Obsidian Security Enriches Continuous, Robust SaaS Security with Latest Solutions

Obsidian Security, the SaaS security provider, is releasing its latest suite of SaaS security solutions designed to address a widening gap in appropriately securing SaaS applications while managing its security posture configuration, according to the company. The solutions—Obsidian Compliance Posture Management, Obsidian Integration Risk Management, and Obsidian Extend—drive comprehensive risk management for SaaS applications, enabling security and GRC teams to have confidence in their applications without draining time and finances.

Sensitive data breaches have become an increasingly public affair for small and large enterprises alike; Obsidian’s latest suite of deeply integrated solutions work to centralize security policies for security and GRC teams while providing consistent compliance, as well as automated remediation and monitoring of security risk, increasing brand trust for any organization facing internal and external threats.

Obsidian Compliance Posture Management maps intricate frameworks to individually manageable SaaS controls, allowing organizations to comprehensively measure and maintain compliance across SaaS environments, according to the company.

As more sensitive data begins to reside in SaaS applications, meeting internal security policies and third-party standards—including SOC 2, NIST 800-53, ISO 27001, CCA, and more—is critical. By leveraging Obsidian Compliance Posture Management, compliance can be met and measured with confidence while reducing configuration time, cost, and complexity associated with SaaS compliance.

“Obsidian comes in and understands how to appropriately configure the SaaS application; it understands how to secure it in the best way—how to map those controls to regulatory frameworks to be able to get significant speed advantages,” said Glenn Chisholm, chief product officer and co-founder of Obsidian Security. “Instead of having to go and export all the controls from a SaaS environment and map them across to a regulatory framework, we do all that for you. All of that technical and regulatory mappings are going to get done in 10% of the time that you would have done before.”

Chisholm emphasized that, “None of these SaaS applications exist by themselves. They're not islands; they're an interconnected mash of applications supporting other applications.” Understanding where data is flowing throughout these complex integrations, then, is a crucial piece of SaaS security.

Obsidian Integration Risk Management unveils risk exposure that becomes introduced by SaaS integrations, enabling security teams to minimize risk by 80%, according to the company. The solution automatically resolves SaaS third-party integrations in real-time through centrally defined security policies, shedding invaluable light on the labyrinthine interconnections between applications.

“We're not just a visibility solution,” explained Vivek Ganti, head of product marketing at Obsidian Security. “We offer visibility, but we also offer automated remediation, where we give these GRC teams and security leaders the ability to configure centralized security policies on the product itself, so that the product learns and takes action on its own so that our customers don't become another example of one of those public breaches.”

Obsidian Extend—the final module of Obsidian's announcement—further simplifies SaaS interconnectivity by providing a single, automated, scalable solution for organizations to monitor IT ecosystems that consist of dozens of SaaS platforms. The solution extends what Obsidian already provides for core SaaS applications to every small, niche SaaS application regardless of where it’s hosted—be it private cloud or on-premises.

“Every security team is understaffed. This release brings this very, very needed set of capabilities to secure the SaaS application to be able to work within an enterprise, to work with the application owners rapidly with clear outcomes, and to be able to bring the regulatory element to that all-in-one solution. Every security team is trying to reduce time, reduce cost, and reduce their number of vendors,” concluded Chisholm. “Obsidian brings all three of these components in a single solution to solve all of those problems.”

All of these modules are now generally available for Obsidian customers.

To learn more about Obsidian’s Next-Gen Posture solutions, please visit