Axonius’s New Behavioral Analytics


Axonius today announced the release of two new capabilities within Axonius SaaS Management.

Behavioral Analytics and SaaS App-to-Device Correlation allow IT and security teams to gain added visibility and context into the users and devices accessing SaaS applications, and whether suspicious activity is occurring for critical SaaS apps.

SaaS continues to represent an ever-expanding component of an organisation’s attack surface. Not only does the increase in adoption of SaaS applications change IT and security operations, it also adds new role and skill expectations for IT and security team members – like using already scarce resources to track organisation SaaS app utilisation and identify misconfigured SaaS settings potentially exposing sensitive data. All of this adds to more complexity and can have a profound impact on an organisation’s security posture.

“A lot of sensitive data is stored in and shared between SaaS applications, and oftentimes, it’s very difficult to understand which users and devices have access to those applications,” said Amir Ofek, CEO of AxoniusX, the innovation unit of Axonius. “For IT and security teams tasked with protecting their organisation’s entire SaaS app stack, they need the right information to help them better understand the who, the what, and the how of SaaS app usage. These new capabilities within our SaaS management solution will bring necessary context to the questions surrounding SaaS security.”

SaaS App-to-Device Correlation

SaaS App-to-Device Correlation helps understand if unmanaged and unauthorised devices are being used to access various SaaS apps. Organisations will now have visibility into unmanaged or unauthorised devices accessing SaaS apps, and be able to decrease the risk of data loss.

“SaaS App-to-Device correlation ultimately helps organisations contextualise their SaaS application data,” continued Ofek. “Using both Axonius Cybersecurity Asset Management and SaaS Management products, organisations gain a more complete view of their device security posture than they might receive with standalone integrations. No other solution on the market today can offer this much comprehensive and rich data.”

Behavioural Analytics

Over the past year, we’ve seen an increase in data breaches originating from SaaS applications. For example, the Okta breach in early 2022 demonstrated how one compromised SaaS application can often have a domino effect throughout an entire organisation.

By adding Behavioral Analytics capabilities within Axonius SaaS Management, organisations will gain visibility into user behaviour within SaaS applications over time – and be able to detect any anomalies or suspicious activity that could pose organisational risk. The solution aggregates log data across various sources, including Okta, Microsoft Azure AD, and Google Workspace, to identify suspicious activity, events, and complex behavioural patterns. As a result, Axonius helps facilitate in-depth investigations by the incident response and SOC teams within the organisation.

Beyond identifying suspicious behaviour, the behavioural analytics capability can help organisations investigate temporary privileges granted for existing users, identify anomalous login activities that deviate from the user’s normal activity and other baselines, minimise data theft or leakage of confidential data, and more.

“These latest developments and the integration of the Axonius Cybersecurity Asset Management and SaaS Management products ensure comprehensive visibility and further correlation across SaaS applications, devices, cloud services, and users in an organisation’s environment, streamlining efforts to reduce the attack surface amidst an increasingly complex cyber landscape,” said Ofek.