SaaS Security The Third-Party Breach List Keeps Growing. Vimeo is the latest to join. Vimeo was breached through Anodot, a third-party analytics tool. So was Rockstar Games. Same vendor, same month. This is no longer a pattern. It's the playbook.
Shadow AI Featured How One AI Tool Brought Down Vercel's Security An AI tool with OAuth access. A trusted session. No alerts. The Vercel breach shows how Shadow AI is becoming the easiest way in.
Third-party Featured Rockstar Breach Explained: 78.6 Million Records. Zero Alarms. One Unmonitored Vendor. Rockstar wasn’t breached through their own systems. Attackers compromised a vendor, used legitimate access into Snowflake, and walked away with 78.6 million records, without triggering a single alert.
Third-party Featured The Side Door Problem: What the HackerOne Breach Tells Us About Third-Party Risk HackerOne wasn’t breached directly. A supplier was. One vulnerability exposed millions across multiple organisations. This is how modern attacks really happen, and why most companies still don’t see the risk.
Cybersecurity The Crunchyroll Breach Explained: How a Vendor Login Exposed 6.8M Users Attackers didn’t breach Crunchyroll’s systems, they logged in through a compromised vendor account. The incident highlights a growing risk: third-party access across SaaS environments.
SaaS Security Lazarus Ransomware Attacks in the Middle East: What It Means A recent campaign linked to North Korea’s Lazarus Group targeted organizations in the Middle East using Medusa ransomware. The attack highlights how modern ransomware operations work—and why identity and SaaS visibility are becoming critical for security teams.
SaaS Security The Vendor You Trusted Just Exposed 25 Million People A breach at Conduent exposed the data of 25 million Americans after attackers remained inside the vendor’s systems for three months.
SaaS Security Thought you weren’t a target? ShadyPanda has been watching you for 7 years. For nearly a decade, a malicious Chrome extension quietly collected session cookies and authenticated access from real users inside real companies. The story behind ShadyPanda highlights a growing blind spot in modern security: what happens inside authenticated SaaS sessions.
Shadow IT Your AI Tools Have More Access Than You Think. AI tools are spreading across organizations faster than most security teams can track. Each OAuth login or SaaS integration can quietly create persistent access to company data, often without centralized visibility.
SaaS Security Featured Why Microsoft Security Gives You Confidence, But Not the Full Story Microsoft gives strong identity visibility, but only inside Microsoft. This explains where today’s SaaS attacks actually start.
Cybersecurity Featured Nissan Data Breach: What Really Happened In December, Nissan lost customer data — even though its own systems weren’t hacked. The problem came from an external platform with standing access. Read how this happened, why it keeps repeating, and what security teams should change.
SaaS Security Your Organisation Runs on More Than Google. Your Security Should Too Google-native companies tend to move quickly. Their teams adopt new tools early, automate workflows efficiently, and rely on the browser as the central work environment. This speed is rarely a “security issue”; it’s a modern pattern that emerges naturally when companies build on a flexible, cloud-first platform like Google
Roundtables Cybersecurity in the Boardroom: Key Insights from the FrontierZero CISO Roundtable Our closed-door CISO roundtable in Dubai highlighted a major shift: the perimeter is gone, and real-time identity behavior now defines effective security.
SaaS Security What Is Context-Based Security (and Why the Old Way Doesn’t Work Anymore) Most breaches slip through not for lack of alerts, but for lack of context. Context-based security brings clarity to chaos — helping teams focus on what’s real.
Cybersecurity Featured One Contractor, Global Consequences: How Identity Risk Crippled Jaguar Land Rover Jaguar Land Rover lost millions when one contractor account went unchecked. This wasn’t a system failure; it was a visibility failure. Here’s what every CISO can learn about identity risk and supply chain trust.
SaaS Security Featured SaaS Shared Responsibility: What Security Leaders Must Know SaaS providers secure the platform. You’re responsible for everything inside it: users, vendors, permissions, and risk. This blog breaks down where responsibility lies, what’s commonly missed, and how CISOs can prevent the most common SaaS breaches.
SaaS Security Privilege Creep: The Hidden Backdoor Hackers Exploit in Your SaaS Environment Privilege creep happens when users accumulate admin access over time. In SaaS environments, this creates invisible risk: inactive accounts, missing MFA, and external admins hackers love to exploit. Here's how to find and fix it before it’s too late.
Shadow IT The Top 5 Departments Most Likely to Use Shadow IT Discover the 5 departments most likely to introduce it into your SaaS environment.
Boardroom Middle East Boardroom Brief: 5 Critical Data Breach Takeaways Insights from the 2025 IBM Cost of a Data Breach Report
SaaS Security Top 5 Takeaways for CISOs from the 2025 IBM Cost of a Data Breach Report The latest IBM Cost of a Data Breach Report just dropped—and while headlines focus on global averages, the real insights for CISOs lie deeper. From regional cost surges to the hidden price of Shadow AI, here are five takeaways you can use to protect your organization in 2026 and beyond.
MFA Why MFA is a Boardroom Issue, Not an IT One. MFA gaps aren’t just an IT problem—they’re a boardroom risk. Learn how to spot exposed users, admins, and apps in minutes, not months.
SSPM What is SSPM and why it’s essential in 2026. SaaS tools are the new business layer, but they’ve created a visibility gap security teams can’t ignore. This guide explains what SSPM is, why it matters, and how FrontierZero brings identity and context together to reduce risk where it matters most.
SaaS Security How Many Users in Your SaaS Stack Don’t Actually Work There? Orphaned SaaS accounts are the invisible risk lurking in every organization. Learn how ex-employees, contractors, and automations keep access long after offboarding — and why modern security teams are shifting to identity + context to shut it down.
ITDR What Is ITDR, and Why It’s Essential for Securing SaaS in 2025 SaaS has changed the identity perimeter. In this guide, we break down what ITDR means, why legacy tools miss SaaS threats, and how to catch ghost access.
SaaS Security The Security Perimeter Is Gone, And That Changes Everything About How You Defend Your Business SaaS sprawl, shadow IT, and unmanaged OAuth connections have made the old perimeter obsolete. Here’s what security teams must do to adapt—and how leading CISOs are solving it.
