MANAGING SaaS SECURITY RISKS
Siriux takes risk management for SaaS seriously. Our Quick Scans and in-depth Vulnerability Assessments help identify and remediate significant security vulnerabilities throughout SaaS products.
When implementing a SaaS product within your organization, you inherit its default security posture. Although these defaults are fine for organizations with low security risk, these defaults might not adequately protect your sensitive internal and client data.
These services can have more than 7,500 default settings per user, with 30% of these settings directly affecting security. New updates and features are frequently released for SaaS products which can pose new security risks and inadequately documented default settings.
Staying up to date with these settings requires extensive programming skills and security know-how because many of these 7,500+ settings are not visible through the admin portals.
THE SIRIUX SOLUTION
In 2020, after three years of R&D, Siriux experts released two types of SaaS Vulnerability Assessment tools for Microsoft 365 — Quick Scans and Vulnerability Assessments.
Both tools use PowerShell and Graph API data collection capabilities to help any organization understand its current SaaS security posture.
Coupled with these tools, Siriux Analysts provide expert recommendations on which areas within an organization’s SaaS products to reconfigure based on each organization’s business and security needs. The organization then implements remediation based on its unique business and security priorities.
HOW SIRIUX WORKS
HOW SIRIUX ASSESSMENTS ARE DIFFERENT
Whether you are a Fortune 100 organization with hundreds of dedicated security team members, or a small business with only a dozen employees, Siriux’s SaaS Vulnerability Assessment tools provide customized assessments that enable you to improve your security posture.
We provide in-depth scans of your SaaS security posture to identify a comprehensive range of potential attack vectors within and outside your organization.
FULL CLIENT CONTROL
We never ask for your global administrator credentials or access your network so you can retain control of the scanning process.
Our scans are read-only to protect your settings — you decide which remediation recommendations to implement. Our reports are also completely obfuscated to protect your organization’s sensitive data.
WHAT OUR CLIENTS ARE SAYING
“Siriux helped us understand how the Dark Halo attack impacted our organization and is helping us keep our configurations stable to defend against similar attacks in the future.”
“With Siriux we discovered over 1000 SharePoint Online sites which allowed guests to gain access to our internal administrative data.”
“The Siriux scan helped us discover our global admin accounts didn’t have the appropriate MFA controls in place. Siriux Analysts also helped facilitate the improvements of Intune policies to protect our employee’s mobile devices and laptops.”