Obsidian – The first and only comprehensive security platform designed for SaaS

The Silicon Review

Not too long ago, most enterprise applications were hosted in data centers on-premise. While this put the weight of protecting sensitive information on the operation, the IT infrastructure was familiar and fairly easy to navigate. With the rise in SaaS tools living in the cloud, this has changed. Through Software-as-a-Service, organizations are able to save on resources and offer better customer service, but this has also introduced new security risks that need to be addressed by effective SasS security measures. SaaS security is cloud-based security designed to protect the data that software as service applications carry. It’s a set of practices that companies that store data in the cloud put in place to protect sensitive information pertaining to their customers and the business itself.

However, SaaS security is not the sole responsibility of the organization using the cloud service. In fact, the service customer and the service provider share the obligation to adhere to SaaS security guidelines published by the National Cyber Security Center (NCSC). SaaS security is also an important part of SaaS management that aims to reduce unused licenses, shadow IT and decrease security risks by creating as much visibility as possible.

From productivity suites and communication tools to HR systems and identity providers, organizations around the world entrust more data than ever before to their SaaS applications. Obsidian creates a comprehensive and contextual understanding of these complex, interconnected applications to make them safer and more secure.

SaaS Posture Security & Compliance

When your SaaS security posture is weak, your business is at risk. Obsidian gives you complete visibility and control over the security and compliance of your applications, so you can address the gaps before they become a problem. Discover and address vulnerabilities across your SaaS applications. Obsidian helps you implement proactive measures to limit the likelihood and blast radius of a security incident before it’s too late. Improve controls with recommendations informed by Obsidian expertise and benchmarks established by organizations like CIS. Measure the strength of your security posture with a comprehensive posture score and comparisons against other Obsidian environments. Prevent configuration drift and understand the evolution of your SaaS security performance over time with posture history. Initiate security review and remediation directly from Obsidian using bi-directional integrations with services like Jira and ServiceNow.

Get a real-time view of how your SaaS applications fare against relevant standards. With Obsidian, you’ll achieve and maintain continuous compliance so your business can focus on building trust and unlocking new sales opportunities. Monitor compliance in real-time against internal security standards and regulatory frameworks like NIST 800-53, SOC 2, and CCM. Identify and promptly remediate failing security controls putting your organization at risk of noncompliance. Communicate compliance to stakeholders and auditors with comprehensive, automatically generated reports. Limit the delegation of SaaS privileges and data access to the users who actually rely on it. Obsidian gives you the context needed to minimize risk without worrying about causing any surprise disruptions to business operations.

Integration Risk Management

Every new OAuth token, API key and low/ no code workflow connection to your SaaS environment increases the opportunities for a security incident to occur. Obsidian helps your team measure and minimizes this risk while detecting integration compromises in real time. When any user can connect a new application to the environment, your SaaS supply chain can quickly become unmanageable. Obsidian gives your team complete and continuous visibility into every integration supported by crucial contexts around ownership, permissions, and access. Be sure that previously trusted integrations don’t undergo sudden, unexpected changes in their potential risk levels. Obsidian lets your team know when a connection changes abruptly to facilitate review and prevent a potential compromise. Obsidian details the individual factors contributing to each integration’s overall risk level. You’ll understand exactly why specific connections are more precarious than others and be able to initiate review and removal directly from the Obsidian interface.

Threat Mitigation

Obsidian is the industry’s most advanced threat detection solution designed for SaaS. From employee compromise and insider threats, to third-party supply chain compromises, Obsidian makes it possible to identify and investigate threats quickly—before a material data breach occurs. Identify the earliest indicators of malicious activity within and across interconnected SaaS applications. With detections driven by machine learning, Obsidian helps you quickly identify, investigate and contain basic or sophisticated threats. Keep your users from mishandling sensitive data and putting your business at risk. Obsidian correlates user activity with privileges and other contexts to warn of unsafe activity by a potential insider threat. Ensure that third-party connections to your SaaS applications don’t result in a material data breach. Extend detection capabilities to monitor for behaviors specific to your security needs. Obsidian comes ready with extensive threat monitoring capabilities out of the box—for everything else your team could want, there’s Obsidian Query Language (OQL).

Hasan Imam | CEO

Multi-skilled, multi-talented and multi-tasking is only the beginning of the list of Hasan's capabilities. An amazingly versatile individual who virtually in the course of hours can go from analyzing issues at the strategic level, to managing Fortune 100 customer relationships, to building teams and mentoring his people, to making architectural recommendations and then right on to solving tactical issues. Hasan brings to the table a stunning breadth of expertise and is the very epitome of Swiss army knife for business.