Security Weekly Podcast Network (Audio) Shadow Risks in SaaS, Cybersecurity Market Has Lost Its Mind, and Rise of the CTrO - Mike Puglia - BSW #424
Dec 3, 2025
Mike Puglia, General Manager of Kaseya Labs, dives into the growing security blind spots in popular SaaS platforms like Microsoft 365 and Salesforce. He highlights how attackers are exploiting these vulnerabilities, particularly through hijacking tokens and misconfigured integrations. The conversation shifts to the crucial role of the Chief Trust Officer and the debate over reliance on big cloud providers. Mike also offers strategies for SMBs on managing SaaS security, along with the necessity for enhanced visibility across organizational apps.
AI Snips
Chapters
Transcript
Episode notes
SaaS Is A Major Blind Spot
- SaaS applications (Google, Microsoft 365, Salesforce) are often blind spots compared to endpoints and networks.
- Compromise of these SaaS accounts can be as damaging as server or infrastructure breaches.
Overreliance Creates Resilience Risk
- Organizations have become over-leveraged on major cloud and SaaS providers for both security and business resilience.
- If a provider has a systemic failure, customers can lose operational capability, not just email.
Instrument Your Tenants Proactively
- Monitor and instrument your tenant or instance with tools that analyze behavior, not just logs.
- Use consolidated monitoring across providers rather than relying on each vendor's native alerts.