On June 27, 2023, Amazon Web Services (AWS) announced the launch of AppFabric with the goal of improving Application Observability for SaaS Applications. The purpose of this blog post is to provide more details on AppFabric, and what it means for both SaaS security and security teams.
According to AWS: “AppFabric quickly connects SaaS applications across your organization. IT and security teams can then easily manage and secure applications using a standard schema, and employees can complete everyday tasks faster using generative AI.”
AppFabric integrates multiple SaaS applications to streamline SaaS activity events, create a unified events schema/database, offer analytics, and interconnectivity with other AWS Security products, such as Security Data Lake, Security Hub, etc.
AppFabric launches with an impressive list of SaaS integrations, each with its specific constraints and limitations:
AWS AppFabric pulls two main data points:
SaaS applications generate Audit Log events representing any administrative access by SaaS administrators. AWS AppFabric pulls these audit logs from multiple SaaS applications so you can monitor them all in one centralized location. AWS AppFabric pulls audit log data every two minutes and customers cannot change this frequency.
A few examples:
SaaS application user information contains data around users themselves (email, name, etc), their permission roles (admin, read-only, etc), and their activity events (view, create, share, etc).
While AWS AppFabric is exciting and puts SaaS security “on the map”, it is still very limited when it comes to offering a comprehensive SaaS security solution. It plays smoothly with the broader AWS ecosystem, but with very limited data points covering a small fraction of the SaaS Security threat landscape.
Even though AWS AppFabric helps monitor Audit Logs and query for user information, it lacks critical capabilities completing the picture for security teams:
AWS AppFabric is a very important validation for the importance of SaaS Security in 2023. Historically, AWS launches products associated with massive total addressable markets, critical customer pain points, and available budgets. Security teams now have a robust SaaS security solution to compare against all other solutions in the market, and make the best decision for their specific organizational needs/requirements. Security teams now look at the bigger picture and prioritize SaaS Security in their 2023/2024 budgets.
SaaS applications partnering with AWS on AppFabric validates that native SaaS Security capabilities are not enough to truly protect data at the speed of modern collaboration, data complexity, and rising threats.
As SaaS Security Platforms (SSPs) are on the rise, customers’ expectations are to purchase solutions that offer up comprehensive coverage of SaaS security threat models – all from a single vendor. Securing SaaS is a challenge at scale, given the application and data sprawl that is ultimately created for organizations of all shapes and sizes.
While this validation from AWS reaffirms the criticality of securing SaaS applications and data, what AppFabric lacks at this current moment in time is the combination of your SaaS attack surface, business context, and automated remediation. This combo is absolutely necessary in order to scale SaaS utilization and drive business enablement simultaneously.
Research-based benchmarks to assess risk across critical threat model
Consider the advantages of a native CASB solution from your SaaS vendor versus an independent 3rd-party provider - and other crucial considerations when choosing a CASB.