As the reliance on Software-as-a-Service (SaaS) applications continues to expand, predictions from cybersecurity experts at AppOmni underscore the challenges that businesses may face in the upcoming years. These challenges primarily stem from the rapid evolution of technology, particularly artificial intelligence (AI), which is anticipated to provide threat actors with new opportunities to exploit SaaS vulnerabilities.
Justin Blackburn, Senior Cloud Threat Detection Engineer at AppOmni, outlined that advancements in AI will be a significant vector for attack, facilitating more sophisticated exploitation of SaaS applications. "AI will enable threat actors to more easily uncover SaaS vulnerabilities and misconfigurations, bypass traditional security measures, and craft more convincing phishing campaigns," stated Blackburn. This shift in techniques points to a broader trend where less skilled attackers can gain access to sophisticated strike capabilities due to the accessibility of AI tools.
The implications of AI's integration into cyber threats were further elaborated by Blackburn, who noted that the swift evolution of these technologies lowers the barrier for entry, leading to an increase in the frequency and scale of attacks. With the emergence of AI-powered bots, even less capable adversaries could orchestrate vast attacks with minimal effort, suggesting a fundamental shift in the landscape of cybersecurity risks that companies need to address.
Martin Vigo, Lead Offensive Security Engineer at AppOmni, projected that automation-driven perimeter breaches will become increasingly common by 2025. He identified tactics such as large-scale reconnaissance, password spraying, and the automation of phishing attacks as key strategies that adversaries might employ. Given the vulnerability of SaaS platforms, the potential repercussions of security breaches are expected to escalate, emphasising the urgency for organisations to enhance their security postures.
Echoing these concerns, Aaron Costello, Chief of SaaS Security Research at AppOmni, pointed to the rising threat of supply-chain attacks facilitated by compromised third-party applications. As a direct result of growing awareness about these risks, enterprises are now scrutinising the integrations and access levels requested by external applications much more diligently.
Costello's research also highlighted a troubling trend where threat actors can access sensitive data without requiring an initial foothold within a system. "The combination of undocumented legacy API endpoints, over-privileged public access, and gaps in vendor logging capabilities will continue to provide a dangerously effective option for threat actors to execute hit-and-run style attacks in the future," he noted. This observation signals a need for organisations to refine their monitoring and logging practices to counter emerging threats.
Brian Soby, Chief Technology Officer and Co-founder of AppOmni, addressed the issues surrounding SaaS 'bypass' breaches that disrupted operations in 2024. These breaches often bypass crucial identity and access management (IAM) systems and zero trust (ZT) controls, highlighting vulnerabilities within tightly interconnected systems. Soby suggested that 2025 will see increased recognition of the necessity for comprehensive end-to-end controls that encompass ZT, identity management, SaaS posture, and threat detection and response capabilities.
In summary, as companies navigate the landscape of AI-driven threats and automated attacks, the future of SaaS security will hinge on the implementation of strong access controls and enhanced detection mechanisms. Organisations are urged to proactively adapt their security measures in order to effectively mitigate the risks posed by these emerging trends.
Source: Noah Wire Services