Identifying Misconfigured SaaS App Settings

By nature, SaaS apps are immensely interconnected and complex, making them difficult to secure. With countless configuration settings, SaaS applications can introduce security gaps and risks to the organization’s environment and sensitive data. Just one SaaS application may have hundreds of configurations that affect the security of your data and users. Managing settings and misconfigurations across hundreds of apps is nearly impossible without a streamlined solution.

Existing Challenge

Misconfigurations can occur in any SaaS application, regardless of how prominent or well-known the SaaS provider may be. Some experts estimate that misconfigurations account for the majority of cloud breaches, and with SaaS usage on the rise, minimizing misconfiguration issues has become a top priority for IT and security teams.

Configuration settings are unique to each SaaS application with their number varying per app and can easily include tens or hundreds of settings each. The settings allow the user to modify the app with predefined options to best integrate with their internal systems and preferences.

With potentially hundreds of SaaS applications and configuration settings for each, and with thousands of users, misconfigurations are inevitable. Configuration management can easily become an extensive effort necessitating countless person-hours to configure and maintain settings.

How Axonius Identifies Misconfigured Settings

By providing comprehensive visibility into the SaaS application landscape, Axonius SaaS Management helps quickly assess SaaS-related security risks that put sensitive customer and business data at risk — including identifying misconfigured SaaS settings.

Tracking Existing SaaS Applications' Security Settings

Axonius makes it easy to manage and mitigate existing threats by providing a detailed inventory of all security-relevant settings and configurations of key SaaS applications in the organization.
For applications that are connected with Axonius adapters, Axonius identifies the security-relevant settings and maps them to compliance framework requirements such as SOC2, CIS, and other frameworks and certifications. For each setting, its current configuration is being detected, making it easier to identify the misconfigured ones.

The Policies module provides a breakdown of the current configuration state across the app stack.

The overview is followed by the complete list of settings, their type, configuration status, and potential impact if misconfigured.
In this case, let’s filter it out to current Salesforce misconfigurations with high impact on the security posture.

By clicking on any of those listed, you can review the current configuration, its impact on compliance requirements, the recommended configuration, and the process to take immediate action to make necessary or recommended changes.
In this case, we see a disabled MFA alert with information on the required mitigation steps to fix that.