarding, to eliminate identity risk. The organization’s security team was able to remove redundant SaaS and centralize control with decentralized enforcement.

Grip Security, a leader in SaaS identity risk management, announced it has been named to the ‘Cyber 60’ list of top venture-backed startups that offer enterprise-grade cybersecurity solutions in the marketplace.

Fortune teamed up with Lightspeed Venture Partners to identify the fastest-growing startups.

On November 20, 2023, the politically-motivated hacking group SiegedSec said it breached the INL nuclear lab and stole “hundreds of thousands of user, employee, and citizen data.”

The Grip SSCP stands as a unique solution, as it has the potential, in some cases, to generate savings significant enough to offset or even entirely fund the initial purchase cost of the product, making it a financially wise investment for organizations seeking to bolster their digital security and risk governance programs.

In our annual Stellar Startups (previously Emerging Vendors) special report, CRN shines a spotlight on some of the most exciting channel-focused startup vendors with leading-edge technologies that are creating new opportunities for solution providers.

Genetic testing company 23andMe has confirmed a data theft incident from a credential stuffing attack targeting user accounts.

A threat actor is selling data belonging to nearly one million customers of DNA testing company 23andMe, BleepingComputer reports.

One of the significant challenges that companies have faced in complying with 23 NYCRR 500 is their tendency to prioritize traditional Software as a Service (SaaS) solutions while neglecting the critical issue of shadow IT SaaS.

18 members of Forbes Technology Council discuss some of the amazing new and emerging biotech tools and developments everyone should know about and why they’re so exciting.

Secure the SaaS identity risk landscape, neutralize identity threats and stop SaaS breaches

Johnson Controls International (JCI) has suffered a ransomware attack that encrypted devices and affected internal and partners’ operations.

Johnson Controls International (JCI) this week reported in a filing with the US Securities and Exchange Commission (SEC) that it had suffered a cyberattack that caused disruptions to its internal IT infrastructure.

The top 67 cybersecurity startups to watch in 2023, their innovations in new and emerging technologies, length of operation, funding rounds, scalability, and more, followed by a discussion of broader trends affecting buyers, startups, and investors.

SSPM solutions are one facet of a broader enterprise SaaS security issue. SaaS-Identity risk management is an emerging principle the focuses on the intersection of identities and SaaS apps, mitigating risk at the most foundational level — accounts and access.

By managing user identities, authentication mechanisms, and access permissions effectively, organizations can bolster their security posture and reduce the risk of data breaches and unauthorized activities; the foundations of SaaS-Identity Risk Management.

Discover non-SSO apps and secure user access for SaaS that do not support federated authentication protocols like SAML or OIDC.

Discovery, govern, and prioritize shadow SaaS for integration with JumpCloud single sign-on (SSO).

Grip Security has secured $41 million in series B funding, bringing our total funding to an impressive $66 million.

Grip Security, a distinguished leader in SaaS identity risk management, is celebrating a major achievement as it announces the procurement of $41m in its Series B fundraising endeavour.

Grip Security just raised $41M in Series B funding! In conjunction with the announcement, CEO Lior Yaari answered our questions about the company, the product, the funding round and future plans.

Grip’s SaaS identity risk management is a hot one, which has helped their growth, as has the continued evolution of their channel-centric strategy.

Grip Security, a Boston-based SaaS identity risk management provider, raised $41m in Series B funding. Third Point Ventures led, and was joined by YL Ventures, Intel Capital and The Syndicate Group.

Grip Security, a software-as-a-service identity risk management startup, scored $41 million in Series B funding.

Grip Security, a leader in SaaS identity risk management, today announced it is raising $41 million in Series B funding led by Third Point Ventures, with participation from YL Ventures, Intel Capital and The Syndicate Group.

Grip Security raised $41 million in Series B funding led by Third Point Ventures, with participation from YL Ventures, Intel Capital and The Syndicate Group. The investment brings Grip Security’s total funding to $66 million and marks a major milestone for the company.

Israeli startup Grip Security has banked $41 million in new financing from a group of investors led by Third Point Ventures.

Israeli software-as-a-service security platform startup Grip Security Ltd. announced today that it has raised $41 million in new funding to accelerate its growth trajectory, including expanding investment in go-to-market teams, research and development, operational functions and global expansion.

Grip Security, which provides businesses with the tools to protect their SaaS applications and describes itself as the “industry’s first SaaS security control plane,” today announced that it has raised a $41 million Series B funding.

Tesla filed a data breach notification to Maine regulators saying a data leak carried out by two former employees resulted in the exposure of personal data for 75,735 current and former employees.

In May, American automotive giant Tesla suffered a massive data breach that exposed a range of data belonging to past and present employees and customers.

The carmaker also reported it's taken legal action against the former employees involved in the data breach, which involved more than 75,000 names.

This article takes a lighthearted approach, leveraging the captivating Mission: Impossible narrative to shed light on a serious topic and promote a heightened awareness of cybersecurity practices.

This article takes a lighthearted approach, leveraging the captivating Mission: Impossible narrative to shed light on a serious topic and promote a heightened awareness of cybersecurity practices.

Two ransomware gangs have breached the multinational cosmetics company The Estée Lauder Companies, with one attack being an apparent MOVEit data breach.

We explore the implications of identity-first security on identity governance and identity security, converged identity and access management (IAM), the adoption of the cybersecurity mesh architecture, and interdisciplinary fusion teams that will shape the future of IAM.

The Estée Lauder Companies Inc. disclosed an incident in which unauthorized parties gained access to some company systems.