MSPs get a faster way to secure SaaS environments

Software-as-a-Service security vendor AppOmni recently launched its Marlin AI autonomous security engine to provide enterprises with new tools to secure their complex, widely used SaaS applications more effectively against malicious attacks.

Marlin AI uses deep application observability to scour SaaS applications for attack indicators and then autonomously responds to protect against threats without human intervention, according to AppOmni.

Fayyaz Rajpari, AppOmni's senior director of partnerships and alliances, told ChannelE2E that Marlin AI was created because enterprises are continuing to experience more security challenges as they increase their use of SaaS applications.

"The use of AI is no longer optional when it comes to SaaS security," said Rajpari. "It is the only way to keep up. That is because each organization now uses 112 SaaS applications on average. Understanding what each SaaS app does, what access each app has, assessing risks, and sifting through vast data to identify security issues is overwhelming, if not impossible, for security teams."

Marlin AI was designed and built to help resolve these complex SaaS uses across enterprises by searching for meaningful context, correlating signals that indicate security issues that must be investigated, and providing guided remediation to make necessary corrections, he said.

Marlin AI is being offered through channel partners, who can participate in providing Marlin AI to enterprise customers through the company's AppOmni Infinity Partner Program.

"AppOmni works with the largest VARs and GSIs, including the Big4 and MSSPs," said Rajpari. "These deeply rooted partnerships allow our partners to provide in-depth SaaS security posture assessments, and managed detection and response for the most critical apps at machine speed with Marlin AI across North America, EMEA, APAC, and Canada."

Marlin AI was designed and built to help resolve these complex SaaS issues across enterprises by searching for meaningful context, correlating signals that indicate security problems that require investigation, and providing guided remediation to help teams make the necessary fixes, he said.

"As a managed security service partner or channel partner, helping customers solve security challenges quickly is paramount," said Rajpari. "Not only does it help expand offerings for our MSSPs, VARs, and GSIs, but we see this becoming essential in today’s threat landscape. Adversaries are using AI. With the release of Marlin AI, our partners can level up and get ahead of the adversaries, saving hours or days, with customers getting immediate value."

Enterprises must be aware of their SaaS security risks: Analyst

Shelly Kramer, principal analyst with Kramer&Co., told ChannelE2E that managing SaaS security is a task that can get left behind by today's enterprises because it can be overwhelming.

"The average enterprise now runs nearly 300 SaaS applications — with shadow IT adding another 30 to 40% on top of that," said Kramer. "Security teams simply cannot manually monitor that many interconnected systems, and attackers know it. This is a challenge that organizations face on a daily basis."

SaaS security incidents have been rising, with three out of four organizations experiencing a SaaS security incident in the past year, said Kramer. "And not-at-all-surprising is that one-third of all data breaches now involve shadow IT," where unauthorized tools are being used.

"With the average cost of a data breach cited as anywhere between some $5 million to $14 million, depending on the source, this is no longer an IT problem; it is a board-level risk," she said.

AppOmni's approach to the security concerns surrounding enterprise SaaS application use makes a good argument for Marlin AI, said Kramer. "It reflects a broader truth: general-purpose AI tools fall in specialized security domains because they lack the context to act on what they find," said Kramer. "I believe that purpose-built, domain-specific AI, trained on deep SaaS telemetry, is where the real enterprise security value will come from."