Vorlon Blog

What Is SaaS Security? Types, Risks, and Best Practices
Featured Blog

What Is SaaS Security? Types, Risks, and Best Practices

SaaS has become the operating system of the modern enterprise. Work, data, and automation now live in interconnected apps, APIs, and AI copilots. Each new integration accelerates the business while ...

Read More
All Security Insights Breach Response Partners Product News

Explore Categories
Dec 19, 2025 5 min read
graphic of saas connections

Gartner Analysis on SaaS Ecosystem Security Risk Maps to Vorlon’s Approach

By Amir Khayat, CEO
Dec 19, 2025 13 min read
graphic of API connecting to servers and data

API Security: Top Tips, Best Practices, and Strategies

By Eric Schlesener
Dec 18, 2025 14 min read
Application Security Assessment: How to Calculate the Risk

Application Security Assessment: How to Calculate the Risk

By Sasiel Saadon
Dec 16, 2025 10 min read
AI Runtime Security

AI Runtime Security: How to Protect Your AI from New Threats

By Anil Agrawal
Dec 15, 2025 9 min read
Security Compliance

Security Compliance: Practices, Rules, and Challenges (2026)

By Brendan Booth
Dec 12, 2025 8 min read
Third-Party Risk Management

What Is Third-Party Risk Management? A Comprehensive Guide

By Jonathan Reshef
Nov 24, 2025 9 min read

How the Gainsight Breach Exposed a Growing SaaS Supply Chain Threat

By Anil Agrawal
Nov 13, 2025 10 min read
MCP Security: New Risks and Best Practices to Protect Yourself

MCP Security: New Risks and Best Practices to Protect Yourself

By Tali Mahar
Nov 12, 2025 9 min read
IBM's 2025 breach report: How bad is the AI governance gap?

IBM's 2025 breach report: How bad is the AI governance gap?

By Netta Drimer
Nov 11, 2025 7 min read
Agentic AI Security: New Threats and Best Practices

Agentic AI Security: New Threats and Best Practices

By Eric Schlesener
Oct 31, 2025 11 min read
What Is SaaS Security? Types, Risks, and Best Practices

What Is SaaS Security? Types, Risks, and Best Practices

By Netta Drimer
Oct 30, 2025 11 min read
What is data security? Top Risks, Threats, and Best Practices

What Is Data Security? Top Risks, Threats & Best Practices

By Sasiel Saadon
Sep 30, 2025 4 min read
What the Salesloft Drift breaches reveal about 4th-party risk

What the Salesloft Drift breaches reveal about 4th-party risk

By Amir Khayat, CEO
Sep 12, 2025 2 min read
Vorlon at Hou.Sec.Con with image of conference center in background

Vorlon Brings SaaS and AI Security to Hou.Sec.Con 2025

By Elias Terman
Sep 04, 2025 7 min read
Salesloft Drift Breach What Happened and How to Protect Yourself with Drift logo

Salesloft Drift Breach: What Happened & How to Protect Yourself

By Adam Burt
Aug 28, 2025 4 min read
Isreal's Cyber Frontier report face, Vorlon featured in Deloitte 2025 Cyber Report text.

Deloitte Features Vorlon's GenAI-Enabled Security Solution

By Netta Drimer
Aug 25, 2025 11 min read
What Is SSPM? A Guide to SaaS Security Posture Management

What Is SSPM? A Guide to SaaS Security Posture Management

By Jonathan Reshef
Aug 19, 2025 13 min read
What Is Non-Human Identity? NHI Security Threats and Management

What Is Non-Human Identity? NHI Security Threats and Management

By Lauren Lee
Aug 11, 2025 18 min read
ShinyHunters exploits salesforce blog

ShinyHunters Exploits Salesforce, Detection and Response Tips

By Mike Cioffi
Aug 06, 2025 6 min read

Justin Lam’s SSPM Reality Check: Secure the Ecosystem, Not Just the App

By Elias Terman
Aug 04, 2025 5 min read
Vorlon plus Google Cloud logos together

Elevating Security Operations with the Vorlon and Google Security Operations Integration

By Anil Agrawal
Jul 15, 2025 4 min read
Unifying SaaS and AI Security Blog

Unifying SaaS and AI Security: Why Vorlon Is Looking at the Forest, Not Just the Trees

By Amir Khayat, CEO
Jul 10, 2025 3 min read
Vorlon MCP Server and DataMatrix Technology

Vorlon MCP Server & DataMatrix Technology

By Amichay Spivak
Jun 25, 2025 4 min read
Black Hat USA 2025

Vorlon Is Headed to Black Hat USA 2025 — See You in Startup City!

By Elias Terman
May 28, 2025 4 min read
Microsoft 365 Commvault Breach

Commvault Metallic Microsoft 365 Breach & What to Do Next

By Anil Agrawal
May 16, 2025 5 min read
Pearson Breach

The Pearson Breach: How It Happened and Lessons Learned

By Anil Agrawal
May 13, 2025 4 min read
Rand-User-Agent Attack NPM

Rand-User-Agent Attack: How It Happened & How to Protect Yourself

By Anil Agrawal
Apr 24, 2025 4 min read
Verizon’s 2025 Data Breach Investigations Report reveals third-party breaches are on the rise, and we’re not surprised!

Verizon DBIR Reveals Third-Parties Involved in 30% of Breaches

By Amir Khayat, CEO
Apr 16, 2025 3 min read

Introducing DataMatrix™: Cracking Open the Black Box of SaaS Security

By Elias Terman
Apr 11, 2025 4 min read
Close-up view of whack-a-mole carnival game with text overlay

Vulnerabilities Gonna Vulnerability—And Third-Party Risk Won’t Manage Itself

By Jonathan Reshef
Apr 10, 2025 3 min read
Laptop computer with stethoscope laying on top of keyboard. Overlay

Oracle Health Breach: What Security Teams Need to Know

By Anil Agrawal
Apr 01, 2025 6 min read
Adam Burt, Vorlon's Head of Research, headshot and blog title

The Blind Spots in SaaS Security: Q&A with Adam Burt Part 3

By Elias Terman
Mar 27, 2025 3 min read
Illustration of a broken digital chain symbolizing a compromised GitHub Action and CI/CD supply chain security breach

Compromised GitHub Action Targets Coinbase in SaaS Security Breach

By Anil Agrawal
Mar 21, 2025 6 min read
Headshot of Adam Burt, Head of Research at Vorlon, with text

Q&A with Adam Burt Part 2: The Hidden Dangers in Your SaaS Integrations

By Elias Terman
Mar 20, 2025 5 min read
Man with head in hand, sitting in front of laptop computer, stressed by news of malicious fake OAuth app in Github

New OAuth Phishing Attack on GitHub:  What Security Teams Must Know

By Anil Agrawal
Mar 14, 2025 7 min read
Headshot of Adam Burt, Vorlon's head of research, with text Q&A with Adam Burt Part 1

Q&A with Adam Burt Part 1: Why SaaS Breach Investigations Are So Hard

By Elias Terman
Mar 07, 2025 4 min read
A web of metallic threads and connectors, with one shining in red to indicate compromise of a third part application which can spread to the connected applications

How Silk Typhoon Exploits IT Supply Chains and What You Can Do

By Anil Agrawal
Mar 05, 2025 3 min read
A street in New Orleans overlaid with words FS-ISAC 2025 Spring Summit, New Orleans, LA

Vorlon, Securing Financial SaaS Ecosystems, Sponsors FS-ISAC 2025

By Elias Terman
Feb 24, 2025 6 min read
RSA 2025 Conference

Discover Vorlon at RSAC 2025: A New Approach to SaaS Ecosystem Security

By Elias Terman
Feb 13, 2025 3 min read
Grubhub data breach impacting personal information. Grubhub logo displayed over a meal.

Grubhub Data Breach: A Costly Meal for Customers, Drivers, and Merchants

By Lauren Lee
Feb 10, 2025 5 min read
Doctor working through a secure API to communicate with staff

APIs in Healthcare: Transforming Data Sharing, Security, & Compliance

By Mike Cioffi
Feb 05, 2025 5 min read
ViVE logo over scene in Nashville with music stage and crowd

Meet Vorlon at ViVE 2025: Addressing Third-Party Risks in Healthcare IT

By Elias Terman
Jan 30, 2025 4 min read
The Postman Data Leak

The Postman Data Leak - Exposing the Hidden Risks of API Development

By Anil Agrawal
Jan 29, 2025 2 min read

Otelier Breach: When Hotel Management Checks Out

By Jonathan Reshef
Jan 27, 2025 14 min read
Snowflake breach response playbook

Snowflake Breach Response Playbook

By Lauren Lee
Jan 22, 2025 2 min read

The Stiiizy Data Breach: Lessons for Mitigating Third-Party Security Risks

By Lauren Lee
Jan 08, 2025 4 min read
BeyondTrust Breach: Implications for U.S. Treasury and beyond

BeyondTrust Breach: Implications for U.S. Treasury and beyond

By Jonathan Reshef
Nov 18, 2024 7 min read

Vorlon’s Perspective on the Gartner Report: Adapt Your Third-Party API Security to 3 Specific Use Cases

By Elias Terman
Oct 16, 2024 1 min read

Better Together For All Parties: Salt Security and Vorlon

By Mike Cioffi
Oct 09, 2024 3 min read

The API Security Checklist: What to Review Before Integrating a Third-Party API

Oct 04, 2024 2 min read

Internal vs. Third-Party APIs: Who Would Win in a Fight!?

Sep 25, 2024 2 min read

Mean Time To What!?

By Mike Cioffi
Sep 23, 2024 1 min read

Capgemini's Data Disaster: When Hackers Turned Consulting into Chaos

Sep 20, 2024 3 min read

Fortinet Hit by Cyber Attack: Third-Party Breach Affects Asia-Pacific Customers

Sep 18, 2024 1 min read

Avis Car Rental Breach: Looks Like Cars Weren't the Only Thing Avis Was Giving Away

By Jonathan Reshef
Sep 16, 2024 2 min read

Better Together: Vorlon + Tines

By Lauren Lee
Sep 09, 2024 2 min read

Securing More with Less: Navigating Cybersecurity in a Shrinking Budget Era

Sep 04, 2024 1 min read

Dick's Sporting Goods Breach - And How Vorlon Can Help

By Jonathan Reshef
Sep 03, 2024 2 min read

Put the Car in Gear and Shift Correctly: Highlights From SANS DFIR Summit

By Sasiel Saadon
Aug 22, 2024 1 min read

HealthEquity Breach - And How Vorlon Can Help

By Jonathan Reshef
Aug 22, 2024 1 min read

NYTimes Github Breach - And How Vorlon Can Help

By Jonathan Reshef
Aug 22, 2024 1 min read

CDK Global's Breach - And How Vorlon Can Help

By Jonathan Reshef
Aug 21, 2024 1 min read

Under the Hood: Examining Toyota’s Recent Data Breach

By Mike Cioffi
Aug 05, 2024 1 min read

Vorlon v2.0 Summary and Highlights

By Mike Cioffi
Aug 05, 2024 2 min read

Behind the Microphone: Insights from Our CISO Series Podcast Episode

By Mike Cioffi
Jul 31, 2024 2 min read

From Functionality to Fortification: Securing Third-Party Integrations with Vorlon

By Netta Drimer
May 29, 2024 2 min read
Vorlon Bite Sized Breaches Blog Hero

Bitbucket Springs a (Secrets) Leak

By Jonathan Reshef
May 21, 2024 2 min read
Vorlon Logo

PRESS RELEASE: SANS Institute Hails Vorlon as Impressive Solution

By Lauren Lee
May 15, 2024 4 min read
Cyber Punk Merchant Ship

PCI DSS 4.0 and Third-Party Apps in Merchant Business Ecosystems

By Lauren Lee
May 14, 2024 2 min read

Mike Cioffi Joins Vorlon as VP of Customers

By Mike Cioffi
May 08, 2024 2 min read
Vorlon Bite Sized Breaches

UK Ministry of Defence: “Third-Parties Are the Weakest Link, Goodbye”

By Amir Khayat, CEO
May 03, 2024 5 min read
Vorlon Bite Sized Breaches Blog

"I saw the [Dropbox] Sign and it opened up my eyes to continuously monitoring our third-party apps"

By Lauren Lee
May 01, 2024 4 min read

Recommended Permanent(e) Changes for Healthcare Organizations: The Kaiser & Change Healthcare Breaches

By Lauren Lee
Apr 24, 2024 2 min read

More Than Just A Duo When A Third-Party Breach Hits

By Lauren Lee
Apr 18, 2024 3 min read
Spy Kids Vorlon Edition

A Si(xth)Sense For Breaches

By Lauren Lee
Apr 17, 2024 2 min read

Press Release: Vorlon Raises Series A from Accel with $15.7 Million Total in Funding for Proactive Third-Party API Security

By Lauren Lee
Apr 10, 2024 3 min read

Float Like a Butterfly, Sting Like An OWASP

By Lauren Lee
Apr 03, 2024 2 min read

Cracking the Code: Navigating the Aftermath of AT&T's Mega Breach

By Lauren Lee
Mar 28, 2024 3 min read
Blog Hero Amir Khayat on More Than Shifting Left

More Than Shifting Left: Why Relying Solely on Third-Party Vendors to Get It Right Isn’t a Security Solution

By Amir Khayat, CEO
Mar 27, 2024 1 min read
washing machine

Spin Cycle Security: Rotating Credentials

By Lauren Lee
Mar 22, 2024 3 min read

Unwind and Unplug: Relaxing Through the Art of Cybersecurity

By Lauren Lee
Mar 20, 2024 2 min read

The Dawn of Midnight Blizzard

By Lauren Lee
Mar 13, 2024 3 min read

Unpacking the American Express Third-Party Breach

By Lauren Lee
Mar 06, 2024 2 min read

Optum(ize) Your Security!!!

By Lauren Lee
Feb 28, 2024 1 min read

10 Questions to Ask About API Activity

By Lauren Lee
Feb 21, 2024 2 min read

Behind the Breach: Unraveling Bank of America's Third-Party Data Breach

By Lauren Lee
Feb 15, 2024 2 min read

Cloudy With a Chance of Breaches

By Lauren Lee
Feb 12, 2024 5 min read
Vorlon Co-Founders Amir Khayat and Amichay Spivak close seed round with Accel

Early Vorlon Adopters Reduce Time to Detect and Remediate Third-Party Risks to Minutes

By Lauren Lee
Feb 07, 2024 2 min read

You Say Goodbye, and I Say Trello

By Lauren Lee
Jan 31, 2024 2 min read

Coffee at Rest, Coffee in Motion

By Lauren Lee
Jan 24, 2024 2 min read
API Indicators of Compromise

I Scream, You Scream, We All Scream For IOCs

By Lauren Lee
Jan 17, 2024 1 min read

HealthEC's Not-So-EZ Data Breach

By Lauren Lee
Jan 10, 2024 3 min read
Bite Sized Breaches Blog Hero

Xfinity's Infinite Challenge: Citrix Bleed

By Lauren Lee
Jan 03, 2024 1 min read

Lessons Learned:  Navigating the 2023 Data Breach Landscape

By Lauren Lee
Dec 27, 2023 2 min read
Elf on a Shelf Hero Image

Elf On the Shelf Reports All the Breaches

By Lauren Lee
Dec 26, 2023 4 min read
Vorlon 2023 Holiday Gift Blog Hero Image

What Do Third-Party Apps and Holiday Gifts Have in Common?

By Lauren Lee
Dec 13, 2023 1 min read

Jingle Bells, Your API Smells....

By Lauren Lee
Nov 30, 2023 2 min read

Deals for a Dollar! Until a Data Breach Comes to Holler

By Lauren Lee
Nov 22, 2023 2 min read

O Canada: The Great Maple Leaf Cyber Mishap Unfolds

By Lauren Lee
Nov 15, 2023 2 min read

A Hard Pill to Swallow: Truepill's Data Breach

By Lauren Lee
Nov 14, 2023 2 min read

Giving Thanks: Why CISOs Owe a Feast of Gratitude to Their Security Teams

By Lauren Lee
Nov 09, 2023 4 min read

Sumo Logic's Guest List Gets a Surprise: An Uninvited Third-Party Crasher

By Lauren Lee
Nov 08, 2023 4 min read

The Push Notification Heard ‘Round the World: Okta’s Security Breach

By Lauren Lee
Nov 03, 2023 3 min read

Oops, Your Ancestors Have Been Hacked! A Closer Look at the 23andMe Data Breach

By Lauren Lee
Nov 02, 2023 2 min read
Waving Kitten

Bidding Farewell Securely: The Art of Employee Off-Boarding

By Lauren Lee
Oct 06, 2023 2 min read

October is Cybersecurity Awareness Month!

By Lauren Lee
Sep 27, 2023 3 min read

A Short and Sweet Guide to Data Breach Response

By Lauren Lee
Sep 22, 2023 2 min read

Betting Against the House: MGM's Unlucky Cyber Streak

By Lauren Lee
Sep 18, 2023 2 min read

Navigating the Digital Waves Safely: A Guide to Secure Web Surfing

By Lauren Lee
Sep 08, 2023 4 min read

The Alarming Surge in Healthcare Data Breaches: What You Need to Know

By Lauren Lee
Sep 01, 2023 2 min read

Unlocking the Power of Third Party Apps: A Guide to Best Practices and Beyond

By Lauren Lee
Aug 24, 2023 3 min read
Bite Sized Breaches Hero Image

Duolingo, Looks Like You Missed Your API Security Lesson Today!

By Lauren Lee
Aug 21, 2023 3 min read

Emerging Trends in Third-Party Apps

By Lauren Lee
Aug 15, 2023 3 min read

Rhysida Ransomware: A Sinister Crawl from the Undergrowth

By Lauren Lee
Aug 09, 2023 4 min read

Securing Your APIs in the Evolving Landscape of API Traffic

By Lauren Lee
Aug 01, 2023 3 min read

The Rise of Automation: Fueling Increased App-to-App Communication

By Lauren Lee
Jul 24, 2023 3 min read

I'm the Bad AI: The Misuse of Generative AI in Cyber Attacks

By Lauren Lee
Jul 18, 2023 5 min read

Simplifying the National Cybersecurity Strategy Implementation Plan (NCSIP)

By Lauren Lee
Jun 30, 2023 2 min read

Mastering API Token Management: Best Practices for Security and Efficiency

By Lauren Lee
Jun 29, 2023 2 min read

Finding the Balance: The Pros and Cons of Automation

By Lauren Lee
Jun 16, 2023 1 min read

The Risks and Benefits of Using Third-Party Apps in Your Business

By Lauren Lee
Jun 16, 2023 4 min read

Data Breaches Unveiled: Valuable Lessons for a Secure Future

By Lauren Lee
Jun 16, 2023 3 min read

I Like to MoveIt MoveIt

By Lauren Lee

Sign up for industry insights and Vorlon news

Start Here

Product

Company

Let's Connect

soc-type-2aws logo croppedlatio innovators on black2025-CRN-Stellar-StartupsFS-ISAC-Seal_Affiliate_onblack
© 2025 Vorlon Inc. All rights reserved.