This talk will consider what the new SaaS cyber kill chain looks like for modern organizations that are fully SaaS native without any concept of an internal network, and the surprising number of attacks that are possible without touching company owned endpoints or infrastructure.