The Next Revolution in SaaS Security is Dynamic

This article was originally posted on Forbes Technology Council on May 7, 2025.

‍

Picture this: Someone at your company downloads a content management system to assist with marketing. They don't set up multifactor authentication (MFA) or the single sign-on (SSO) protocol. Then, they install the AI assistant feature to help with content creation. After that, they connect the app to Salesforce, your company’s customer relationship management tool, which is filled with personal identifiable information (PII) on all your customers and partners.

‍

Now, a hacker perusing the internet looking for victims stumbles upon this account not secured with MFA and executes a password spraying attack to break in. From there, the hacker performs injection attacks, prompting the AI to expose sensitive information about customers that they can now sell on the dark web. Meanwhile, the cybersecurity team was staring at its software-as-a-service (SaaS) security dashboard with a false sense of certainty that everything was fine, completely blind to the fact that their Salesforce data was actively compromised.

‍

Attacks like this are commonplace in today’s digital world, where efficiency-seeking employees can spin up new SaaS applications with push-button ease. SaaS-to-SaaS connections are constantly forming through APIs or OAuth tokens, creating a chain of potential points of vulnerabilities that often fall outside of the purview of cybersecurity monitoring.

‍

The SaaS Security Gap

‍

As SaaS tools are rapidly deployed at organizations, cybersecurity teams simply can’t keep up with them. Many apps are deployed without the IT or cybersecurity teams' knowledge, making it impossible to monitor or protect them. And even the ones that are deployed with cybersecurity oversight may change so fast that they quickly get away from you.

‍

Let’s take a look at the five ways SaaS environments evade cybersecurity oversight:

‍

1. App Sprawl: Companies use close to 500 apps on average, and that number is steadily growing. These apps are constantly updating, changing and forming SaaS-to-SaaS connections.

2. AI Sprawl: From generative AI to AI agents and copilots, nearly every app these days offers native AI functionality, which adds another potential point of compromise.

3. Configuration Sprawl: Every app offers different configurations, and more users added to the app means more configurations to manage and maintain.

4. Identity Sprawl: More and more users are being added to apps, making it impossible for cybersecurity teams to track and manage access privileges.

5. Event Sprawl: Apps are producing hundreds, even thousands, of events each day, but building threat detections to manage these events is a tedious process.

‍

The result is a growing gap between what cybersecurity teams can protect and what's evading them.

‍

What’s SSPM Got To Do With It?

‍

SaaS security posture management (SSPM) solutions began to hit the scene several years ago in response to businesses' growing reliance on SaaS applications. They were designed to solve the problems of configuration management, access management and visibility across disparate SaaS applications, like Microsoft and Salesforce.

‍

But the world has come a long way in the last few years. Since the Covid-19 pandemic, many companies have gone entirely remote and operate nearly 100% by way of SaaS applications. Zoom alone increased revenue by 148% between 2019 and 2020, and the SaaS market is expected to demonstrate an annual growth rate of 19.38% between 2025 and 2029.

‍

The old days of SaaS, when companies only had a handful of core apps, are long gone. Today’s SaaS environments are no longer static—they’re dynamic, interconnected and AI-infused. They’re constantly multiplying, connecting to new things and exchanging data through new pathways. It’s no longer enough to monitor and manage the handful of apps that the cybersecurity team knows about—it must find a way to secure unauthorized apps, as well as their AI counterparts, the moment they're deployed and as they change.

‍

The Next Revolution In SaaS Security Is Dynamic

‍

We only have to look as far as the last 12 months to see that SaaS environments have reached the breaking point of acceptable security exposure. From the breaches involving Snowflake and Microsoft customer emails to multiple Okta breaches and the U.S. Treasury Department, SaaS environments are getting away from cybersecurity teams, which means it's time for a new approach that can keep up.

‍

I predict the next generation of SaaS security tools will be fundamentally different. They'll account for a world of constant flux: continuously scanning for new apps, accounting for who and what they’re connected to and perpetually adjusting in relation to this holistic picture. That way, companies can close the SaaS security gap for good, and the promise of SaaS can be fulfilled without putting companies at risk.

‍

Follow me on LinkedIn. Check out my reco.ai to learn more about Dynamic SaaS Security.