Home > Research > From Cloud Chaos to Controlled Confidence – Adaptive Shield’s Rise in SSPM

From Cloud Chaos to Controlled Confidence – Adaptive Shield’s Rise in SSPM

In the ever-evolving landscape of software as a s service (SaaS) security, one company has quietly forged its path, becoming a beacon of protection for large enterprise businesses grappling with the growing complexity of SaaS applications. This is the story of Adaptive Shield, a rising star in the SaaS security space, whose journey from a nimble startup to a recognized industry leader is as remarkable as the solutions it offers.

Founded in 2019 by cybersecurity veterans Maor Bin and Jony Shlomoff, Adaptive Shield entered the scene with a bold vision: to address the growing vulnerability in the SaaS ecosystem regarding enterprise security – including the dangers deriving from misconfigured security controls, lack of management regarding human and non-human identities, interconnected apps, and the detection of threats within these business-critical apps and vulnerabilities lurking within SaaS applications. Recognizing the exponential adoption of SaaS and the inherent risks it posed, the company set out to build a comprehensive shield, not just for individual applications, but for the entire interconnected SaaS ecosystem.

Their early days were marked by relentless innovation, and they continue this trend with new features like identity threat detection and response (ITDR). The company quickly gained traction, fueled by a $30 million Series A investment in 2021 and recognition as a Gartner "Cool Vendor." Since then, they have raised $44 million from multiple venture capital firms including Vertex Ventures, Okta Ventures, Insight Partners, and Blackstone, which is a strategic investor and customer. Adaptive Shield currently has more than 85 employees and over 150 customers, most of whom are large enterprises. This momentum propelled them to the forefront of the SaaS security posture management (SSPM) space, where they have continued to forge their unique identity.

SSPM solutions are a type of automated security tool that continuously monitors and assesses the security of your SaaS applications like Slack, Salesforce, Microsoft 365, Jira, ServiceNow, and more. Think of it as a vigilant guard for your SaaS landscape. The value of SSPM solutions should be more than information to check boxes; Adaptive Shield recognized this limitation and went beyond traditional approaches. They built a platform that not only identifies misconfigurations but also empowers businesses to:

  • Gain deep visibility into their SaaS landscape. Adaptive Shield maps and monitors all connected SaaS applications, providing a single pane of glass for comprehensive oversight.
  • Prioritize and remediate risks. Their platform prioritizes vulnerabilities based on context and potential impact, guiding remediation efforts for maximum efficiency.
  • Continuously adapt to change. Adaptive Shield’s AI-powered technology learns and adapts alongside your cloud environment, ensuring consistent protection even as your SaaS footprint evolves.
  • Measure SaaS hygiene against compliance standards. Many organizations are required to follow industry compliance standards, while other organizations develop their own set of standards. Adaptive Shield enables organizations to seamlessly measure compliance of their SaaS stack against industry standards and create a custom standard.
  • Collaborate between app owner and security team. Adaptive Shield provides a collaboration platform to streamline and centralize communication around security remediation. Encouraging app owners to be more involved and aware throughout the security process to ensure no business processes are broken while still cooperating with security teams to minimize risks.

Source: Adaptive Shield, Security Checks and Alerts (2024)

Picture your SaaS apps as a bustling city – overflowing with potential but brimming with hidden risks. Now imagine Adaptive Shield as a security patrol, roaming the streets with eagle eyes and cutting-edge tech. Unlike other guards who just point out trouble, Adaptive Shield doesn't stop there. It automatically fixes misconfigurations, alerts you about suspicious activity, and even helps prioritize risks. Through the platform, security teams can also create a ticket for the app owners, through any ticketing system or any SIEM/SOAR system and close the remediation loop. Plus, it learns the city's layout like the back of its hand, adapting to new features and changes faster than any other patrol.

But it's not just about throwing up walls. Adaptive Shield goes beyond the usual "scan and alert" routine. Imagine it like having a super-smart security guard at each gate, constantly learning, and adapting. It analyzes your app settings, user activity, and even dark web activity, sniffing out risks before they turn into full-blown breaches. It can automatically fix simple things, like a forgotten password policy, and alert you to bigger issues, including threats, all while learning your company's unique security needs and adjusting its defenses accordingly. Adaptive Shield evolves with threats and never sleeps, that's what makes Adaptive Shield different – it's not just about checking boxes, it's about building a living, breathing security shield around your cloud.

Source: Adaptive Shield, Remediation (2024)

Integrating Adaptive Shield is straightforward:

  • Choose your method. You can send data automatically through the API (for developers) or simply click consent for pre-built integrations with all your SaaS apps. The intuitive wizard guides you through both options.
  • Uncover your security posture. This allows you to view your overall security score, identify underperforming apps, and access detailed security checks. These checks go beyond individual settings, analyzing chains of configurations to pinpoint vulnerabilities.
Adaptive Shield encourages integrating all your apps (including sandboxes) at no extra cost. This allows them to analyze cross-app connections and provide valuable insights. Your dashboard then becomes your security command center, highlighting issues and offering clear remediation steps. Once you've integrated your apps, the dashboard populates with your overall security posture. You'll see which apps need attention and specific security checks that are failing. The key benefit once again is that the solution doesn’t just point out problems; it empowers you to fix them, regardless of your expertise in each SaaS tool.