Enterprises are increasingly reliant on Software as a Service (SaaS) applications, with some of the largest organizations using up to 371 different apps, marking a 32% rise since 2021. However, this proliferation has led to fragmented application use across departments, often without comprehensive oversight or understanding of usage patterns. This disjointed approach can lead to misconfigurations, creating numerous security vulnerabilities.
Joseph Thacker, a principal AI engineer at AppOmni, a company specializing in SaaS Security Posture Management (SSPM), highlighted the complexity of securing these applications. He noted that each app’s complexity might require a dedicated expert for effective security, a demand that exceeds the capabilities of most organizations. As a result, security teams are often overstretched, struggling to grasp the intricacies of various security settings.
To address these challenges, AppOmni has introduced AskOmni, a new AI-powered tool designed to assist in SaaS security. AskOmni leverages generative AI to enable users to ask critical security questions and receive comprehensible responses with essential data and remediation steps.
Thacker emphasized the lack of prioritization for SaaS security in many enterprises, despite their hosting of core intellectual property and sensitive data. He urged a shift in mindset, pointing out the unique threats in SaaS environments where attackers can directly access data, bypassing devices or frameworks. The overwhelming number of security alerts and the difficulty in managing permissions add to the complexity.
AskOmni aims to simplify this process. It uses AI and natural language processing to help users understand their SaaS usage and AppOmni’s security features. The tool conducts contextual analysis, aggregates data, identifies risks, and provides clear alerts and guidance on remediation steps. It can also highlight potential threats and suggest countermeasures.
Thacker envisions AskOmni eventually answering more complex queries and managing broader security tasks as AI technology advances. He remains optimistic about AI’s potential to transform and streamline security management, allowing for more focus on novel problem-solving.