In this episode of Resilient Cyber, I sit down with SaaS Security leader AppOmni's VP of Information Security, Cory Michal, to discuss the State of SaaS and Software Supply Chain Security.
This comes on the heels of the Salesloft/Salesforce SaaS supply chain attacks and AppOmni's recent State of SaaS Security 2025 Report.
Prefer to Listen? Spotify & Apple Podcasts
Interested in sponsoring an issue of Resilient Cyber?
This includes reaching over 45,000 subscribers, ranging from Developers, Engineers, Architects, CISO’s/Security Leaders and Business Executives
Reach out below!
Cory and I discussed:
The recent Salesloft Drift/Salesforce incident that impacted 700~ organizations and involved compromised OAuth tokens
Challenges involving OAuth in SaaS environments, such as over-permissive access, limited monitoring and unsecured storage of secrets
The broader rising trend of SaaS supply chain attacks
The false sense of security organizations have when it comes to compliance of SaaS vendors, and the unaccounted for risks associated with integrations, credentials, configurations, data and more
AppOmni’s State of SaaS Security Report and key takeaways
The rise of Non-Human Identities (NHI)’s and Agentic AI and its implications for SaaS access control and incidents
The lack of widespread SSPM adoption and the oversights and gaps that leaves for organizations when it comes to SaaS security
