The SaaS Security Threat Landscape Data Report: Modern Businesses are Struggling to Grapple with SaaS Risk Exposure

Data is the NEW Endpoint: Why Data Security is Critical Now More Than Ever

Breaches and the Delicate Dance Between Privileged Credentials and SaaS Applications

Does Your Startup Require a Full-Time CISO?

The SaaS Security Market: What to Expect in 2023

Shadow Applications: A Significant Risk Hidden in Plain Sight

DoControl is now Health Insurance Portability and Accountability Act (HIPAA) Compliant

What we learned in 2022

In 2022, DoControl matured from an earlier stage startup to a reliable, scalable, and powerful SaaS Security platform. Here's the top 10 things we learned in 2022.

What’s Missing From Annual Security Awareness Training?

What is DLP and Why is it Lackluster?

DoControl Named in Two 2022 Gartner® Emerging Tech Impact Radar: Cloud-Native and Security Reports

What is a CASB and How Does it Integrate with DLP?

How to Control (Maneuver) the Post-IdP Wasteland

DoControl integration for GitHub: Defense-in-Depth for Software Code

DoControl + Zoom: Protecting Business-Critical Recorded Assets

Proxying Your Way to SaaS Security? There’s a Better Approach!

Proxying Your Way to SaaS Security? There’s a Better Approach!

DoControl Wins Prestigious SINET16 Innovator Award

DoControl is in the class of 16 standout cybersecurity companies to win the prestigious SINET16 Innovator Award.

Uber’s Internal Network Breach and Business-Critical SaaS Data Compromise

Uber falls victim to a man-in-the-middle (MITM) attack with business-critical systems, applications, and SaaS data becoming compromised.

DoControl Actionable Alerts: Your Dedicated Private Security Team

DoControl’s alerts are highly customizable, helping security teams find the appropriate balance of alert volume, so they can identify and contain real threats within the environment.

How DoControl Ensures the Success of Your Security Team

Today, there is a notable shortage in cybersecurity professionals to support the complexity of modern security programs. Technology providers need to do more. The DoControl No-Code SaaS Security Platform will help ensure the success of your security team, and enable them to free up time and resources to focus on the strategic initiatives that are critical to your business.

DoControl Named in Two 2022 Gartner® 2022 Hype Cycle™ Reports

DoControl was recently included in both the Gartner® 2022 Hype Cycles™ for Workload and for Network Security and Application Security. We at DoControl are thrilled to be named as a Sample Vendor in both of these publications.

A Roadmap to Zero Trust Architecture

Today, SaaS applications are one of the most preferred methods to share data – both sensitive or otherwise. It's imperative that security teams monitor and control access, as well as automatically remediate the loss, leakage, and misuse of sensitive company data. Move your Zero Trust Architecture to the next level and extend least privilege to the SaaS application data layer.

OAuth SaaS Applications: Discover. Correlate. Remediate. Repeat.

The DoControl No-Code SaaS Security Platform can now expose all sanctioned and unsanctioned OAuth applications, which users have installed them, the drive-wide permissions, and more.

How to Choose the Right CASB Tool to Secure SaaS Data

We’ve all heard the old saying, “When you’re a hammer, everything looks like a nail.” You can try tightening a nut or driving a screw with a hammer (and you might eventually succeed) but it won’t be fun for you…or the screw! DoControl provides the tools modern businesses require to reduce risk and maintain compliance for cloud governance and access to sensitive data.

DoControl + Datadog: Defense-in-Depth Across Mission-Critical Cloud Apps

We are excited to announce our expansion of DoControl’s integrated technology partnership program to include Datadog. As a leading platform provider for monitoring and security for cloud applications, the integration with Datadog allows security operations teams to have a more holistic view of risk across the mission-critical Software as a Service (SaaS) applications being leveraged to enable business enablement and productivity.

DoControl’s Incredible RSA Conference 2022

The last time the RSA Conference was a live, in-person event was right before the world as we knew it came to a screeching halt. Every technology vendor did their best to rollout “virtual” events which were in no way comparable to the real thing. Everyone – including all of us here at DoControl – was missing the “human connection.” As a vendor that was “born out of the pandemic,” we were very excited to (for the first time!) meet face-to-face with prospects, customers, peers, partners and more to talk about all things Software as a Service (SaaS) data security.

Insider Risk Management: Security Starts Within

When it comes to addressing insider risk, security starts within. Protecting sensitive company data from exfiltration and misuse requires a combination of the right people, process, and technology. Managing insider risk and preventing threats to the business is not achieved with any of these pillars individually. Modern businesses require technology that prevents and detects unauthorized access to critical assets; processes to support automated data access remediation; and people that are educated about – and watchful of – potentially risky activity who can course-correct during potentially risky activity. Modern organizations need all three pillars interconnected in order to protect their most critical assets.

DoControl Wins Globee® in the 17th Annual 2022 Information Technology World Awards®

DoControl announced today that The Globee® Awards, organizers of world’s premier business awards programs and business ranking lists, has named DoControl’s No-Code SaaS Security Platform, a winner in the 17th Annual 2022 Information Technology World Awards®.

DoControl is Recognized in 2022 Gartner® Market Guide for Insider Risk Management Solutions

DoControl is named as a Representative Vendor in 2022 Gartner® Market Guide for Insider Risk Management Solutions. Gartner recently published the market guide which assists in understanding and implementing a comprehensive insider risk management program. Gartner describes how “the increase in a hybrid or remote workforce, compounded with additional vendor integration, has prioritized insider risk management as a focus area for security and risk management leaders.”

Uncovering Risks in SaaS Applications

In today’s hybrid work environment, SaaS security has never been more important. Understanding your existing risks is a critical step to choosing the right security tool, but few SaaS apps provide the visibility necessary to perform a proper assessment.

Modernizing DLP and CASB with DoControl

DoControl Joins the Gartner Peer Insights Customer First Program for SaaS Management Platforms

The DoControl team is excited to announce that we have pledged to be a Customer First vendor in the SaaS Management market!

Yet Another Major Supply Chain Attack: GitHub

On April 12th, GitHub announced they had uncovered evidence of an attacker abusing stolen OAuth user tokens to download data from dozens of their customers. The applications maintained by the compromised platform service providers, Heroku and Travis-CI, were used by GitHub users, which makes this breach a new addition to the growing list of recent attacks that utilized unauthorized access to target suppliers' systems.

The Top 10 SaaS Security Risks Modern Businesses Face

Remaining conscious of these top 10 risks and encouraging employees to take preventative measures is best practice for any organization; however, it’s incredibly complex to ensure adherence across every single SaaS application used by the business. DoControl provides a crucial tool in the form of a centralized dashboard for visibility into all end-user activity within SaaS applications, and customizable security workflows that allow for the implementation of consistent security policies across the entire SaaS estate. 

DoControl raises a $30M series B round to redefine SaaS Security

Insight Partners-led Series B Will Help Businesses Prevent SaaS Data Breaches and Accelerate DoControl’s Growth

Harnessing Business Context to Enable a Secure and Productive Workforce

Since the dawn of man, security tools and technologies have always been perceived by the business as an obstacle. Instead of creating a more secure working environment, they often create frustration for most all users working within it. It goes without saying that every organization does what it can to be in the best position possible to mitigate the risk of a cyber breach or attack. But in doing so can create a tightrope walk of trying to move the business forward in a secure way. Walking that line is slow, and one slip could be detrimental to the business. 

Some of the Most Popular Use Cases for SaaS Data Access Control since our Security Workflows Release

Our Workflows are designed to help organizations address their unique SaaS security needs while ensuring maximum operational efficiency in every scenario. These are just a few of the many use cases we’ve seen for Security Workflows, and for organizations with needs that aren’t covered here – we’d appreciate the chance to demonstrate that DoControl has a solution for you, too.

The end of AWS keys in Slack channels

It’s time for security teams to enforce stronger controls over the sharing of AWS keys in Slack

NIST SP 800-207 - What does it mean for SaaS security

What Okta’s Businesses at Work Report Means for Your SaaS Security Program

Teasing out some of what’s reflected in Okta’s report only highlights the importance of centralizing the security of SaaS applications. The increased reliance on content collaboration apps requires increased security around them. The use of multi-vendor solutions that overlap require a consistent security strategy that scales in line with the growth and usage of these applications. If stop-gap measures are becoming longer term, then it's critical for organizations to reevaluate their security posture and ensure they have the necessary data access controls in place. Request a demo to see why more organizations are choosing to partner with DoControl to implement risk-based, future-proofed data access control workflows and policies.

DoControl Appoints Kobi Afoota as its Head of Information Security

We are excited to announce that Kobi Afoota, former CISO at Kornit Digital (NASDAQ: KRNT), has joined DoControl as Head of Information Security. At DoControl, Kobi will be responsible for leading security and risk management initiatives, application security, and compliance readiness. 

Enabling Customer Success at DoControl- a Mother’s Perspective

As a customer success leader and a mother to two little girls, I see many similarities between my profession and parenthood. I am not saying that every client is like dealing with unruly toddlers, although at times it might feel that way. What I am saying is that each child is different, they require different things and at different stages of their growth and development. This generalization can be applied to your customer base as well. When I think about my girls, some things work well for both of them, but despite being in the same environment, what works well for one may not work at all for the other.

Employee Spotlight: Customer Success of DoControl

Meet Natalie Valdman, Customer Success Manager and Anna Simhovich Pearl, Technical Operations Lead, both rising stars in DoControl's Customer Success team. We took a few moments to shine the spotlight on them...

Harnessing SaaS Data to Automatically Mitigate Security Risks

DoControl is excited to release the NEW Security Workflows, providing IT and security teams with the ability to create SaaS data access control workflows based on conditional logic, within a no-code policy enforcement platform.

Looking Back and Looking Forward on SaaS Security

Just as is with the cloud, securing SaaS is a shared responsibility. Providers are responsible for ensuring the security of their platforms, but there is an onus on the organization consuming the service to protect themselves from data overexposure and exfiltration, as well as cyber breaches and attacks.

Twilio’s Chief Product Officer joins DoControl as advisory board member

Eyal Manor will help DoControl shape its product vision and differentiated technology.

DoControl’s 2021 Year in Review

We started 2021 by unveiling our first initial MVP which was designed and built based on feedback from multiple design partners and friendly customers. This initial cluster of customers truly helped us validate and shape the first product value proposition. If you’re reading this, thank you so much for all the support, feedback, and time. We generally believe it’s never early enough to go outside of the building and show your product to your target market, in our case Security and IT practitioners. 

3 Top SaaS Apps and How to Secure them: Google Workspace, Slack and Box

In this blog we are going to focus on three of the most widely adopted SaaS applications, based on revenue and growth, as well as just general popularity. We will highlight the pitfalls and security gaps (note: these apps are not inherently insecure!), and how DoControl can help deliver a single, unified strategy to SaaS application security and reduce the risk of both data exfiltration and cyberattacks.

The Great Resignation: Managing Third Party Risks need to be a First Priority

You can’t protect what you don’t know exists. If you lack the insight and visibility across all the different SaaS applications that are being utilized by both internal and external users and entities, then it is extremely challenging to get an accurate assessment or quantification of the risk that you are faced with. 

Employee Spotlight: UX Designer, Shiri Shilo

I recently helped to design and maintain a new concept of risk analytics page which will help our users to accomplish greater visibility and remediation of their SaaS apps.

What’s Zero Trust Data Access?

While ZTNA micro segments on identities, networks, and devices, ZTDA micro segments on users, 3rd party collaborators, identity provider group membership, HR employment status, file type, file location, PII detection, malware detection, and more

The Personal Sharing Threat is Made Worse by the ‘Great Resignation’

As work and home life have increasingly merged, many employees have found it convenient to share corporate data residing in SaaS applications to their personal email accounts. But this “personal sharing” can create vulnerabilities that are difficult for an organization’s SecOps people to be aware of, let alone manage.

How Does Your SaaS Data Exposure Profile Look?

You would be surprised to know that most companies have thousands if not millions of shared SaaS assets that are unaccounted for, creating a massive risk and threat to the company.

Your 3rd party collaborators share your company data with 4th parties

Do you know what is a 4th party data access?

Weather Forecast: Cloudy with High Chances of SaaS Data Breaches

Google Drive, Slack, SharePoint, and others are involved in major data breaches

How HR and Security Teams Can (and Must) Work Together to Stop Insider Threats

Streamline HR and SaaS apps data to prevent data exfiltration

Data Breach in NYC Schools Highlights the Need for Refined Data Access to Common SaaS Applications

Real life example demonstrating the lack of granular data access controls

Native SaaS Security Features Not Granular Enough to Solve Common Business Use Cases

Time to rethink how data should be shared internally, externally, and publicly

What Can Happen When You Enforce Multi-Factor Authentication but Your Collaborators Don’t

Never assume your external collaborators run the same security practices you do

DoControl’s First Black Hat Conference was a Success

Black Hat USA 2021 was a win for DoControl

The hidden security challenges posed by Slack and Teams

The sudden rise and hidden dangers of Slack and Teams

Controlling Data Access One SaaS App at a Time Leaves Security Gaps

The security offerings from SaaS providers are not all equal

Deleting Users Through An Identity Provider Isn’t Enough

Those departing employees represent potential data security landmines

The Hidden Danger of External Sharing via SaaS Apps

Modern businesses rely on SaaS applications, but they represent a significant security vulnerability

Insider Threats to Data in SaaS Applications

The little-recognized, often accidental problem of internal data leakage from SaaS applications

MITRE ATT&CK and SaaS Security

Exploring The ‘Data from Information Repositories’ Cyber Tactic

DoControl Celebrates Its First Anniversary

Reflecting on our first year here at DoControl

Automated Security Workflows for SaaS Applications

The third and final post in the series exploring automated security workflows in the DoControl SaaS Security Platform

Continuous Monitoring of SaaS Applications

Continuous Monitoring is the second step in creating a comprehensive security program for SaaS applications

SaaS Asset Management: The First Step in Protecting Your Organization

Asset management is the first step in creating a comprehensive security program for SaaS applications

Essential Capabilities of a Robust SaaS Security Platform

Why enterprises need SaaS Asset Management, Continuous Monitoring and Automated Security Workflows to maintain a comprehensive SaaS security program

DoControl is now SOC2 type II certified

Announcing Our Product Launch and Series A Round

Regain Control of Corporate Data Sitting Outside Your Perimeter in SaaS Apps

Achieving Least Privilege Model on SaaS Applications

Learn what is least privilege model in the context of SaaS applications and how it can be applied at scale

Automated Data Access Control for SaaS Application Security at Scale

Still performing manual permissions cleanup or data access updates on demand? Learn how DoControl automates it all on your behalf