Glossary

Access Management

practice of controlling access to specific assets. In order to secure an asset against attack/breach/exposure, limiting access to only...
Read more

Account Takeover

A type of cyber security attack where a bad actor steals the login credentials of an account. In some cases, the bad actor locks the...
Read more

Attack Surface

An attack surface refers to the vulnerabilities or entry points that an attacker can exploit to gain unauthorized access to a system.
Read more

Authentication

the act of verifying the identity of a user or SaaS app. In contrast with identification, the act of indicating a person or thing's...
Read more

Authorization

the function of specifying access rights and/or privileges to resources, such as SaaS apps, infrastructure, data, or devices and is...
Read more

BYOA

Bring your own app (BYOA) is is a workplace trend where employees use personal or preferred applications to accomplish work-related tasks.
Read more

BYOAI (Bring Your Own AI)

BYOAI, or "Bring Your Own AI," is a growing trend where employees independently select and use artificial intelligence (AI) tools.
Read more

BYOD

Bring Your Own Device. Employees using their personal devices to perform the duties of their job. In some cases this is approved by...
Read more

Business-led IT

Technology, software, or SaaS acquired and used by employees that is outside the purview of the central IT or security departments. In some
Read more

Cloud Access Security Broker (CASB)

CASB is an enforcement point for accessing cloud services and applications, generally deployed via a collection of services and...
Read more

Cloud Security

Cloud security is about making sure that cloud computing is safe and compliant, and that any risks associated with its use and...
Read more

Cloud Security Posture Management (CSPM)

Cloud security posture management (CSPM) is the continuous proactive process of enterprise-wide asset visibility, risk assessment, and...
Read more

Cloud environment vs SaaS environment

cloud refers to any asset or set of assets supporting digital workloads outside the physical corporate network. SaaS refers to cloud base...
Read more

Credential Stuffing

Credential stuffing is a type of cyberattack where attackers use automated tools to attempt to gain unauthorized access to accounts.
Read more

Cybersecurity Mesh Architecture (CSMA)

Cybersecurity mesh architecture (CSMA) provides a security support layer to enable distinct security services work together, improving...
Read more

Dirty Environments

Enterprise IT environments with a lot of shadow SaaS, poor configurations, and lack of control...
Read more

Identity Attack Surface Management (IASM)

Identity attack surface management (IASM) is a security practice and technology solution that provides identity discovery, risk prior...
Read more

Identity Governance and Administration (IGA)

Identity governance and administration (IGA) is a set of processes, policies, and technologies used to manage digital identities and...
Read more

Identity Proofing Services

Identity-proofing services verify identities before provisioning accounts or authorized credentials to access SaaS services. These servi...
Read more

Identity Provider

Identity Provider (IdP) or Providers are security systems that are used to manage a central identity for users and employees, to define...
Read more

Identity Risk Management

Identity risk management refers to the practices used to protect enterprise identities, typically expressed in corporate email. The goal...
Read more

Identity Security

A comprehensive approach to identity security would include authenticating every identity correctly, authorizing each identity with...
Read more

Identity Security Fabric

Identity security fabric is a security architecture that provides identity-based protection for an organization's assets, systems...
Read more

Identity Security Posture Management (ISPM)

Identity security posture management (ISPM) refers to the practice of securing an organization's digital identities.
Read more

Identity Threat Detection and Response (ITDR)

Identity Threat Detection and Response (ITDR) is a security category designed and deployed to secure identities and identity-based...
Read more

Identity and Access Management (IAM)

Identity and Access Management is a set of policies, procedures, and technologies used to manage and control access to sensitive data...
Read more

Multifactor Authentication (MFA)

Multi-Factor Authentication (MFA) is a security process that requires users to provide two or more verification factors to access an account
Read more

Nudge Security Strategy

A nudge security strategy is an approach that leverages nudges to create behavioral changes in employees to implement cybersecurity...
Read more

On-premises

Refers to software deployed within the organization's internal system along with the hardware and other infrastructure necessary for...
Read more

Open Authorization (OAuth)

Open Authorization (OAuth), is a widely used protocol for allowing third-party SaaS to access resources from a user's accounts, devices,...
Read more

Open ID Connect (OIDC)

Open ID Connect (IODC), often called “Social Login”, is a standard defined to allow users to use existing authentication method/vehicle...
Read more

Password Manager

An application that helps users store and manage their online credentials.
Read more

Password Rotation

Password rotation is the practice of regularly changing passwords to minimize the risk of unauthorized access to accounts or systems.
Read more

RBAC

Role Based Access Controls. Used to define who can access different types of assets based on their job type and role; often RBAC is used...
Read more

Remote Browser Isolation

Remote browser isolation (RBI) is a security technique designed to protect users from browser-based attacks including browser vulnerabili...
Read more

Rogue AI

AI that behaves unpredictably, maliciously, or contrary to its original programming.
Read more

SAML

Security Assertion Markup Language (SAML) is a standard for user authentication to platforms that allows SaaS applications to easily...
Read more

SaaS Identity Risk Management (SIRM)

SaaS Identity Risk Management (SIRM) is a cybersecurity category designed to address the unique challenges and risks of SaaS
Read more

SaaS Identity Sprawl

SaaS identity sprawl is a cybersecurity challenge that arises when an organization uses multiple cloud-based SaaS apps
Read more

SaaS Security

SaaS security is a set of architectures, processes, and strategies designed and implemented by companies to protect their data...
Read more

SaaS Security Control Plane (SSCP)

A SaaS Security Control Plane (SSCP) is an essential element of modern security architectures—identifying risks and threats within...
Read more

SaaS Security Posture Management (SSPM)

SaaS Security Posture Management (SSPM) is a category of products that continuously evaluate, measure, and help remediate risks...
Read more

SaaS Sprawl

SaaS tools are easily accessible, enabling anyone to start a subscription. Uncontrolled SaaS adoption is known as "SaaS sprawl."
Read more

SaaS application lifecycle

govern application onboarding, control sanctioned use and access, secure sensitive data, and revoke access when users no longer need acc...
Read more

Savvy Security Strategy

Savvy security strategy is an adaptive approach to cybersecurity that extends beyond conventional measures to mitigate risk
Read more

Secure Access Service Edge (SASE)

Secure access service edge is a security framework aimed at guiding practitioners through a series of controls needed to enable the “work...
Read more

Secure Web Gateway (SWG)

Technology deployed to restrict web and internet activity, relationships, and connections to enforce security policy...
Read more

Security Service Edge (SSE)

SSE is essentially the security-focused subset of the broader Secure Access Service Edge (SASE) model.
Read more

Shadow AI

AI technology or AI features within existing apps used by employees to do their job without the knowledge of IT or security.
Read more

Shadow Data

Shadow data refers to untracked or unmanaged data created, stored, or shared outside the visibility and control of IT and security teams.
Read more

Shadow IT

The use of technology, software, or SaaS used by employees to do their job without the knowledge of IT or security. Shadow IT is acquired
Read more

Shadow Identity

A shadow identity refers to an unmanaged or unmonitored user account within an organization.
Read more

Shadow SaaS

Shadow SaaS refers to cloud-based SaaS applications that are used without the knowledge or oversight of the IT or security teams.
Read more

Single Sign On (SSO)

Single sign on (SSO) is an authentication framework that allows users to log in to multiple, unrelated applications with a single ID and...
Read more

Software-as-a-Service (SaaS)

Applications owned, delivered, and managed by a provider whether via licensing or consumption. SaaS creates security gaps with limited...
Read more

Vulnerability Assessment

The process and outcome of identifying, enumerating, and evaluating of exposures and vulnerabilities in the SaaS attack surface....
Read more

Zero Trust Network Access (ZTNA)

Zero Trust Network Access (ZTNA) is designed to provide secure, granular access to applications based on defined access control policies.
Read more

Zombie Accounts

digital accounts that are no longer in use, but remain available creating risk exposure. Also known as abandoned accounts, zombie account...
Read more
medal icon

Don’t compromise

secure SaaS across 100% of applications across devices and users

thumbs up like icon

Make it simple

don’t require incremental expertise or resourcing

money coin icon

Make it cost effective

self explanatory

megaphone icon

No marketing fluff

hopefully even more self explanatory

Back arrow
01
/06
Next arrow

The complete SaaS identity risk management solution.​

Grip revealed ten times more cloud accounts than IPG was aware of, and we can achieve similar results for you.​
Prioritize SaaS risks for SSO integration.
Address SaaS identity risks promptly with 
policy-driven automation.
Leverage your existing tools to include shadow SaaS.​

See Grip, the leading SaaS security platform, live:​