SaaS Security Threats to Worry About, with Salesforce's Kelly McCracken

Kelly McCracken, SVP of the Cyber Security Operations Center at Salesforce, leads one of the most complex and high-scale cyber operation environments on the planet. Today, she joins Adam and Cristian to discuss how adversaries are targeting SaaS vendors, the most underappreciated SaaS misconfigurations, and what the future of the shared responsibility model looks like.

SaaS is a continuously growing target, but who is taking aim? eCrime adversaries such as SNARKY SPIDER and CORDIAL SPIDER are ones to watch, Adam says. They take advantage of poorly secured identities that make for lucrative targets. If a threat actor can log in as a legitimate user and gain access to a SaaS environment, they can reach any range of applications with poor security configurations — and exfiltrate their sensitive data.

The shared responsibility model is essential to defense. Businesses must understand what their vendors are responsible for securing and what they’re responsible for securing. A lack of configurations and policies opens the door to both external adversaries and insider threats.

“I feel like most security teams are flying blind when it comes to what’s going on with some of the most precious data for their company,” Kelly says.

Tune in for a deep-dive conversation on one of the most prominent threats facing businesses today and stick around to hear about Cristian’s latest culinary fail and Kelly’s elite Latin skills.

🔗 Links:

🎧 Spotify: https://cs.link/uissX
🎧 Apple Podcasts: https://cs.link/uissY
🎧 Our site: https://cs.link/uissZ

📣 Connect With Us:

► X:
https://twitter.com/CrowdStrike
► Instagram:
https://www.instagram.com/crowdstrike
► LinkedIn:
https://www.linkedin.com/company/crowdstrike

🔔 Subscribe to stay updated!

#CrowdStrike #AdversaryPodcast #Salesforce