Resource
SaaS Attacks Report
A collection of SaaS attack techniques to help defenders understand the threats they face
Offensive security drives defensive security. We're sharing a collection of SaaS attack techniques to help defenders understand the threats they face.
Our goal at Push is simple — to reduce the risk of using SaaS apps at work. Doing this well means building controls that are easy to use, easy to understand — and ultimately effective. These controls need to be effective against the most common techniques that are likely to cause real damage.
To talk about this, we need to have a shared understanding of what these techniques are. To get that conversation going, we’ve pulled together all the techniques we're aware of and we've even added a bunch of new ones.
In this guide, you'll learn about::
The SaaS Attacks Matrix and how it can benefit your red and blue teams
New SaaS-focused variations of older attacks
Brand new attack techniques against SaaS-native and hybrid organizations
How SaaS opens up serious persistence challenges even in traditional endpoint compromise scenarios
What the cyber kill chain looks like when applied to SaaS-native and hybrid organizations