Nudge Security

Nudge Security automatically identifies all SaaS applications used within your organization, even those adopted without IT approval (shadow IT). It does this by analyzing email traffic, browser activity, and integrating with other platforms. Crucially, it extracts spend data from invoices found in emails, revealing hidden SaaS expenses that might not be tracked in financial systems.

Building on SaaS discovery, this feature provides tools to manage and optimize SaaS spending. It offers insights into potential cost savings by identifying redundant apps, inactive accounts, and opportunities for license optimization. It categorizes spend, identifies billing owners, and helps track budgets.

SSPM focuses on the security configuration of your SaaS applications. Nudge Security checks for misconfigurations (e.g., weak MFA settings), identity risks (e.g., inactive privileged accounts), and integration vulnerabilities within platforms like Google Workspace, Microsoft 365, Okta, and others. It helps you understand and improve your overall SaaS security posture.

OAuth grants allow third-party apps to access data within your SaaS platforms. Nudge Security analyzes these grants, assigning risk scores based on the permissions granted, the reputation of the app vendor, and other factors. It allows you to filter and prioritize OAuth grants for review and potential revocation.

This feature maps out how your SaaS applications connect with each other, including API keys, webhooks, and OAuth. Understanding these integrations is crucial for identifying potential data sharing risks and security vulnerabilities.

Nudge Security automates actions to address security and governance issues. "Nudges" are targeted messages sent to users (e.g., reminding them to enable MFA). "Playbooks" are automated workflows that can take actions like revoking access or creating tickets for security incidents. Re-nudging ensures follow-up with users who haven't responded.

Creates an internal catalog of pre-approved SaaS applications that employees can easily access and request. This helps steer users toward compliant apps and reduces the risk of shadow IT.

Provides visibility into the use of AI tools within the organization, including which tools are being used, how they are being accessed (SSO, OAuth, etc.), and potential risks associated with these tools. It integrates with AI tools to provide deeper insights.

Offers dashboards and reports that track key SaaS security and governance metrics, such as spend, risk levels, and usage trends. These reports are designed to be easily shared with stakeholders.

Nudge Security integrates with many popular SaaS applications (Okta, Google Workspace, Microsoft 365, etc.) to collect data and provide insights. It also offers an open API, allowing you to integrate Nudge Security data into your existing security tools (SIEM, SOAR, ticketing systems).

Allows you to set up custom alerts for specific events, such as the discovery of a high-risk app, a policy violation, or suspicious account activity.

Enables direct communication with users through "nudges" to educate them about security best practices, remind them of policies, and guide them toward compliant behavior.

Provides tools to manage user accounts across your SaaS applications, including filtering accounts by various criteria (e.g., department, MFA status) to identify and address potential issues.

Offers features to manage the SaaS apps themselves, including filtering by various criteria (e.g., number of users, approval status), and the ability to "ignore" low-priority apps to focus on the most critical ones.

Identifies and manages resources (e.g., databases, files) associated with different SaaS applications, providing a more complete view of your SaaS landscape.

Logs and tracks events related to app and account activity, providing an audit trail for security investigations and compliance purposes.

Allows you to search for apps, accounts, resources, and other data within Nudge Security. Enhanced search features improve the speed and accuracy of finding relevant information.

Enhancements to the user interface to make it easier to navigate between different features and find the information you need.

Provides access to security and compliance information about SaaS vendors, including certifications, security practices, and breach history.

Monitors the operational status of SaaS applications, alerting you to outages or performance issues.

Allows you to select multiple criteria when filtering data, making it easier to narrow down results and find specific information.

Enables single sign-on (SSO) with Okta, simplifying user access to Nudge Security and improving security.

Provides an API that allows you to programmatically access and manage Nudge Security data and functionality, integrating it with other systems.

Allows you to customize the content of nudges to better suit your organization's communication style and specific needs.

Provides tools and workflows to streamline the process of onboarding applications to SSO and onboarding new users to SaaS apps.

A dedicated dashboard focused on SaaS spending, highlighting opportunities to consolidate costs and reduce redundancy.

Visualizes the usage of similar apps within your organization, making it easier to identify redundant or overlapping applications.

Shows how app usage varies across different departments, teams, or other organizational units.

Identifies multiple instances of the same SaaS application (e.g., different Slack workspaces), allowing you to consolidate and reduce costs.

Enhances the event logs by associating events with specific resources (e.g., files, databases), providing more context for security investigations.

Helps you prioritize which applications to onboard to SSO based on risk and other factors.

Expands the SSPM capabilities to include checks for specific platforms, such as Microsoft SharePoint.

Integrates with the Tines automation platform to automatically create Jira tickets for security findings identified by Nudge Security.

Allows you to easily manage and update the user account used to authorize Nudge Security integrations with other platforms.

Specific integrations with these platforms to collect data and provide insights related to security, usage, and configuration.

Allows you to set up alerts based on the geographic location of the SaaS vendor's headquarters, which can be useful for compliance or risk management purposes.