Enterprise security architecture is undergoing a structural change. For years, cloud security, SaaS security, and identity security were treated as related but separate domains. Security teams built specialized capabilities for each: CNAPP for cloud workloads, SSPM for SaaS configurations, and IAM for user identities.
That separation is becoming increasingly difficult to maintain.
AI adoption, SaaS expansion, and deep cross-application integrations are reshaping how risk develops inside organizations. Exposure is no longer limited to infrastructure or a single application. It now moves across SaaS platforms, integrations, APIs, automation layers, and AI-driven workflows, often at machine speed and without human intervention.
In December 2025, analyst Justin Lam of 451 Research (part of S&P Global Market Intelligence) published a report on Vorlon titled "Vorlon Envisions AI and SaaS Data Security Convergence." In it, Lam noted that "the distinctions between AI, SaaS and data security are converging," and that Vorlon is looking to leverage that convergence to unify how enterprises secure the third-party SaaS and AI tools that now house and move their data.
This shift is less about new categories of attack and more about how enterprise environments now function: interconnected, automated, and integration-driven. The security implications are profound, and the organizations that recognize this shift early will be better positioned to protect their most sensitive data.
Why is enterprise security shifting from application-level to ecosystem-level?
Security programs historically focused on protecting systems individually. The operating model was straightforward:
- Secure the cloud environment with CNAPP and CSPM tools.
- Secure each SaaS platform with configuration management.
- Secure human identities with IAM and privileged access controls.
- Monitor network behavior for anomalies.
This model assumes boundaries between systems remain relatively stable. It assumes data stays where you put it, identities operate within defined scopes, and integrations are limited and well-understood.
Enterprise SaaS stacks do not behave that way anymore. These systems exchange data and permissions continuously, often without direct human oversight. Risk increasingly emerges from the relationships between systems, not only from weaknesses inside them.
A properly configured Salesforce instance can still be compromised if a connected third-party app with broad OAuth permissions is breached. A secure cloud workload can still leak data if an AI agent with cross-platform access behaves unexpectedly. The 2025 Salesforce-focused attacks proved this pattern repeatedly.
Analyst research from both 451 Research and Gartner now emphasizes this broader exposure model. According to Gartner®, “Treat SaaS as a mesh, not as siloed applications.”1 SaaS and AI create interconnected risk paths that traditional control layers were not designed to map.
Key themes from 451 Research: The shift toward ecosystem-level security
451 Research’s analysis of the SaaS and AI security landscape points toward several consistent themes shaping enterprise risk. These reflect a structural shift in how security teams must evaluate their environments.
1. Security visibility is shifting outward, from infrastructure to ecosystems
For the past decade, security visibility investments focused on infrastructure such as cloud workloads, network traffic, endpoint telemetry. These remain critical, but they no longer tell the complete story.
Risk increasingly forms through SaaS-to-SaaS connections, integrations, and automation chains that operate above the infrastructure layer. An OAuth token connecting Salesforce to a marketing automation platform doesn't appear in cloud logs, but it can move millions of customer records. Security visibility must expand to match where risk actually forms: at the ecosystem level, where applications, identities, and data flows intersect.
2. Third- and fourth-party exposure is expanding rapidly
Marketplace apps, connectors, and embedded services often receive direct system permissions through APIs and OAuth grants. These third-party connections are essential for business operations, but they also create exposure that extends far beyond the primary vendor relationship. According to the Verizon 2025 Data Breach Investigations Report, third-party involvement in breaches doubled year over year, rising from 15% to 30%.
This is what happened in the 2025 Salesforce-focused attacks. The ShinyHunters campaign used vishing to trick employees into authorizing malicious OAuth applications that impersonated trusted Salesforce tools. Those OAuth apps then had full query rights to customer databases and were used to exfiltrate data from over 100 organizations. The Salesloft/Drift breach exploited stolen OAuth tokens from a public GitHub repository, giving attackers access to over 700 organizations in ten days. Neither attack exploited a vulnerability in Salesforce itself. Both targeted the integration layer.
3. AI adoption accelerates integration-driven risk
AI tools depend heavily on cross-platform access and automated data movement. An AI copilot that summarizes customer interactions needs access to CRM data, email, calendar, and potentially financial systems. An AI agent that automates workflows may need write access to multiple platforms simultaneously.
This creates a new category of non-human identities that operate continuously, often with broader permissions than any individual human user. According to Gartner, "By 2027, over 50% of major SaaS-related breaches will exploit overprivileged OAuth tokens used by M2M integrations.”1
As 451 Research separately noted, “GenAI architectures and agentic approaches will likely transform existing SaaS vendors to become service-as-software vendors,” and “authentication of the agents and the tracking of their invoked activities also remain to be seen.”
4. Configuration posture alone is no longer sufficient
Understanding how integrations and identities behave over time is becoming as important as how they are configured. According to Gartner®, “Traditional cybersecurity tools are blind to runtime API behavior and token misuse.”1 A SaaS Security Posture Management (SSPM) tool can identify that an OAuth app has broad permissions. It struggles to determine whether that app is using those permissions appropriately, whether its behavior has changed, or whether it is accessing data outside normal patterns.
Taken together, these themes signal a move toward ecosystem-level security visibility, not just platform-level controls.
“Security has never been a solitary effort. Enterprises now operate inside a converged SaaS and AI ecosystem, one unified attack surface. If you treat SaaS and AI separately, you’re already behind.”
How does AI adoption change the SaaS risk equation?
AI adoption doesn't create entirely new risk categories, it amplifies existing SaaS risk patterns by increasing scale, speed, and automation depth. Three shifts are especially important for security teams to understand:
Non-human identities are multiplying
AI agents, service accounts, and automation tools now perform tasks across multiple SaaS platforms that previously required human action. These identities often hold persistent, broad permissions and operate continuously. According to analysis cited in Vorlon’s Gartner SaaS ecosystem research, 77% of identities in modern enterprises are non-human: service accounts, API keys, OAuth tokens, bots, and AI agents. Traditional IAM was designed around human users with predictable access patterns. It does not govern identities that never sleep and can execute thousands of API calls per minute.
Cross-system data movement is increasing
AI workflows regularly access and transfer data across CRM, collaboration, ticketing, document, and messaging systems. A single AI-powered workflow might pull customer data from Salesforce, analyze sentiment from Zendesk tickets, correlate with financial data from NetSuite, generate insights in a Google Doc, and share results via Slack. Each step represents a data movement that traditional security tools were not designed to track. The data moves through authorized APIs using valid tokens, but the aggregate behavior may represent significant data exposure.
Permission chains are getting longer
AI solutions frequently rely on layered integrations. The AI platform connects to your SaaS apps. That platform uses third-party models and APIs. Those models may call additional services. Data may be cached, processed, or stored at multiple points. The resulting exposure is often permission-based and legitimate in appearance, which makes misuse harder to detect with traditional controls.
Why does strong cloud security still leave gaps in SaaS?
Cloud security platforms provide strong coverage for infrastructure risk, workload exposure, and configuration issues. Tools like Wiz, Orca Security, Upwind, Prisma Cloud, and others have transformed how security teams understand their cloud environments. They are highly effective within their intended domain.
However, SaaS and AI ecosystem behavior frequently occurs outside infrastructure telemetry.
Consider these common scenarios that cloud security tools struggle to see:
- OAuth token misuse: A compromised OAuth token accessing Salesforce data doesn't generate cloud infrastructure alerts.
- SaaS-to-SaaS data transfers: Data moving from HubSpot to a third-party analytics tool occurs entirely in the SaaS layer.
- Marketplace app over-permissioning: An AppExchange app with excessive Salesforce permissions operates outside cloud visibility.
- AI agent cross-platform access: An AI copilot accessing multiple SaaS platforms doesn't appear in cloud workload logs.
- Integration abuse: Legitimate-looking API calls through authorized integrations that actually represent data exfiltration.
These events may not appear in cloud logs because they occur at the SaaS relationship layer rather than the infrastructure layer. This explains why organizations with mature cloud security programs can still experience SaaS-origin incidents, and often discover them only after significant damage has occurred.
What does the shift from SaaS posture to behavioral monitoring look like?
Early SaaS security efforts focused on posture, ensuring that SaaS applications were configured according to security best practices:
- Configuration settings aligned with security benchmarks
- Policy enforcement for data sharing and access
- Administrative controls properly configured
That foundation remains important. Misconfigurations continue to cause breaches, and maintaining proper posture is essential hygiene.
But analyst direction increasingly points beyond posture toward behavior.
Behavioral visibility includes:
- Integration activity: How are connected apps actually using their permissions?
- Token usage patterns: Are OAuth tokens being used in expected ways, or showing anomalous behavior?
- Cross-app data flows: Where is sensitive data actually moving across the ecosystem?
- Non-human identity behavior: What are service accounts, bots, and AI agents actually doing?
- Permission usage over time: Are granted permissions being exercised appropriately, or sitting dormant as potential risk?
The key insight: Posture shows how systems are set up. Behavior shows how access is actually exercised. Many modern SaaS incidents are visible only at the behavioral layer, they exploit legitimate configurations through abnormal usage patterns.
How does Vorlon address ecosystem-level SaaS risk?
The direction highlighted in analyst coverage, toward ecosystem-level SaaS visibility and integration-aware security, reflects a broader market movement. According to Gartner®, “Cybersecurity leaders must discover, monitor, and govern machine-to-machine SaaS interactions to reduce risk and ensure secure, scalable business operations.”1
Vorlon’s approach aligns with this shift by focusing specifically on the integration layer that traditional tools miss.
Ecosystem-wide data flow visibility
Vorlon’s patented DataMatrix™ technology creates a live model of the enterprise SaaS and AI ecosystem, revealing how sensitive data actually moves across sanctioned and shadow SaaS applications, AI tools and agents, third-party integrations and connectors, and OAuth, API, and MCP server connections.
This answers the question security teams struggle with most: when a vendor breach occurs, which data is affected and how far can it spread?
Behavioral threat detection with data-layer context
Rather than alerting only on configuration drift, Vorlon detects anomalous access patterns, unsafe data sharing, suspicious API activity, runtime API abuse, and token misuse. It then immediately shows which specific sensitive data categories are at risk. Vorlon uses User and Entity Behavior Analytics (UEBA) to baseline normal activity and detect deviations before they become incidents.
SaaS and AI supply chain security
Vorlon maps third-party applications and services connected through OAuth, APIs, and integrations, showing which vendors can access sensitive data, how those connections behave over time, and when integrations exhibit suspicious activity or drift from approved access patterns. This transforms third-party application risk from periodic questionnaire exercises to continuous behavioral monitoring.
The future of enterprise security
Enterprise environments are becoming more interconnected and automation-driven. Analyst research increasingly reflects that SaaS and AI risk cannot be evaluated in isolation or controlled through configuration checks alone.
Security visibility is expanding from systems to ecosystems. Organizations adapting to that model are building visibility across integrations, identities, and cross-application behavior, where modern SaaS risk increasingly forms.
The question is no longer whether to address ecosystem-level risk, but how quickly security programs can evolve to match how modern enterprises actually operate.
As CEO Amir Khayat puts it: "OAuth tokens are the new passwords. SaaS-to-SaaS connections are the new attack surface."
1Gartner, Mitigate Risks in SaaS-to-SaaS and Machine-to-Machine Connections, 4 December 2025. GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.
