SAN FRANCISCO-(WIRE OF BUSINESS)-AppOmni, the leading SaaS Security provider, discovered a common misconfiguration of the ServiceNow Access Control List (ACL) in nearly 70% of the ServiceNow instances tested by AppOmni research. This security issue is defined as an “incorrect configuration” resulting from a combination of customer -managed ServiceNow ACL configurations and excessive granting of permissions to guest users.
These types of misconfigurations are common on major SaaS platforms because of the complexity that inevitably comes with the high level of functionality, flexibility, and extensibility of SaaS. Incorrect configurations can occur during the initial stages of implementation of a SaaS platform, when users or settings change, or as part of the regular rhythm of SaaS updates that can affect current configurations. To help organizations quickly detect and take action to correct this incorrect configuration, AppOmni developed SaaS Security Analyzer, a free web application that will determine if a particular instance of ServiceNow has this incorrect ACL configuration. .
“Securing SaaS is more complex than just checking a few settings or enabling strong authentication for users,” said Brendan O’Connor, CEO and co-founder of AppOmni. “SaaS platforms have become business operating systems because they are very flexible and powerful. There are many valid reasons for workloads and applications running on a SaaS platform to interact externally, such as joining emails and text messages or host a support portal for your customers.SaS adoption increased during the pandemic.Unfortunately, investments in people, processes, and technology to be able to secure and monitor SaaS is not forthcoming. In the AppOmni experience, significant data exposures like this are more common than customers realize. ”
Organizations have long used Role-Based Access Control (RBAC) to provide permissions for users to access resources on a SaaS platform. An important aspect of RBAC is the ability to allow public access to information within your “database,” which can be a forum, online store, customer support site, or knowledge base. The challenge is ensuring the right level of access when organizations update or customize SaaS applications or onboard new users.
AppOmni Offensive Security Researcher Aaron Costello discovered the external interfaces of ServiceNow exposed to the public that could be used by a malicious actor to extract data from records. Analysis of ServiceNow instances showed that nearly 70% of those reviewed by AO Labs release sensitive information, including Personal Identifiable Information (PII), to unauthenticated users. More information, including remediation measures, will be available in a new AO Labs Technical Paper.
“The AO Labs team is committed to helping organizations build and maintain secure SaaS environments,” said Brian Soby, CTO and co-founder of AppOmni. “The high level of flexibility in modern SaaS platforms has made misconfiguration one of the biggest security risks currently facing businesses. Our goal is to shed light on common misconfigurations and other potential risks in SaaS platforms to ensure users that their posture and system configuration match their business goal.We encourage all ServiceNow users to take advantage of SaaS Security Analyzer and learn more about how it can impact they have this wrong configuration. ”
Request a free, confidential analysis of your ServiceNow instance with SaaS Security Analyzer.
About AppOmni
AppOmni is the leading provider of SaaS Security Management. AppOmni provides unprecedented data access visibility, management, and security SaaS solutions, enabling organizations to secure mission-critical and sensitive data. AppOmni’s patent-pending technology deeply examines APIs, security controls, and configuration settings to evaluate the current state of SaaS deployments and compare them to best practices and business objectives. With AppOmni, organizations can establish rules for data access, data sharing, and third-party applications that are continuously and automatically authenticated. The company’s leadership team brings expertise and innovation from leading SaaS providers, high tech companies, and cybersecurity vendors. Supported by Salesforce Ventures, ServiceNow Ventures, Scale Venture Partners and more, AppOmni has been named a 2021 SINET16 Innovator and one of Dark Reading’s “11 Cybersecurity Vendors to Watch in 2021”. For more information, please visit www.appomni.com.