By Tamir Passi, Director of Product at DoControl
Today we’re launching DoControl Dot, the first AI assistant purpose-built for SaaS data security. Powered by DoControl’s deep security intelligence, Dot gives security teams real-time exposure-risk insights across platforms like Google Workspace, Microsoft 365, Slack, Salesforce, and more - simply by asking a question.
Security teams are overwhelmed: hundreds of apps, thousands of users, and countless files - yet limited visibility. Dot addresses this by translating raw SaaS telemetry into plain-English answers about exposures, misconfigurations, and risks - no dashboard digging, no complex queries.
This is the new way of working for security teams: faster, more intuitive, and fully aligned with how modern SaaS operates - dynamic, distributed, and fast-moving. Dot turns reactive security into proactive defense, helping teams make decisions in real-time, with context, and at scale.
The SaaS Security Visibility Challenge
Our latest research revealed an alarming reality: more external users than employees can access enterprise SaaS data. In one case, external collaborators made up 88% of users with asset access - most of them still active through legacy sharing links and forgotten permissions.
Across industries, organizations had 709,533 exposed assets out of 1.2 million, with a third of those shared externally or publicly. On average, every employee shared 56 files to personal email accounts, and ex-employees retained access to 94,000+ assets long after termination. Even encryption keys weren’t spared - 28% were left exposed, putting production systems at risk.
Shadow apps are another hidden threat. The average company had 730 connected apps, with 13% deemed risky and 14% abandoned. These unsanctioned apps can read, write, or delete sensitive data - just like in the recent Cyberhaven breach, which was traced back to a malicious browser extension.
When breaches occur, it’s often insiders or ex-employees. Our data shows half of all exfiltration alerts were triggered by users moving sensitive data to personal accounts. Traditional tools can’t keep up. Security teams need clear, real-time answers to questions like:
- “Which terminated users still have access?”
- “What sensitive data is exposed to the public?”
- “Which apps pose the highest risk to our environment?”
Dot was built to answer those questions - and act on them - instantly.
{{cta-1}}
Solve SaaS Risk in Seconds
Dot lets teams ask security questions in natural language:
- “Which sensitive files are publicly accessible?”
- “List third-party apps with excessive permissions to executive employee Drives.”
- “Who still has access to data after leaving the company?”
- “List any unusual login attempts by watchlist users in the past 7 days”
Behind the scenes, Dot analyzes fine-grained activity logs, access controls, app integrations, and identity data across your SaaS environment to give immediate, actionable answers.
From Alert to Action
Dot doesn’t just detect. It helps remediate. For any risk identified, it recommends targeted security playbooks. Whether offboarding a user, revoking public access, or restricting an app, Dot connects insight to enforcement in one flow - turning intelligence into action instantly.
Real-Time Clarity, Organization-Wide
Dot surfaces only what matters. It prioritizes sensitive data exposures, flags unusual access patterns, and summarizes trends - all contextualized and in plain English. Instead of alert fatigue, security teams get the clarity they can act on.
"With the ever expanding scope for security teams, especially the explosion of SaaS, DoControl Dot will give us an intelligent way to stay ahead of SaaS risks - without needing to dig through countless tools or dashboards,” said Heather Cannon, Senior Manager, Security at DigitalOcean. “It’s like having an expert analyst always available, always up to speed, and always contextualized to our environment."
Built for Today’s SaaS Complexity
Dot is the first assistant to unify insights across your entire SaaS stack. Whether it’s sensitive customer data in Salesforce or risky links in Google Drive, Dot sees and understands the full picture. It’s trained on DoControl’s battle-tested data engine, with insights grounded in your actual environment.
Try DoControl Dot
Dot is now available in private beta. Join us and experience a new way to stay ahead of SaaS risk - with the speed and precision only AI can deliver.
.png){kind=small}
.png)