Introducing in-browser app banners: Set guardrails for cloud apps | Learn more →

Blog

Detection & response
Identity-based attacks
Let’s talk about SaaS attack techniques
Offensive security drives defensive security. We're sharing a collection of SaaS attack techniques to help defenders understand the threats they face.
Read more
Detection & response
Identity-based attacks
Tracking identity-based attacks in the wild
To keep track of how identity attacks are evolving, we’ve put together this helpful index of recent breaches, focusing on the latest identity-based techniques.
Read more
All
Release notes
Identity security
Detection & response
Company news
Identity-based attacks
Risk management
Shadow IT
Release notes
Product release: April 2024
Here’s what’s new on the Push platform for April 2024.
Andy Waugh
Andy
Apr 17, 2024
Read more
Detection & response
Identity security
Identity threat detection and response (ITDR) – not another product category!
Analysing ITDR as a product category and whether the current definition is suitable for the types of attacks being seen on cloud identities in the wild.
Dan Green
Dan
Apr 15, 2024
Read more
Company news
Release notes
A year of building: Top features we shipped this year
Some highlights of what we've built over the last year on our mission of stopping identity attacks.
Andy Waugh
Andy
Mar 28, 2024
Read more
Detection & response
Identity-based attacks
Tracking identity-based attacks in the wild
To keep track of how identity attacks are evolving, we’ve put together this helpful index of recent breaches, focusing on the latest identity-based techniques.
Dan Green
Dan
Mar 21, 2024
Read more
Detection & response
Identity security
Can my admins steal my cloud password manager secrets?
Can admins access the secrets from your corporate password manager? If so, how does this affect incident response in a compromised admin account scenario?
Luke Jennings
Luke
Mar 11, 2024
Read more
Detection & response
Identity security
5 ways to defeat identity-based attacks
In this blog post we will cover what identities are, how we secure perimeters in general, and and how this maps to the identity space.
Jacques Louw
Jacques
Feb 26, 2024
Read more
Release notes
Product release: February 2024
Here’s what’s new on the Push platform for February 2024.
Andy Waugh
Andy
Feb 21, 2024
Read more
Identity security
Release notes
Introducing in-browser app banners: Set guardrails for cloud apps
Don’t leave it up to your employees to figure out how to use cloud apps securely. Guide them directly in their browsers when they access their apps.
Alex Henshall
Alex
Feb 6, 2024
Read more
Identity security
Identity-based attacks
Phishing Microsoft Teams for initial access
In this article, we will cover a number of spoofing and phishing strategies that can be employed by external attackers to target an organization using Teams.
Luke Jennings
Luke
Jan 23, 2024
Read more
Release notes
Product release: January 2024
Here’s what’s new on the Push platform for January 2024.
Andy Waugh
Andy
Jan 9, 2024
Read more
Identity security
What is SAML SSO?
In this article, we'll explain what SAML SSO is, how it works, and clarify some common misconceptions.
Johann Scheepers
Johann
Jan 3, 2024
Read more
Identity security
Identity-based attacks
Oktajacking
In this article, we'll show you how to use Okta to do keylogging for you, without needing to have your own malicious domain hosting your malicious SAML server.
Luke Jennings
Luke
Dec 6, 2023
Read more
Detection & response
Identity security
Abusing Okta's SWA authentication
We'll cover the implications of using Okta's SWA authentication method. Learn what security teams need to know in an account breach and IR scenario.
Luke Jennings
Luke
Nov 30, 2023
Read more
Release notes
Product release: November 2023
Here’s what’s new on the Push platform for November 2023.
Andy Waugh
Andy
Nov 28, 2023
Read more
Identity security
Risk management
Understanding Third-Party Risk Management (TPRM): how to protect your organization
In this article, we define third-party risk management and explore additional approaches that can help manage third-party risk.
Sally Soulliere
Sally
Oct 31, 2023
Read more
Identity security
Identity-based attacks
Slack Attack: A phisher's guide to persistence and lateral movement
In this post, we're going to demonstrate how to phish via Slack to gain persistence and move laterally.
Luke Jennings
Luke
Oct 24, 2023
Read more
Identity security
Identity-based attacks
Slack Attack: A phisher's guide to initial access
In this article, we’ll demonstrate how IM apps, specifically Slack, are an increasingly attractive target for a range of phishing & social engineering attacks.
Luke Jennings
Luke
Oct 24, 2023
Read more
Identity security
Risk management
6 ways to manage third-party access to your data with Push
Employees are self-adopting SaaS apps and creating new cloud identities without IT approval. Learn how to manage which third parties have access to your data.
Sally Soulliere
Sally
Oct 11, 2023
Read more
Identity security
Identity-based attacks
6 surprising takeaways from a recent report on identity-based attacks
A new report on securing digital identities has some interesting takeaways to consider as we think about securing identities in the cloud. Here's our take.
Sally Soulliere
Sally
Oct 3, 2023
Read more
Release notes
Product release: September 2023
Here’s what’s new on the Push platform for September 2023.
Andy Waugh
Andy
Sep 26, 2023
Read more
Identity security
Identity-based attacks
Credential stuffing: The most common attack against SaaS identities
Credential stuffing attacks are incredibly common, but they often go undetected. These attacks are often the entry point for attack. Learn how to prevent them.
Sally Soulliere
Sally
Sep 25, 2023
Read more
Risk management
Shadow IT
Get out of the dark: Manage the risk of shadow identities
Employees sign up to cloud apps on their own every day. Each time, they create a new account and a new identity on that app. How do you find and secure them?
Tyrone Erasmus
Tyrone
Sep 19, 2023
Read more
Detection & response
Identity-based attacks
The shadow workflow’s evil twin: A nearly invisible attack chain
In this article, we’re going to demonstrate how combining two of our favorite new SaaS attack techniques makes a simple, but very stealthy persistence approach.
Luke Jennings
Luke
Sep 11, 2023
Read more
Detection & response
Risk management
Under the radar: The risky terrain of OAuth scopes in third-party Integrations
While OAuth scopes provide seamless online user authentication, they also carry significant risk. Watch out for these common, dangerous scopes.
Johann Scheepers
Johann
Sep 6, 2023
Read more
Risk management
Shadow IT
Understanding Shadow IT and Shadow SaaS: Definition, security risks, and how to manage it
We’ll define shadow IT, talk through the security risks associated with it and give some actionable guidance on how to manage it.
Sally Soulliere
Sally
Aug 30, 2023
Read more
Detection & response
Identity-based attacks
SAMLjacking a poisoned tenant
In this article, we’re going to demo combining two of our favorite new SaaS attack techniques to make a simple, but effective attack chain.
Luke Jennings
Luke
Aug 17, 2023
Read more
Identity security
Risk management
Focus on account and identity security to reduce SaaS risks
You’ve probably locked down the known cloud services your company is using, but what about all those other SaaS apps people in the company are using?
Sally Soulliere
Sally
Aug 15, 2023
Read more
Identity security
Risk management
SaaS Security: what is it & how to manage the risk
We'll quickly define SaaS security and help you better understand how to manage the risk SaaS applications introduce to your business
Sally Soulliere
Sally
Aug 3, 2023
Read more
Release notes
Product release: July 2023
Here’s what’s new on the Push platform for July 2023.
Andy Waugh
Andy
Jul 31, 2023
Read more
Detection & response
Identity-based attacks
Let’s talk about SaaS attack techniques
Offensive security drives defensive security. We're sharing a collection of SaaS attack techniques to help defenders understand the threats they face.
Jacques Louw
Jacques
Jul 27, 2023
Read more
Risk management
Shadow IT
Free and trial SaaS applications are even riskier than paid apps
Free and trial SaaS accounts are often invisible to security teams and still interact with real, live corporate data.
Sally Soulliere
Sally
Jul 11, 2023
Read more
Risk management
Shadow IT
The no-jargon guide to solving shadow SaaS
Adapt your thinking to secure your data. Security needs to move from being the Department of No to the Department of Yes, Unless...
Jacques Louw
Jacques
Jun 27, 2023
Read more
Risk management
Shadow IT
7 Steps to secure your data across shadow SaaS apps
Attackers commonly target SaaS apps because they know employees sign up without running them past IT first. Learn how to adjust to secure your data.
The Push Team
The Push Team
Jun 26, 2023
Read more
Identity-based attacks
Shadow IT
SaaS sprawl isn't a problem - if you completely change your approach
Employees using a new work app used to be the final step of the software-onboarding process. Now it's the first. Security must adapt to secure business data.
Jacques Louw
Jacques
Jun 22, 2023
Read more
Identity-based attacks
Shadow IT
SaaS security solution buyer's guide
This article helps you hone in on which SaaS security solutions might be the best to consider for your specific needs, objectives, and environment.
The Push Team
The Push Team
Jun 8, 2023
Read more
Detection & response
Identity-based attacks
Half of account compromise attacks included malicious mail rules
Attackers routinely use mail rules to hide their attacks, exfiltrate sensitive data, and to get persistent access to victim accounts.
Sally Soulliere
Sally
Jun 6, 2023
Read more
Release notes
Product Release: June 2023
Here’s what’s new on the Push platform for June 2023.
Andy Waugh
Andy
Jun 2, 2023
Read more
Identity security
Shadow IT
Want to discover the full extent of your SaaS sprawl? Embrace browser extensions
Browser extensions are the most effective SaaS discovery tool because they can capture employee SaaS use and adoption in real time, as employees sign up.
Luke Jennings
Luke
Apr 25, 2023
Read more
Identity security
Shadow IT
Embrace SaaS to move faster than your competitors
Look at enabling SaaS from a broader understanding of the business and not just the impact to security
Sally Soulliere
Sally
Apr 21, 2023
Read more
Company news
Push it real good: Why I’m excited to join Push’s board
SaaS sprawl is not just a raw increase of apps in-use, but also due to employees self-adopting new apps. Orgs need sensible guardrails for employees.
Jon Oberheide
Jon
Apr 17, 2023
Read more
Company news
Shadow IT
From launch to series A
We’re proud to announce our $15M Series A round, led by GV. Here's what we've learned about what our customers need since we launched in July 2022.
Adam Bateman
Adam
Mar 28, 2023
Read more
Company news
Pushing Push Forward
Today we're launching a bold new identity for Push. Take a look behind the scenes
Sally Soulliere
Sally
Mar 24, 2023
Read more
Release notes
Product Release: March 2023
Here’s what’s new on the Push platform for March 2023.
Andy Waugh
Andy
Mar 22, 2023
Read more
Detection & response
Risk management
An investigation guide for assessing app-to-app OAuth integration risk
An employee has added a new integration to your Azure tenant or Google Workspace. How do you assess risk? We’ll cover a few techniques in this article.
Luke Jennings
Luke
Mar 15, 2023
Read more
Detection & response
Identity-based attacks
How attackers compromise Azure organizations through SaaS apps
This article covers common ways an app could lead to compromise in Microsoft Azure, and what to look out for when determining risk to your organization.
Johann Scheepers
Johann
Jan 3, 2023
Read more
Identity security
Risk management
Password expirations don’t work. Try these best practices instead.
Password expirations are still commonly recommended, but most security pros agree that they lead to more predictable passwords. Here's what to do instead.
Tyrone Erasmus
Tyrone
Dec 15, 2022
Read more
Release notes
Product Release: December 2022
Here’s what’s new on the Push platform for December 2022.
Andy Waugh
Andy
Dec 8, 2022
Read more
Identity-based attacks
Maintaining persistent access in a SaaS-first world
Attackers have loads of persistence options in an endpoint compromise scenario, but what changes in a SaaS-first world? We talk new attack methods in this post.
Luke Jennings
Luke
Nov 29, 2022
Read more
Identity security
Risk management
Is it safe to allow my employees to connect third-party apps to our M365/Google Workspace tenant?
Learn about the benefits and risks of SaaS integrations and get tips for how to manage the risks.
Luke Jennings
Luke
Oct 12, 2022
Read more
Identity security
Risk management
Should I let my employees login with their work Google account?
Is logging in with Google or Microsoft secure? Yes, with caveats.
Luke Jennings
Luke
Oct 4, 2022
Read more
Identity security
Risk management
NCSC 2022 Cyber Essentials puts the spotlight on SaaS
We address some of the biggest changes to the Cyber Essentials technical controls and offer guidance about how to handle these new questions.
Sally Soulliere
Sally
Sep 27, 2022
Read more
Detection & response
Identity security
How to kick off an incident response investigation for a compromised SaaS account
We'll walk through how to quickly detect and mitigate business email compromise (BEC) and then prevent future attacks.
Johann Scheepers
Johann
Sep 20, 2022
Read more
Release notes
Product release: August 2022
Here’s what’s new on the Push platform for August 2022.
Andy Waugh
Andy
Aug 25, 2022
Read more
Risk management
Shadow IT
How to discover SaaS use without invading employee privacy
Learn how to manage SaaS in a way that keeps employees productive and doesn't compromise privacy.
Andy Waugh
Andy
Aug 22, 2022
Read more
Risk management
Shadow IT
5 steps to manage the risk of unsanctioned SaaS
Learn some lightweight ways to manage the risks SaaS introduces without relying on restrictive policies that block employees from using their preferred tools.
Jacques Louw
Jacques
Aug 11, 2022
Read more
Risk management
Shadow IT
How to find the right SaaS security solution for your organization
In this guide, we’ll break down some major SaaS use cases and match them up with solutions that can address them, covering pros and cons for each.
Jacques Louw
Jacques
Jul 25, 2022
Read more
Company news
What we’ve been up to with our seed funding: a peek behind the curtain
Yesterday, we announced our official launch and what Push Security is all about following our $4m series seed.
Adam Bateman
Adam
Jul 20, 2022
Read more
Company news
Building a culture of trust to secure SaaS, together
We’re excited to announce our $4M seed round, led by Decibel. See how we’re building tech that allows companies to let employees freely & securely adopt SaaS.
The Push Team
The Push Team
Jul 19, 2022
Read more
Company news
Push Security Announces $4M Seed Round to Introduce User-Centric Approach to Securing SaaS
Launches solution that finds SaaS apps employees are using and guides them to fix issues
The Push Team
The Push Team
Jul 19, 2022
Read more
Release notes
Product release: July 2022
Here’s what’s new on the Push platform for July 2022.
Andy Waugh
Andy
Jul 15, 2022
Read more
Identity security
Risk management
Microsoft rolls out Security Defaults for Azure AD to secure access
Microsoft is starting to roll out Security Defaults for Azure AD for those who haven’t turned them on yet. Here’s what you need to know.
Sally Soulliere
Sally
Jun 14, 2022
Read more
Identity security
Shadow IT
How to roll-your-own SaaS discovery
We’ve compiled some methods for discovering SaaS. Lets explore each approach and learn new ways to discover unknown SaaS, capture SaaS use, and secure it.
Jacques Louw
Jacques
May 2, 2022
Read more
Detection & response
Identity security
How to find a malicious OAuth app on Microsoft 365
How do you find a malicious Microsoft 365 OAuth app? Learn what to look for, and what to ignore, when checking your users haven't been consent phished.
Andy Waugh
Andy
Sep 5, 2021
Read more
Detection & response
Identity security
Investigating user delegated OAuth tokens in Google Workspace - a ride along
Introduction to OAuth tokens in Google Workspace, how they are used, reasons you might want to review them, and a discussion of how you might go about it.
Jacques Louw
Jacques
Jul 14, 2021
Read more
Detection & response
Identity-based attacks
Consent phishing: the emerging phishing technique that can bypass 2FA
Consent phishing is an emerging technique attackers are using to compromise user accounts, even if they have Multi-factor Authentication (MFA or 2FA) enabled.
Alex Triaca
Alex
Jul 5, 2021
Read more
Identity-based attacks
Risk management
Case study: Business Email Compromise (BEC) attack nearly cost us millions
A story by the owner of an Engineering company on how they almost lost millions from a Business Email Compromise (BEC) style attack. An interesting BEC example.
Tyrone Erasmus
Tyrone
Jun 13, 2021
Read more
Detection & response
Identity-based attacks
Email security: How hackers use mail rules to access your inbox
After phishing campaigns target Office 365 and Google Workspace users, malicious mail rules are automatically added to the user’s mailbox. Take steps to defend.
Andy Waugh
Andy
Jun 9, 2021
Read more
Detection & response
Identity-based attacks
Should you disable external email auto-forwarding?
External email auto-forwarding is a feature but also a risk; learn whether you should disable it, and, if you can't, how to manage the risk through detection.
Andy Waugh
Andy
Jun 2, 2021
Read more
Company news
Push Security’s early access preview is live! 🚀
We built Push to help small and medium-sized organisations get security done, in the easiest, lowest friction way possible.
Adam Bateman
Adam
Mar 15, 2021
Read more
Identity security
Risk management
How to set up Multi-Factor Authentication for Microsoft 365
Conditional Access, Security Defaults, or Legacy? Figuring out how to deploy MFA in Microsoft 365 can be complex. This post summarises your options.
Andy Waugh
Andy
Mar 14, 2021
Read more
Identity security
Risk management
Multi-Factor Authentication is the top security control for most small and medium-sized businesses
Why Multi-Factor Authentication (MFA aka 2FA) is so useful for small and medium-sized businesses, and how to deploy it successfully.
Jacques Louw
Jacques
Mar 14, 2021
Read more
Identity security
Risk management
Which MFA methods should you use?
SMS, Authenticator apps, Security Keys, and more! We compare them from a user experience, security, cost, and security aspect.
Andy Waugh
Andy
Mar 14, 2021
Read more
Subscribe to get updates from Push
The latest news, articles, and resources, sent to your inbox weekly