Obsidian: Protecting Applications that People Rely On

Hasan Imam


“Our data models provide high-priority threat alerts in real time. Your security teams can leverage the data in our platform to react immediately to potential breaches and insider threats, thereby mitigating data exfiltration and reducing impact on your business”

From productivity suites and communication tools to HR systems and identity providers, organizations around the world entrust more data than ever before to their SaaS applications. Obsidian creates a comprehensive and contextual understanding of these complex, interconnected applications to make them safer and more secure. The company helps to mitigate threats and minimize risk across most important applications. Obsidian is the only comprehensive platform for SaaS security.

Threat management is the process of continuous application independently and together to detect, manage, and respond to suspicious activity. Through the use of machine learning, security teams are able to identify external and internal threats across applications before data can be exfiltrated. The combination of continuous threat detection and SSPM provide truly comprehensive SaaS security coverage, monitoring the holistic elements of each SaaS. Obsidian delivers real-time threat detection across connected SaaS applications, enabling businesses to quickly identify and respond early in the compromise kill chain.

Even with existing security solutions, security teams have limited visibility into their application environment and may not detect a breach until sensitive data is already lost. Obsidian creates a baseline of user behavior across applications to quickly identify anomalies and helps mitigate attacks before exfiltration.SaaS applications remain vulnerable to account compromise because existing solutions are focused on inspecting inbound and outbound traffic. Even the effective combination of single sign-on and multi-factor authentication leaves open to breach. Obsidian analyzes user data within applications to detect anomalous activity against baseline behavior. The company can identify attackers during reconnaissance, before they have a chance to establish persistence or exfiltrate data.

In the world of interconnected SaaS, a breach in one application can give attackers unfettered access to sensitive data in another. Obsidian maps a user’s activity in core SaaS applications to a unified activity timeline for full visibility from a single place. In cases of potential account compromise, this is invaluable to security teams as they look to ascertain the exact scope of an attack.

While authentication solutions provide an initial barrier to entry for attackers, security teams need to respond immediately when they suspect a malicious individual has managed to gain access to their environment. Obsidian’s prompt alerts and contextual intel saves the time of gathering info and enables rapid threat containment.

When monitoring for potential threats or investigating risky behavior, security teams need full visibility into a user’s activity across SaaS applications to stop malicious activity early on. Obsidian delivers real-time information on cross-application activity correlated to key security indicators, giving security teams the information they need to act quickly and confidently.

Threat defense is predicated on having continuous, consolidated visibility of user access, privilege, and activity across SaaS core applications. “Our data models provide high-priority threat alerts in real time. Your security teams can leverage the data in our platform to react immediately to potential breaches and insider threats, thereby mitigating data exfiltration and reducing impact on your business.” Because Obsidian monitors and contextualizes activity across the core SaaS apps, businesses’ security teams are able to rapidly understand the scope of a potential breach. Knowing impacted users, their privileged roles, and their access to sensitive files helps security team to move quickly to contain a threat and minimize its blast radius.Obsidian comes with a wide variety of out-of-the-box detections for account compromises and insider threats, but your organization may have specific security requirements to consider. “Our custom alerts facilitate compliance obligations, providing the flexibility to address specific organizational risks while saving time by never needing to manually search for the same thing twice.”

Workday holds some of the most sensitive employee and financial data, yet security teams typically lack the visibility and control necessary to protect such an important system. Obsidian delivers the insights needed to reduce enterprise risk and mitigate threats in Workday with confidence.As a business-critical human resources and financial management platform, Workday holds a significant amount of an organization’s highly privileged information. Security teams are expected to safeguard the system and data, however Workday is often a black box to those trying to protect it. In order to stop external and internal threats without disrupting use of the platform, access to the environment is essential.

Today, Obsidian is bringing together leaders from world-class cybersecurity and enterprise software companies to deliver the first truly comprehensive SaaS security platform.