Meet the Reco team at the RSA Conference, May 6-9 in San Francisco and discuss the latest SaaS security trends.
Solutions
Solutions By Use Case
Posture Management
Improve SaaS security posture
Data Exposure Management
Reduce SaaS attack surface
App Discovery & Governance
Discover & manage all apps
Shadow App Discovery
Identify unauthorized SaaS apps
Identity & Access Governance
Ensure appropriate access
Generative AI Discovery
Visibility into connected GenAI apps
SaaS Detection & Response
Prioritize alerts of threats
Integrations
Integrations By App
All Supported Applications
Connect Reco to your SaaS apps
ServiceNow
Prevent unauthorized access
Salesforce
Protect your business-critical data
Workday
Secure employee data
Microsoft 365
Securely create & collaborate
Slack
Ensure authorized user access
Google Workspace
Identify content at risk of exposure
Okta
Monitor access & unusual activity
Resources
Resources
Blog
Thoughts from our experts
Learn
Self-service security education
Customer Stories
How Reco helped customers
Guide for Financial Services
SaaS security guidelines for finserv
CISO Guide
Guidelines for SaaS security program
Featured Articles
Introducing the SaaS App Factory™: Secure Any SaaS Application
March 26, 2024
Why SaaS Security Is No Longer an Option
March 20, 2024
Cybersecurity National Strategy: One Year Later
February 28, 2024
Company
Company
About Reco
Identity-centric SaaS security
Careers
Hiring
View our open positions
Contact Us
Connect with a SaaS security expert
Newsroom
Latest Reco updates & news
Contact
Schedule a meeting
Get in touch
Email us
info@reco.ai
Twitter
LinkedIn
Generative AI
Request a demo
Reco Blog
Find the latest news on SaaS data breaches and cyber attacks, security innovations and insights from Reco's thought leaders.
Featured
How to Prepare Your Business for Microsoft Copilot
Learn how to prepare your business for Microsoft Copilot with insights into its benefits, potential challenges and best security practices.
Dr. Tal Shapira
April 22, 2024
5 mins
All
SaaS Security
SSPM
Cyber Attack
SaaS Security
5 mins
How to Prepare Your Business for Microsoft Copilot
Dr. Tal Shapira
April 22, 2024
Learn how to prepare your business for Microsoft Copilot. Discover Copilot’s functionalities and capabilities but also its potential risks and challenges. Learn about the advantages of using Microsoft Copilot for your business and follow the best practices for secure deployment.
SSPM
5 mins
Navigating the New Frontier of AI Governance: Insights from Digital World Conference Summit
Dr. Tal Shapira
April 18, 2024
Organizations are looking to generative AI (GenAI) governance as the technology's risks and opportunities continue to emerge. Learn from the world's leading AI experts about security industry priorities around AI safety and governance in our recap of the Digital World Conference Summit.
SaaS Security
6 mins
Microsoft Copilot for Security: Everything You Need to Know
Gal Nakash
April 8, 2024
Microsoft Copilot for Security is an AI-driven platform enhancing cybersecurity across organizations by automating threat detection, analysis, and response, and ensuring data privacy and compliance with advanced encryption and strict regulations. Learn how Microsoft Copilot handles data and discover the best practices for its implementation.
SaaS Security
5 mins
Are You Ready for Microsoft Copilot?
Gal Nakash
April 2, 2024
Learn about Microsoft Copilot, an AI chatbot launched earlier this year and its insecurities including potential data leakage from account takeover. Gain an understanding of how easy it is for a threat actor to gain elevated access to organizational data from executing a simple GenAI prompt in Copilot, and learn best practices to secure your Copilot instance.
SaaS Security
5 mins
Introducing the SaaS App Factory™: Secure Any SaaS Application
Gal Nakash
March 26, 2024
Learn about the SaaS App Factory from Reco, which extends SaaS security expertise, insights, and continuous monitoring from Reco to any SaaS application. Enterprises can implement a common security framework to ensure universal coverage of all SaaS applications in their tech stack.
SaaS Security
4 mins
Why SaaS Security Is No Longer an Option
Andrea Bailiff-Gush
March 20, 2024
Reco CEO and Cofounder Ofer Klein sat down with Chief Digital Evangelist of eViRa Health, Evan Kirstel as part of the podcast What's Up in Tech? to discuss the cybersecurity landscape, the explosion in adoption of SaaS applications, and why SaaS security is no longer an option.
SaaS Security
5 mins
Cybersecurity National Strategy: One Year Later
Andrea Bailiff-Gush
February 28, 2024
Hear from SaaS security experts on the effectiveness of the National Cybersecurity Strategy to help organizations secure their SaaS applications as we approach the one-year anniversary.
Cyber Attack
9 mins
Securing Microsoft After the Midnight Blizzard Attack
Oz Wasserman
February 14, 2024
Gain an understanding of the recent Midnight Blizzard cyber attack: how the threat actors were successful, techniques used, and actionable recommendations to protect your Microsoft environment.
Cyber Attack
7 mins
A Hacker’s Guide to a SaaS Application Breach
Gal Nakash
January 31, 2024
Our SaaS security experts use the cyber kill chain to walk through the phases of a SaaS application cyberattack, told from the perspective of a threat actor.
SaaS Security
5 mins
Automate SaaS Security & Data Exposure Risk with Palo Alto Networks & Reco
Gal Nakash
January 17, 2024
Discover how to leverage Reco AI with Cortex XSOAR for automated SaaS security. Streamline threat detection, automate remediation workflows, and fortify your organization's security posture.
SSPM
5 min
Zero Trust in the Cloud: Why Total Context Matters
Dr. Chase Cunningham
January 2, 2024
Learn about the importance of Zero Trust and SaaS security for continuous verification of identities, strict access control, and total context across infrastructure.
SaaS Security
5 min
5 Key Takeaways on Hacking the SaaS Security Journey
Andrea Bailiff-Gush
December 20, 2023
Reco joins CISO Series, Super Cyber Friday to discuss hacking the SaaS security journey, the evolution of SaaS and security priorities, and the best methods for aligning SaaS security with business goals.
Company News
3 min read
Reco Is Changing the Game of SaaS Security with Its Identity-First Approach to SaaS Security Posture Management
Andrea Bailiff-Gush
December 12, 2023
Connecting in Minutes, Reco Discovers Every App, Its Users, and Actions to Seamlessly Prioritize and Control the Risks in the SaaS Ecosystem
Awards
3 min read
Reco Earns Spot on the Intellyx 2023 Digital Innovator List
Andrea Bailiff-Gush
December 7, 2023
Intellyx, an industry analyst firm, named Reco to its 2023 Digital Innovator list. This annual list recognizes fast-rising technology companies committed to delivering enterprise digital transformation.
Blog
5 min read
Navigating the Risks of Generative AI in SaaS Platforms
Gal Nakash
November 28, 2023
While GenAI provides efficiency at scale, it also poses risks that Security leaders can't ignore. Learn about the most common security risks associated with GenAI integrations and tactics to protect your data.
SaaS Security
7 min read
Microsoft 365 and Azure AD: Addressing Misconfigurations and Assessing Risks
Gal Nakash
November 15, 2023
Learn about a real-world use case involving the Reco SaaS Threat Detection module and its revelation of a common threat within Office 365: disabled users retaining access to company data,
SSPM
4 min read
Securing Your Okta Environment After the HAR Breach: How SSPM Can Help
Gal Nakash
November 8, 2023
Learn about the recent cyberattack on Okta that led to the theft of HAR files from their customer support system. Reco shares how SaaS security (SSPM) solutions can be used to prevent techniques used in the Okta attack, detect session hijacking, and protect valuable data.
Cyber Attack
3 min
MOVEit Exploit & Ransomware Attack: Why SaaS Security Is Critical During a Cyberattack
Gal Nakash
November 1, 2023
Learn about the recent exploit and ransomware attack with MOVEit. Reco shares how their SaaS security (SSPM) solution can be used to prevent techniques used by Clop to infiltrate data, exfiltrate data, and encrypt data.
Cyber Attack
5 min
A Closer Look at the Hacking Techniques Used by the Lapsus$ Data Extortion Group
Gal Nakash
October 10, 2023
Learn about Lapsus$, a data extortion group and their recent cyberattacks against Okta, Uber, and Microsoft. Reco shares how their SaaS security (SSPM) solution can be used to prevent techniques used by Lapsus$ including privilege escalation, and user execution.
SaaS Security
4 min
Configuration Management Isn’t Enough: The Crucial Role of Event Monitoring in SaaS Security
Gal Nakash
October 4, 2023
Learn how a misconfigured SaaS token in Microsoft led to 38TB of data being exposed, and how to prevent misconfigurations using configuration management and event monitoring.
SaaS Security
3 min
SECtember AI Think Tank Reflections: Shaping the Future of AI Security & Governance
Tal Shapira
September 28, 2023
Reco CTO and Cofounder Tal Shapira shares insights on the transformative power of GenAI and its implications on cybersecurity from the SECtember AI Think Tank Day. Learn how AI innovators and experts came together to discuss the industry priorities for AI research and soft launch the Cloud Security Alliance’s AI Safety Initiative.
Cyber Attack
4 min
The MGM Resorts Cyber Attack: How Attackers Gained Highly Privileged Access Through Social Engineering
Gal Nakash
September 21, 2023
Learn how SaaS super admins targeted Okta in a social engineering campaign, and how to keep your Okta tenant and highly privileged SaaS accounts secure using Reco’s AI-driven approach and comprehensive mapping of data, apps, and identities.
SaaS Security
4 min read
Cresta Leverages Reco to Prevent Data Exposure
Oz Wasserman
May 24, 2023
Discover how Reco’s AI-driven approach and comprehensive mapping of data, apps, and identities perfectly aligned with the needs of our customer, Cresta. By going beyond security posture, Reco enabled proactive detection and response to sensitive data exposure and leakage.
SaaS Security
5 min
Four Reasons Multi-Factor Authentication Secures SaaS Apps
Gal Nakash
September 8, 2023
SaaS apps have become prime targets for cybercriminals. To enhance security, SaaS apps are enforcing Multi-Factor Authentication (MFA) as the default setting for users. Learn four reasons why MFA is critical for organizations to secure their SaaS applications and prevent the risk of data exposure.
SSPM
10 minutes
Video: Securing the Wild West of the Modern Enterprise
Andrea Bailiff-Gush
August 23, 2023
See how organizations are underestimating the extent of their SaaS attack surface risk due to a lack of unified risk visibility.
SaaS Security
3 mins
Reimagining Contextualized SaaS Security with Generative AI
Dr.Tal Shapira
July 12, 2023
Learn how Reco is transforming application governance and tackling the challenges of shadow applications using Generative AI. By leveraging Large Language Models and Google search, Reco's unique 'application consolidation' process brings clarity to complex landscapes, enhances app governance, and shadow app discovery. Join us on the forefront of security innovation with Reco.
SaaS Security
2 min read
Empowering Cloud Security with the Combined Strength of Wiz & Reco
Gal Nakash
June 9, 2023
Reco and Wiz have joined forces to create a comprehensive cloud security solution. Reco's contextual AI enhances Wiz's understanding of user privileges and activity in SaaS applications, while Wiz helps Reco users track and protect cloud assets. This collaboration ensures complete visibility, control, and protection across SaaS and cloud environments.
SaaS Security
3 min read
Take Action on Your SaaS Security with Torq and Reco
Gal Nakash
June 7, 2023
The partnership of Reco and Torq offers a powerful data protection and workflow automation solution for businesses utilizing SaaS applications. Reco identifies and flags sensitive data across platforms, providing insight into potential exposure risks. Meanwhile, Torq's hyperautomation ensures automatic risk remediation. Together, they have yielded an impressive 80%-90% reduction in exposure risk for their customers. By leveraging Reco's data insights and Torq's automation capabilities, businesses can secure their data, streamline workflows, and focus on their core operations.
SaaS Security
3 min read
Confronting The Triad of Shadow Identities, Applications, and Data
Gal Nakash
May 31, 2023
Shadow threats—Shadow Identities, Shadow Applications, and Shadow Data—pose risks to organizational security, compliance, and efficiency. To address these threats, organizations must adopt a comprehensive strategy supported by AI-powered SaaS security solutions. A whole systems security approach driven by AI offers scalability, visibility, detection and remediation. Leveraging context analysis solutions enables organizations to safeguard information assets, improve operational efficiency, and foster secure collaboration.
SaaS Security
4 min read
Empowering SolarEdge's Security & Productivity
Oz Wasserman
May 24, 2023
Reco has empowered SolarEdge to enhance their SaaS security and productivity exponentially. By providing comprehensive visibility, reducing false positives, and streamlining the protection of sensitive data, Reco has proven instrumental in SolarEdge's pursuit of securing their intellectual property, maintaining data privacy, and achieving operational excellence.
Cyber Attack
3 min read
Data Security: Life Saving, Life Supporting and Life Advancing
Gal Nakash
May 22, 2023
The impacts of data leaks not only result in the loss of critical medicines that save lives and put operators in danger, but also cause disruptions to essential systems, such as food, water, electricity, heat, and the monetary system, with significant impacts on the economy. Furthermore, they can have severe consequences for education, collaboration, the environment, and other vital aspects of modern life. In the realm of cybersecurity, cybercriminals, hackers, and ransomware gangs can do more than just damage businesses - they can destroy lives on a grand scale.
SSPM
4 min read
Protecting Sensitive Data & Maintaining Governance In The Age of Generative AI
Gal Nakash
May 10, 2023
As a security professional, one of our key responsibilities is to implement cybersecurity solutions, policies and governance that establish guidelines and procedures for handling sensitive data. Policies and governance should empower your users with confidence in their security, rather than limiting their use of powerful Generative AI applications like ChatGPT.
SaaS Security
4 min read
The Silent Enemy: Understanding & Combating Burnout In Cybersecurity
Gal Nakash
May 10, 2023
The role of cybersecurity professionals is a highly demanding one. CISOs, CIOs, CSOs, Security analysts, Compliance Officers, and many others are responsible for safeguarding sensitive information and critical systems from cyber threats such as hackers, hacktivists, and even nation-states.
SSPM
4 min read
The Future of SaaS Security is Here: Intelligent SSPM to Safeguard Your Sensitive Data
Gal Nakash
May 10, 2023
The convenience of using SaaS-based storage services like Google Drive has revolutionized the way we store and share files. However, with this convenience comes the risk of inadvertently exposing sensitive information to the public. For example, if someone shares a file or folder with the wrong person or forgets to restrict access to sensitive information, it could end up being publicly accessible.
SSPM
4 min read
SSPM: A Partial Solution to Protecting Data in the Era of SaaS Collaboration
Yael Yair Cohen
May 10, 2023
The explosion in SaaS collaboration tools adoption such as Slack, Microsoft 365 or Google Workspace, GitHub, has forced significant changes in how organizations operate, leading to on-going digital transformations. Traditional data security protocols and solutions are rigid, relying entirely on one-dimensional rules that don’t take into account the vast reams of unstructured data flowing to both internal and external users.
SaaS Security
4 min read
From Conflict to Collaboration: Balancing Business Agility, Productivity, and Security with AI and Organizational Context
Tal Shapira
May 10, 2023
A recent article, “Negotiating With Internal Security Teams,” addressed the frustrations tech teams face when collaborating with their internal security counterparts. To overcome these challenges and achieve a balance between employee productivity and information security, organizations must adopt a business-context-based security approach.
SaaS Security
4 min read
Cloudy With a Chance of Intrusion: Overcoming Data Security Hurdles Across SaaS Applications
Gal Nakash
May 10, 2023
Securing data is crucial in cloud computing and across any SaaS application, as the data stored within these platforms are often sensitive and valuable. It is imperative that all parties involved, including SaaS providers, businesses, and their security teams, take responsibility for safeguarding these applications and their data.
SaaS Security
4 min read
Protecting Your SaaS Data When Employees Leave
Andrea Bailiff-Gush
May 10, 2023
A key challenge around SaaS data security is the risk of data loss when an employee leaves the organization. This is because when an employee leaves an organization, they may take sensitive data with them or cause damage to company data either intentionally or unintentionally.
SSPM
4 min read
Sensitive SaaS Data: Managing Access To IT
Andrea Bailiff-Gush
May 10, 2023
Canalys, a technology market analysis firm, estimated that more than 30 billion data records were stolen in 2020, more than in the previous 15 years combined and the FBI has reported that the number of cyberattacks is doubling. This trend is only going to grow in the years to come, so ensuring your data is protected by tackling where it is and who is accessing it is critical.
SaaS Security
4 min read
Real Life Challenges: Finding Your Sensitive SaaS Data
Andrea Bailiff-Gush
May 10, 2023
More than 80% of workers use collaboration tools, up 44% since the start of the pandemic. While this rapid increase has improved workplace efficiency, it's also opened organizations up to greater data security threats and headaches due to the massive amounts of sensitive data at play.
Cyber Attack
4 min read
Same Tricks, Different Methods – Phishing Via SaaS!
Oz Wasserman
May 10, 2023
Adversaries are crafting better messages, going through deeper investigations to craft more targeted attacks, and using phishing kits to spread these attacks across organizations. It would appear fraudsters and cybercriminals behind the various tactics to fool and deceive never rest and now are looking to exploit SaaS based tools.
SSPM
4 min read
Democratizing the Principle of Least Privilege in Collaboration Tools
Gal Nakash
May 10, 2023
Securing data in collaboration tools centers around understanding of the principle of least privilege across the organization. But the decentralized nature of collaboration tools challenges traditional privilege management, and a new solution is needed to democratize how privileges are assigned and abuses remediated.
SaaS Security
4 min read
Google’s Data Protection Insights for Drive: Great Idea, Poor Execution
Gal Nakash
May 10, 2023
We recently received a headline from Google: 46% of potentially sensitive files have been shared outside your organization. Part of Google’s data protection insights for Drive, this alert and indeed the report, and the entire initiative, is missing an important ingredient: Context.
SaaS Security
4 min read
Context Enables (Some) Automation in Security
Dr. Tal Shapira
May 10, 2023
Could security tasks really be automated? We argue yes, when context is added to the security workflow, remediation of simple tasks can absolutely be automated
SaaS Security
4 min read
Why Context Is Critical to Your Data Protection Strategy
Gal Nakash
May 10, 2023
What happens when an old way of preventing data loss is applied to a new way of working, and we introduce what needs to come next - context led data security
SaaS Security
5 min read
Reco Visibility and Detection Reduces Employee Insider Threat – Before It Goes Too Far
Ofer Klein
May 10, 2023
Current ways of working, with remote working, and increased use of collaboration tools have increased the potential of employee insider threats. Reco’s collaboration security platform is designed to avoid situations where an employee uses anything from sanctioned work collaboration tools to shadow IT to leak sensitive work documents.
SaaS Security
4 min read
Figma Vulnerability: Slack Preview Gives Unauthorized View of Project Contents
Gal Nakash
May 10, 2023
A recently discovered vulnerability in the Figma integration in Slack potentially leaks information contained in Figma files to unauthorized users in the preview thumbnail. This vulnerability has been reported to Figma for them to manage. We are reporting our findings in accordance with the principles of responsible disclosure.
Cyber Attack
5 min read
How to Detect a GIFshell Attack: Step-by-Step Guide
Gal Nakash
May 10, 2023
Last month, security researcher Bobby Rauch published two blogs revealing a new vulnerability in Microsoft Teams. Known as GIFShell, the vulnerability utilizes seven different insecure design elements within Microsoft Teams to create the situation whereby an attacker can launch an exfiltration or malware attack against a victim – simply by sending them a GIF with embedded commands in a Teams chat.
SaaS Security
5 min read
Is Lucidchart Safe When Shared to Confluence?
Gal Nakash
May 10, 2023
When collaborating over multiple platforms, you need to secure all of them: integrations cause data and policies to shapeshift between platforms
PR
4 min read
We’re SOC 2 Compliant and Here’s Why It’s an Important Milestone
Gal Nakash
May 10, 2023
As a company who are developing a pioneering security tool designed to allow our customers to improve their security, it is important to us that we ensure that all our systems are as secure as they can be.
PR
4 min read
Reco Raises $30 Million to Enable Organizations to Secure their SaaS
Gal Nakhash
May 10, 2023
Reco emerged from stealth with the introduction of its Context-Based AI Platform that enables modern organizations to collaborate securely with their customers, vendors, and employees across major Collaboration Tools. The company also announced that it has raised $30 million to date. The A round was led by Zeev Ventures and Insight Partners, with participation from BoldStart, Angular Ventures, Jibe Ventures, CrewCapital, Cyber Club London and leading private investors.
SaaS Security
6 mins
Microsoft Copilot for Security: Everything You Need to Know
Gal Nakash
April 8, 2024
Learn how Microsoft Copilot for Security handles data, ensures privacy, and enhances compliance. Explore its benefits, challenges, and best practices.
SaaS Security
5 mins
Are You Ready for Microsoft Copilot?
Gal Nakash
April 2, 2024
Learn about Microsoft Copilot, an AI chatbot launched earlier this year and its insecurities including potential data leakage from account takeover. Gain an understanding of how easy it is for a threat actor to gain elevated access to organizational data from executing a simple GenAI prompt in Copilot, and learn best practices to secure your Copilot instance.
SaaS Security
5 mins
Introducing the SaaS App Factory™: Secure Any SaaS Application
Gal Nakash
March 26, 2024
Learn about the SaaS App Factory from Reco, which extends SaaS security expertise, insights, and continuous monitoring from Reco to any SaaS application.This is a game changer for SaaS, allowing enterprises to implement a common security framework with a consistent set of policies to ensure universal coverage of all SaaS applications in their tech stack.
SaaS Security
4 mins
Why SaaS Security Is No Longer an Option
Andrea Bailiff-Gush
March 20, 2024
Reco CEO and Cofounder Ofer Klein sat down with Evan Kirstel to discuss the cybersecurity landscape, the explosion in adoption of SaaS applications, and why SaaS security is no longer an option.
SaaS Security
5 mins
Cybersecurity National Strategy: One Year Later
Andrea Bailiff-Gush
February 28, 2024
Hear from SaaS security experts on the effectiveness of the National Cybersecurity Strategy to help organizations secure their SaaS applications as we approach the one-year anniversary.
SaaS Security
5 mins
Automate SaaS Security & Data Exposure Risk with Palo Alto Networks & Reco
Gal Nakash
January 17, 2024
Discover how to leverage Reco AI with Cortex XSOAR for automated SaaS security. Streamline threat detection, automate remediation workflows, and fortify your organization's security posture.
SaaS Security
5 min
5 Key Takeaways on Hacking the SaaS Security Journey
Andrea Bailiff-Gush
December 20, 2023
Reco joins CISO Series, Super Cyber Friday to discuss hacking the SaaS security journey, the evolution of SaaS and security priorities, and the best methods for aligning SaaS security with business goals.
SaaS Security
7 min read
Microsoft 365 and Azure AD: Addressing Misconfigurations and Assessing Risks
Gal Nakash
November 15, 2023
Learn about a real-world use case involving the Reco SaaS Threat Detection module and its revelation of a common threat within Office 365: disabled users retaining access to company data.
SaaS Security
4 min
Configuration Management Isn’t Enough: The Crucial Role of Event Monitoring in SaaS Security
Gal Nakash
October 4, 2023
Discover the impact of SaS token misconfiguration. Explore the advantages of event monitoring and learn how to prevent data leaks.
SaaS Security
3 min
SECtember AI Think Tank Reflections: Shaping the Future of AI Security & Governance
Tal Shapira
September 28, 2023
Discover transformative insights on GenAI and cybersecurity from SECtember AI Think Tank Day. Join CTO Tal Shapira & experts discussing industry priorities.
SaaS Security
4 min read
Cresta Leverages Reco to Prevent Data Exposure
Oz Wasserman
May 24, 2023
Discover how Cresta significantly improved SaaS security using Reco's AI-driven solutions. Learn about Reco's proactive detection tool to prevent data exposure.
SaaS Security
5 min
Four Reasons Multi-Factor Authentication Secures SaaS Apps
Gal Nakash
September 8, 2023
Discover four reasons why multi-factor authentication (MFA) is essential for SaaS security. Learn how the MFA default setting can boost SaaS application security.
SaaS Security
3 mins
Reimagining Contextualized SaaS Security with Generative AI
Dr.Tal Shapira
July 12, 2023
Discover how Reco leverages Generative AI to revolutionize application governance and tackle the challenges of shadow applications. Learn how Reco's unique 'application consolidation' process, powered by state-of-the-art Large Language Models and Google search, brings clarity to complex landscapes, enhances app governance, and uncovers unauthorized software.
SaaS Security
2 min read
Empowering Cloud Security with the Combined Strength of Wiz & Reco
Gal Nakash
June 9, 2023
Discover how Reco and Wiz have combined their strengths to create a comprehensive cloud security solution. Benefit from enhanced visibility, control, and protection across SaaS and cloud environments with Reco's contextual AI and Wiz.io's advanced security capabilities.
SaaS Security
3 min read
Take Action on Your SaaS Security with Torq and Reco
Gal Nakash
June 7, 2023
Discover Reco and Torq's powerful partnership offering data protection and workflow automation for SaaS-based businesses. Their innovative solution reduces exposure risk by 80%-90%, ensuring data security while streamlining operations.
SaaS Security
3 min read
Confronting The Triad of Shadow Identities, Applications, and Data
Gal Nakash
May 31, 2023
Discover strategies to address shadow IT challenges, including shadow identities, applications, and data. Learn how AI-powered SaaS security solutions can help.
SaaS Security
4 min read
Empowering SolarEdge's Security & Productivity
Oz Wasserman
May 24, 2023
Reco has empowered SolarEdge to enhance their SaaS security and productivity exponentially. By providing comprehensive visibility, reducing false positives, and streamlining the protection of sensitive data, Reco has proven instrumental in SolarEdge's pursuit of securing their intellectual property, maintaining data privacy, and achieving operational excellence.
SaaS Security
4 min read
The Silent Enemy: Understanding & Combating Burnout In Cybersecurity
Gal Nakash
May 10, 2023
The role of cybersecurity professionals is a highly demanding one. CISOs, CIOs, CSOs, Security analysts, Compliance Officers, and many others are responsible for safeguarding sensitive information and critical systems from cyber threats such as hackers, hacktivists, and even nation-states.
SaaS Security
4 min read
From Conflict to Collaboration: Balancing Business Agility, Productivity, and Security with AI and Organizational Context
Tal Shapira
May 10, 2023
A recent article, “Negotiating With Internal Security Teams,” addressed the frustrations tech teams face when collaborating with their internal security counterparts. To overcome these challenges and achieve a balance between employee productivity and information security, organizations must adopt a business-context-based security approach.
SaaS Security
4 min read
Cloudy With a Chance of Intrusion: Overcoming Data Security Hurdles Across SaaS Applications
Gal Nakash
May 10, 2023
Securing data is crucial in cloud computing and across any SaaS application, as the data stored within these platforms are often sensitive and valuable. It is imperative that all parties involved, including SaaS providers, businesses, and their security teams, take responsibility for safeguarding these applications and their data.
SaaS Security
4 min read
Protecting Your SaaS Data When Employees Leave
Andrea Bailiff-Gush
May 10, 2023
A key challenge around SaaS data security is the risk of data loss when an employee leaves the organization. This is because when an employee leaves an organization, they may take sensitive data with them or cause damage to company data either intentionally or unintentionally.
SaaS Security
4 min read
Real Life Challenges: Finding Your Sensitive SaaS Data
Andrea Bailiff-Gush
May 10, 2023
More than 80% of workers use collaboration tools, up 44% since the start of the pandemic. While this rapid increase has improved workplace efficiency, it's also opened organizations up to greater data security threats and headaches due to the massive amounts of sensitive data at play.
SaaS Security
4 min read
Google’s Data Protection Insights for Drive: Great Idea, Poor Execution
Gal Nakash
May 10, 2023
We recently received a headline from Google: 46% of potentially sensitive files have been shared outside your organization. Part of Google’s data protection insights for Drive, this alert and indeed the report, and the entire initiative, is missing an important ingredient: Context.
SaaS Security
4 min read
Context Enables (Some) Automation in Security
Dr. Tal Shapira
May 10, 2023
Could security tasks really be automated? We argue yes, when context is added to the security workflow, remediation of simple tasks can absolutely be automated
SaaS Security
4 min read
Why Context Is Critical to Your Data Protection Strategy
Gal Nakash
May 10, 2023
What happens when an old way of preventing data loss is applied to a new way of working, and we introduce what needs to come next - context led data security
SaaS Security
5 min read
Reco Visibility and Detection Reduces Employee Insider Threat – Before It Goes Too Far
Ofer Klein
May 10, 2023
Current ways of working, with remote working, and increased use of collaboration tools have increased the potential of employee insider threats. Reco’s collaboration security platform is designed to avoid situations where an employee uses anything from sanctioned work collaboration tools to shadow IT to leak sensitive work documents.
SaaS Security
4 min read
Figma Vulnerability: Slack Preview Gives Unauthorized View of Project Contents
Gal Nakash
May 10, 2023
Explore a vulnerability in Figma that potentially leaks information contained in Figma files to unauthorized users in the Slack preview thumbnail.
SaaS Security
5 min read
Is Lucidchart Safe When Shared to Confluence?
Gal Nakash
May 10, 2023
Learn about security vulnerabilities in Lucidchart when shared to Confluence. Discover why it's important to secure cross-platform collaboration.
SSPM
5 mins
Navigating the New Frontier of AI Governance: Insights from Digital World Conference Summit
Dr. Tal Shapira
April 18, 2024
Organizations are looking to generative AI (GenAI) governance as the technology's risks and opportunities continue to emerge. Learn from the world's leading AI experts about security industry priorities around AI safety and governance in our recap of the Digital World Conference Summit.
SSPM
5 min
Zero Trust in the Cloud: Why Total Context Matters
Dr. Chase Cunningham
January 2, 2024
Learn about the importance of Zero Trust and SaaS security for continuous verification of identities, strict access control, and total context across infrastructure.
SSPM
4 min read
Securing Your Okta Environment After the HAR Breach: How SSPM Can Help
Gal Nakash
November 8, 2023
Learn about the recent cyberattack on Okta that led to the theft of HAR files from their customer support system. Reco shares how SaaS security (SSPM) solutions can be used to prevent techniques used in the Okta attack, detect session hijacking, and protect valuable data.
SSPM
10 minutes
Video: Securing the Wild West of the Modern Enterprise
Andrea Bailiff-Gush
August 23, 2023
See how organizations are underestimating the extent of their SaaS attack surface risk due to a lack of unified risk visibility.
SSPM
4 min read
Protecting Sensitive Data & Maintaining Governance In The Age of Generative AI
Gal Nakash
May 10, 2023
As a security professional, one of our key responsibilities is to implement cybersecurity solutions, policies and governance that establish guidelines and procedures for handling sensitive data. Policies and governance should empower your users with confidence in their security, rather than limiting their use of powerful Generative AI applications like ChatGPT.
SSPM
4 min read
The Future of SaaS Security is Here: Intelligent SSPM to Safeguard Your Sensitive Data
Gal Nakash
May 10, 2023
The convenience of using SaaS-based storage services like Google Drive has revolutionized the way we store and share files. However, with this convenience comes the risk of inadvertently exposing sensitive information to the public. For example, if someone shares a file or folder with the wrong person or forgets to restrict access to sensitive information, it could end up being publicly accessible.
SSPM
4 min read
SSPM: A Partial Solution to Protecting Data in the Era of SaaS Collaboration
Yael Yair Cohen
May 10, 2023
The explosion in SaaS collaboration tools adoption such as Slack, Microsoft 365 or Google Workspace, GitHub, has forced significant changes in how organizations operate, leading to on-going digital transformations. Traditional data security protocols and solutions are rigid, relying entirely on one-dimensional rules that don’t take into account the vast reams of unstructured data flowing to both internal and external users.
SSPM
4 min read
Sensitive SaaS Data: Managing Access To IT
Andrea Bailiff-Gush
May 10, 2023
Canalys, a technology market analysis firm, estimated that more than 30 billion data records were stolen in 2020, more than in the previous 15 years combined and the FBI has reported that the number of cyberattacks is doubling. This trend is only going to grow in the years to come, so ensuring your data is protected by tackling where it is and who is accessing it is critical.
SSPM
4 min read
Democratizing the Principle of Least Privilege in Collaboration Tools
Gal Nakash
May 10, 2023
Securing data in collaboration tools centers around understanding of the principle of least privilege across the organization. But the decentralized nature of collaboration tools challenges traditional privilege management, and a new solution is needed to democratize how privileges are assigned and abuses remediated.
Cyber Attack
9 mins
Securing Microsoft After the Midnight Blizzard Attack
Oz Wasserman
February 14, 2024
Gain an understanding of the recent Midnight Blizzard cyber attack: how the threat actors were successful, techniques used, and actionable recommendations to protect your Microsoft environment.
Cyber Attack
7 mins
A Hacker’s Guide to a SaaS Application Breach
Gal Nakash
January 31, 2024
Our SaaS security experts use the cyber kill chain to walk through the phases of a SaaS application cyberattack, told from the perspective of a threat actor.
Cyber Attack
3 min
MOVEit Exploit & Ransomware Attack: Why SaaS Security Is Critical During a Cyberattack
Gal Nakash
November 1, 2023
Learn about the recent exploit and ransomware attack with MOVEit. Reco shares how their SaaS security (SSPM) solution can be used to prevent techniques used by Clop to infiltrate data, exfiltrate data, and encrypt data.
Cyber Attack
5 min
A Closer Look at the Hacking Techniques Used by the Lapsus$ Data Extortion Group
Gal Nakash
October 10, 2023
Learn about Lapsus$, a data extortion group and their recent cyberattacks against Okta, Uber, and Microsoft. Reco shares how their SaaS security (SSPM) solution can be used to prevent techniques used by Lapsus$ including privilege escalation, and user execution.
Cyber Attack
4 min
The MGM Resorts Cyber Attack: How Attackers Gained Highly Privileged Access Through Social Engineering
Gal Nakash
September 21, 2023
Learn how SaaS super admins targeted Okta in a social engineering campaign, and how to keep your Okta tenant and highly privileged SaaS accounts secure using Reco’s AI-driven approach and comprehensive mapping of data, apps, and identities.
Cyber Attack
3 min read
Data Security: Life Saving, Life Supporting and Life Advancing
Gal Nakash
May 22, 2023
The impacts of data leaks not only result in the loss of critical medicines that save lives and put operators in danger, but also cause disruptions to essential systems, such as food, water, electricity, heat, and the monetary system, with significant impacts on the economy. Furthermore, they can have severe consequences for education, collaboration, the environment, and other vital aspects of modern life. In the realm of cybersecurity, cybercriminals, hackers, and ransomware gangs can do more than just damage businesses - they can destroy lives on a grand scale.
Cyber Attack
4 min read
Same Tricks, Different Methods – Phishing Via SaaS!
Oz Wasserman
May 10, 2023
Adversaries are crafting better messages, going through deeper investigations to craft more targeted attacks, and using phishing kits to spread these attacks across organizations. It would appear fraudsters and cybercriminals behind the various tactics to fool and deceive never rest and now are looking to exploit SaaS based tools.
Cyber Attack
5 min read
How to Detect a GIFshell Attack: Step-by-Step Guide
Gal Nakash
May 10, 2023
Last month, security researcher Bobby Rauch published two blogs revealing a new vulnerability in Microsoft Teams. Known as GIFShell, the vulnerability utilizes seven different insecure design elements within Microsoft Teams to create the situation whereby an attacker can launch an exfiltration or malware attack against a victim – simply by sending them a GIF with embedded commands in a Teams chat.
READY TO SECURE YOUR SaaS?
Request a demo and explore Reco in action
Request a demo