SaaS Security Posture Management (SSPM) refers to the practice of systematically assessing, monitoring, and improving the security posture of SaaS applications within an organization. It is a collection of recommended security policies that are enabled for your business requirements.

These policies are included in the SaaS Security Posture Report that provides you with the evaluation of the enabled policies against your organization's security posture. By default, all the policies are enabled. You can disable or re-enable any of the supported policies. The disabled policies are not evaluated in the subsequent scans. To learn more about the SSPM policy statuses, see Viewing and Managing the Supported SSPM Policies and SaaS Security Posture Report.

SSPM is a vital function for any organization. Enabling SSPM provides the following advantages:

• Data Protection: SaaS applications often handle sensitive data, including customer information, financial data, and intellectual property. Ensuring a robust security posture helps protect this data from unauthorized access, breaches, and data loss.
• Compliance Requirements: Many industries are subject to strict regulatory requirements for data security and privacy (e.g., GDPR, HIPAA). Maintaining a strong security posture helps organizations comply with these regulations, avoiding penalties, legal issues, and damage to organizational reputation.
• Risk Mitigation: Identifying and addressing vulnerabilities within SaaS applications reduce the risk of security incidents, such as data breaches, malware infections, or insider threats.
• Visibility and Control: Security posture management provides visibility into the security status of SaaS applications, allowing organizations to monitor for anomalies, enforce security policies, and take proactive measures to address potential threats or vulnerabilities.

The SaaS Security Posture Management page shows you a list of all predefined policies for the chosen SaaS application and the tenant. You can also search for a specific policy using the Search bar.

See image.

Close

You can configure SSPM while onboarding tenants for the following SaaS applications:

• Bitbucket
• Confluence
• GitHub
• Google Workspace
• Jira
• Microsoft 365
• Okta
• Salesforce
• ServiceNow