Resilient Cyber w/ Cory Michal (AppOmni) - Unpacking the SaaS Security Supply Chain Landscape

- One of the biggest SaaS security incidents recently of course is the Salesloft Drive/Salesforce incident, which impacted hundreds of organizations and involved compromised OAuth tokens. Can you tell us a bit about the incident and the fallout?

- In an AppOmni blog on the incident, you all discuss attackers taking advantage of persistent OAuth access, over-permissive access, limited monitoring, and unsecured secrets. Why do these problems continue to plague organizations despite incidents like this?

This is part of a broader trend of increased SaaS supply chain attacks. What makes these attacks so enticing for malicious actors and challenging for organizations to prevent entirely?

You recently published your State of SaaS Security Report, which projects SaaS to grow 20% YoY between 2025 and 2032. This is despite 75% of organizations reporting a SaaS security incident in the past year. Why do you think we're seeing continued growth in adoption but still lagging in SaaS security to accompany the adoption?

The report discusses the rise of NHIs and GenAI and how this will exacerbate problems around SaaS Access and incidents. Can you unpack that for us?

I was shocked to see the report find that just 13% of organizations use SSPM tooling despite SaaS's widespread adoption. When you talk to enterprises, for example, nearly everyone is doing some CSPM activity for IaaS. Why are so many neglecting hygiene and posture for their SaaS footprint?