Cloud Security
SSPM (SaaS Security Posture Management)
Also known as: SaaS posture management
Definition
A tooling category that continuously monitors SaaS application configurations, identities, and integrations to detect misconfigurations and risky behaviour.
Examples
- Adaptive Shield, Obsidian, Wing Security, or AppOmni reviewing Microsoft 365 admin roles.
- Detecting an unsanctioned GitHub OAuth app with org-wide repo read access.
Related terms
Software as a Service (SaaS)
A cloud delivery model in which a vendor hosts and operates an application that customers access over the Internet on a subscription basis.
CASB (Cloud Access Security Broker)
A policy enforcement point that sits between users and cloud/SaaS applications to enforce visibility, data protection, and threat controls.
CSPM (Cloud Security Posture Management)
A category of tools that continuously assess cloud accounts against best-practice and compliance baselines to detect and remediate misconfigurations.
Cloud Security
The set of policies, controls, and technologies that protect data, applications, and infrastructure hosted in public, private, or hybrid cloud environments.
Identity and Access Management (IAM)
A discipline and set of technologies for defining digital identities and controlling which resources each identity may access under which conditions.
Cloud Misconfiguration
Cloud Misconfiguration — definition coming soon.