Nudge Security

Additional features

SaaS Discovery (with invoice analysis and spend data extraction)

Nudge Security automatically identifies all SaaS applications used within your organization, even those adopted without IT approval (shadow IT). It does this by analyzing email traffic, browser activity, and integrating with other platforms. Crucially, it extracts spend data from invoices found in emails, revealing hidden SaaS expenses that might not be tracked in financial systems.

SaaS Spend Management (with cost optimization insights)

Building on SaaS discovery, this feature provides tools to manage and optimize SaaS spending. It offers insights into potential cost savings by identifying redundant apps, inactive accounts, and opportunities for license optimization. It categorizes spend, identifies billing owners, and helps track budgets.

SaaS Security Posture Management (SSPM) for various platforms (Google Workspace, Microsoft 365, Okta, etc.)

SSPM focuses on the security configuration of your SaaS applications. Nudge Security checks for misconfigurations (e.g., weak MFA settings), identity risks (e.g., inactive privileged accounts), and integration vulnerabilities within platforms like Google Workspace, Microsoft 365, Okta, and others. It helps you understand and improve your overall SaaS security posture.

OAuth Risk Management (with risk scoring and filtering)

OAuth grants allow third-party apps to access data within your SaaS platforms. Nudge Security analyzes these grants, assigning risk scores based on the permissions granted, the reputation of the app vendor, and other factors. It allows you to filter and prioritize OAuth grants for review and potential revocation.

App-to-App Integration Visibility

This feature maps out how your SaaS applications connect with each other, including API keys, webhooks, and OAuth. Understanding these integrations is crucial for identifying potential data sharing risks and security vulnerabilities.

Automated Remediation (Nudges and Playbooks, including re-nudging)

Nudge Security automates actions to address security and governance issues. "Nudges" are targeted messages sent to users (e.g., reminding them to enable MFA). "Playbooks" are automated workflows that can take actions like revoking access or creating tickets for security incidents. Re-nudging ensures follow-up with users who haven't responded.

App Directory (for approved apps)

Creates an internal catalog of pre-approved SaaS applications that employees can easily access and request. This helps steer users toward compliant apps and reduces the risk of shadow IT.

AI Usage Dashboard (with AI tool integrations)

Provides visibility into the use of AI tools within the organization, including which tools are being used, how they are being accessed (SSO, OAuth, etc.), and potential risks associated with these tools. It integrates with AI tools to provide deeper insights.

Reporting & Analytics (dashboards and reports on key metrics)

Offers dashboards and reports that track key SaaS security and governance metrics, such as spend, risk levels, and usage trends. These reports are designed to be easily shared with stakeholders.

Integrations (with various SaaS apps and open API)

Nudge Security integrates with many popular SaaS applications (Okta, Google Workspace, Microsoft 365, etc.) to collect data and provide insights. It also offers an open API, allowing you to integrate Nudge Security data into your existing security tools (SIEM, SOAR, ticketing systems).

Alerting & Notifications (customizable rules)

Allows you to set up custom alerts for specific events, such as the discovery of a high-risk app, a policy violation, or suspicious account activity.

User Engagement (nudges for policy compliance and education)

Enables direct communication with users through "nudges" to educate them about security best practices, remind them of policies, and guide them toward compliant behavior.

Account Management (filtering, MFA status)

Provides tools to manage user accounts across your SaaS applications, including filtering accounts by various criteria (e.g., department, MFA status) to identify and address potential issues.

App Management (filtering, approval status, ignoring low-priority apps)

Offers features to manage the SaaS apps themselves, including filtering by various criteria (e.g., number of users, approval status), and the ability to "ignore" low-priority apps to focus on the most critical ones.

Resource Management (identifying and managing resources associated with apps)

Identifies and manages resources (e.g., databases, files) associated with different SaaS applications, providing a more complete view of your SaaS landscape.

Event Logging and Tracking (for app and account activity)

Logs and tracks events related to app and account activity, providing an audit trail for security investigations and compliance purposes.

Search Functionality (enhanced search results)

Allows you to search for apps, accounts, resources, and other data within Nudge Security. Enhanced search features improve the speed and accuracy of finding relevant information.

Navigation Improvements

Enhancements to the user interface to make it easier to navigate between different features and find the information you need.

Security and Compliance Profiles for SaaS Vendors

Provides access to security and compliance information about SaaS vendors, including certifications, security practices, and breach history.

App Health Status Monitoring

Monitors the operational status of SaaS applications, alerting you to outages or performance issues.

Multi-select Filter Options

Allows you to select multiple criteria when filtering data, making it easier to narrow down results and find specific information.

SSO Integration (with Okta)

Enables single sign-on (SSO) with Okta, simplifying user access to Nudge Security and improving security.

API for managing SaaS security and governance

Provides an API that allows you to programmatically access and manage Nudge Security data and functionality, integrating it with other systems.

Customizable Nudges

Allows you to customize the content of nudges to better suit your organization's communication style and specific needs.

Onboarding Enhancements (for SSO and app onboarding)

Provides tools and workflows to streamline the process of onboarding applications to SSO and onboarding new users to SaaS apps.

Spend Dashboard (with cost consolidation insights)

A dedicated dashboard focused on SaaS spending, highlighting opportunities to consolidate costs and reduce redundancy.

Similar App Visualization

Visualizes the usage of similar apps within your organization, making it easier to identify redundant or overlapping applications.

App Usage Visualization by Organizational Unit

Shows how app usage varies across different departments, teams, or other organizational units.

Redundant App Instance Discovery

Identifies multiple instances of the same SaaS application (e.g., different Slack workspaces), allowing you to consolidate and reduce costs.

Improved SaaS Events Record (with resource association)

Enhances the event logs by associating events with specific resources (e.g., files, databases), providing more context for security investigations.

Prioritization of Apps for SSO Onboarding

Helps you prioritize which applications to onboard to SSO based on risk and other factors.

New Security Posture Checks (e.g., for Sharepoint)

Expands the SSPM capabilities to include checks for specific platforms, such as Microsoft SharePoint.

Tines Integration (for Jira ticket creation)

Integrates with the Tines automation platform to automatically create Jira tickets for security findings identified by Nudge Security.

Managing Authorizing User (for integrations)

Allows you to easily manage and update the user account used to authorize Nudge Security integrations with other platforms.

Github, Slack, Zoom, Hubspot, Cisco Meraki, OpenAI, Cloudflare, Fastly Integrations

Specific integrations with these platforms to collect data and provide insights related to security, usage, and configuration.

Alerts for Account and App Activity Based on Vendor Location

Allows you to set up alerts based on the geographic location of the SaaS vendor's headquarters, which can be useful for compliance or risk management purposes.