Innovation Sandbox finalist and Valence Security Founder Yoni Shohet discuss the new SaaS-to-Saas attack surface produced by the proliferation of shadow integrations between SaaS apps. Today users are typically SaaS admins and often okay SaaS App requests to access other apps like their Calendar, Email, or SalesForce.

Yoni explains how automation tools for non-developers are expanding the problem, with no-code orchestration, ChatGPT, and Generative AI-producing integration apps, not to mention the explosion of developers and CI/CD pipelines.

Yoni explains the magnitude of the problem with so many exposed APIs, allowing common SaaS apps, identity providers (IDP), and shadow connections in your SaaS software supply chain. Valence Security’s approach to mapping the SaaS-to-SaaS mesh is discussed as well as their brand of remediation which includes an education step for the user.

Yoni Shohet can be found on LinkedIn.com/in/yonishohet or Twitter @yonishohet.

Valence Security can be found at Valencesecurity.com on LinkedIn.com/company/valence-security or on Twitter @Valencesecurity.

Send feedback to host Paul Shomo on Twitter @ShomoBits or connect on LinkedIn.com/in/paulshomo.