Cybersecurity startup launches first-ever solution to address SaaS sprawl risks by nudging employees towards optimal security behavior.
Nudge Security emerged from stealth today with the first-ever SaaS security solution to discover shadow IT and curb SaaS sprawl across any device or location. Nudge Security does what previous enterprise security solutions have failed to do: make employees core to the solution.
“Today, every employee acts as their own CIO and can easily reach for a new cloud or SaaS tool to solve virtually any problem,” said Ed Amoroso, Founder and CEO, TAG Infosphere and former AT&T CISO. “While organizations see massive gains in productivity and employee satisfaction from such unencumbered IT adoption, cybersecurity has been slow to adapt.”
Nudge Security aims to help security teams to reclaim control over their SaaS security postures by working with employees, not against them.
“Employees are capable and willing to ‘do the right thing’ when it comes to security; the industry has just made it incredibly difficult for them to do so,” said Russell Spitler, CEO of Nudge Security. “We are making security a sidecar to the employee experience, rather than a series of roadblocks and detours.”
Unlike solutions that gate employees’ SaaS access, Nudge Security discovers when employees create new SaaS assets and automatically nudges them towards desired choices. It continuously discovers historical and new SaaS assets without relying on network infrastructure, endpoint agents, browser extensions, or SaaS API integrations, taking only minutes to set up.
“Most SaaS security solutions focus on securing just a handful of already-known enterprise applications through API integrations, but there are tens of thousands of enterprise SaaS companies today, and mid-sized enterprises are adding a new SaaS account every two minutes,” said Jaime Blasco, CTO of Nudge Security. “Nudge Security is the only company able to address SaaS security at scale across any application by tapping into the very source of SaaS adoption: employees.”
Kevin Mandia, CEO of Mandiant, Strategic Partner of Ballistic Ventures
“Whether they’re ready to admit it or not, every security leader is contending with a sprawling mix of cloud and SaaS providers, permissions, accounts, and identities. Until now, this emerging attack surface has been largely invisible and vulnerable to the types of supply chain attacks in the headlines week after week. Nudge Security recognized that securing the SaaS supply chain is one of the core challenges of modern cybersecurity, and that’s why the Ballistic Ventures team was so eager to invest.”
Nicole Perlroth, Nudge Security advisor, best-selling author, and CISA advisor
“For years, the industry has treated cybersecurity as a technology problem when, in fact, it is humans that play the biggest role in keeping enterprises cyber secure. Finally, Nudge Security has emerged to tackle the hardest soft problem in the industry—human behavior.”
Hector Aguilar, Former President of Technology and CTO of Okta
“I am of the opinion that SaaS sprawl is a good thing, you have to give your team the flexibility to explore and discover new tools that will help them become more effective at their job. Ideally all those apps should be authenticating in a centralized way using an identity provider like Okta, however, in the real world, it is imperative to have mechanisms in place to account, find and manage the sprawling of those apps and nudge users to help secure the flow of information.”
Roger Thornton, Founding Partner of Ballistic Ventures, member of the Nudge Security Board of Directors
“Adversaries are constantly finding new ways to socially engineer employees and attack the vast supply chain of SaaS applications they’re using to gain access to organizations. Every CISO is aware of the challenge they’re up against, and now it’s our job to make sure every CISO knows about Nudge Security and the way they enable employees to be a key part of an enterprise’s defense.”
Kunal Anand, CTO of Imperva, Founding Advisor of Nudge Security
“Security teams need to focus on fighting real adversaries, not their colleagues. Nudge Security alleviates the time spent chasing down employees to get them to follow security policies, and it does so in a friendly way that’s more effective and less stressful for everyone involved.”
Frank Dickson, Group Vice President of Security & Trust at IDC
“Nudge Security innovates beyond other cloud and SaaS security technologies by providing SaaS context quickly and efficiently across all applications and user accounts, managed and unmanaged, enabling security and IT professionals to modernize their SaaS governance efforts.”
Chris Doman, Co-founder and CTO of Cado Security
“As more data moves to cloud and SaaS environments, threat actors are turning their sights on assets and user credentials of which security teams may have little to no awareness. Nudge Security has an innovative approach that helps security teams shore up their defenses against cloud and SaaS threats, starting at the critical point of making the unknown known.”
Brian Chess, SVP Cloud & Infrastructure at Oracle Netsuite
“We need modern security approaches that address the attrition crises happening across the enterprise and especially within the security organization where burnout is rampant. Nudge Security understands the dynamics of modern work and is the only cybersecurity vendor working to make life easier for employees and security practitioners alike.”
How Nudge Security works
- Continuously discovers SaaS and cloud assets: accounts, OAuth grants, domains
- Provides third-party risk and supply chain insights
- Automatically nudges employees towards optimal security behaviors
- Automates SaaS security posture tasks with playbooks
Earlier this year, Nudge Security announced $7 million in seed funding led by Ballistic Ventures. Nudge Security is now available with a free 14-day trial experience at www.nudgesecurity.io.
Nudge Security is transforming the human element of cybersecurity. Founded in 2021 by Jaime Blasco and Russell Spitler, the company secured funding led by Ballistic Ventures in 2022. Nudge Security is a remote company with outposts in Austin, Texas and Jackson, Wyoming. Visit www.nudgesecurity.com and follow on Twitter and LinkedIn.