AppOmni Research Indicates That Nearly 70% of Instances Tested Are Leaking Data Through Improper Customer ACL Configurations
AppOmni, the leading provider of SaaS Security, has discovered a common ServiceNow Access Control List (ACL) misconfiguration present in nearly 70% of ServiceNow instances tested through AppOmni research. This security issue is defined as a “misconfiguration” resulting from a combination of customer-managed ServiceNow ACL configurations and overprovisioning of permissions to guest users.
“Securing SaaS is a lot more complicated than just checking a handful of settings or enabling strong authentication for users”
These types of misconfigurations are common across major SaaS platforms due to the complexity that inevitably comes with high levels of SaaS functionality, flexibility, and extensibility. Misconfigurations can happen during the initial implementation phase of a SaaS platform, when users or settings change, or as part of the regular cadence of SaaS updates that can impact current configurations. To help organizations quickly discover and take action to correct this misconfiguration, AppOmni has developed the SaaS Security Analyzer, a free web application that will determine if a specific ServiceNow instance has this ACL misconfiguration.
Recommended News: Building Reliable and Secure Fintech Systems in 2022
“Securing SaaS is a lot more complicated than just checking a handful of settings or enabling strong authentication for users,” said Brendan O’Connor, CEO and co-founder of AppOmni. “SaaS platforms have become business operating systems because they are so flexible and powerful. There are many valid reasons for workloads and applications running on a SaaS platform to communicate externally, such as to integrate with emails and text messages or host a support portal for your customers. SaaS adoption skyrocketed during the pandemic. Unfortunately, investments in people, processes, and technology to secure and monitor SaaS have not kept up. In AppOmni’s experience, significant data exposures like this are far more common than customers realize.”
Organizations have long used Role-Based Access Control (RBAC) to grant permissions for users to access resources on a SaaS platform. One important aspect of RBAC is the ability to allow public access to information within your “database,” which could be a forum, online shop, customer support site, or knowledge base. The challenge is ensuring the right level of access when organizations update or customize SaaS applications or onboard new users.
Recommended AI News: Crypto Asset Fund Class X Awarded #1 Crypto Fund for 2021
AppOmni Offensive Security Researcher Aaron Costello discovered ServiceNow external interfaces exposed to the public that a malicious actor could use to extract data from records. Analysis of ServiceNow instances showed that nearly 70% of those tested by AO Labs are leaking sensitive information, including Personal Identifiable Information (PII), to unauthenticated users. More information, including remediation steps, is available in a new AO Labs Technical Paper.
“The AO Labs team is committed to helping organizations build and maintain secure SaaS environments,” said Brian Soby, CTO and co-founder of AppOmni. “The high degree of flexibility in modern SaaS platforms has made misconfiguration one of the largest security risks businesses currently face. Our goal is to shed light on common misconfigurations and other potential risks in SaaS platforms so users can ensure their system posture and configuration matches their business intent. We encourage all ServiceNow users to take advantage of the SaaS Security Analyzer and learn more about how this misconfiguration may impact them.”
Recommended AI News: Perfect Corp. Launches Pioneering NFT Solutions with AR Virtual Try-on Capabilities
[To share your insights with us, please write to sghosh@martechseries.com]
Comments are closed.