Business Security Weekly (Audio) Shadow Risks in SaaS, Cybersecurity Market Has Lost Its Mind, and Rise of the CTrO - Mike Puglia - BSW #424
12 snips
Dec 3, 2025 In this discussion, Mike Puglia, General Manager of Kaseya Labs and veteran in cybersecurity, addresses the hidden threats in SaaS applications like Microsoft 365 and Salesforce. He highlights how attackers exploit weaknesses via hijacked tokens and misconfigured settings. Mike also emphasizes the importance of beyond-basic protections, such as implementing telemetry and managing SaaS integrations. The conversation explores the evolving role of the Chief Trust Officer and the strategies for SMEs to enhance SaaS security while navigating the complexities of modern IT infrastructure.
AI Snips
Chapters
Transcript
Episode notes
Pursue Hybrid For Resilience
- Consider hybrid and edge deployments for critical workloads to regain resilience and control.
- Evaluate managed service providers offering non-public-cloud hosting where SaaS vendors lack on-prem options.
AI Focus Delays Resilience Features
- Big vendors currently prioritize AI and growth over offering more on-prem or resilience options.
- Market-driven innovation will eventually create alternatives as customers demand resilience.
Third-Party Apps Led To Massive Salesforce Breaches
- Mike recounts widespread Salesforce data thefts from third-party app exploits that affected many major brands.
- Attackers social-engineered admins to install data-exporting apps and exfiltrated billions of records.