Technoloty News : Startup providers can avoid databreach with the help of Zygon in Saas

Shadow, a cloud computing company, confirmed last week that there was a data breach that involved personal information of customers. The hacker claims that he has access to data from more than 530,000 clients. According to an email from Shadow CEO Eric Sele, the hacker managed to download this data from a software-as-a-service (SaaS) provider’s API. This is only one of many data breaches that have affected businesses of all sizes.

You don’t want to find yourself in this position, especially if you are a tech CEO. In the current regulatory environment, you are often required to notify privacy watchdogs or navigate regulatory obligations. You risk losing your clients’ trust if you inform them of a breach.

Zygon has caught my attention for this reason. This new French startup reviews the SaaS apps used by your team. It doesn’t only focus on the official services, but it can also identify shadow SaaS that some teams are using without telling their IT department.

Zygon seemed like a great way to save money. Many VC firms still pass on deals that made sense a couple of years ago. Some startups are actively reviewing SaaS contracts in order to see if there are any subscriptions they can cancel and extend their runway.

The startup wants to build a security startup that will be able to protect your SaaS service. Zygon raised $3 million in a seed round led by Axeleo Capital, with Kima Ventures, and several business angels participating.

Shadow IT: Visibility

After the initial inventory, Zygon provides customers with a dashboard that shows all SaaS applications and the number of users for each application.

Kevin Smouts, co-founder of Zygon and Chief Product Officer, told me that they use the metadata in employee emails to detect SaaS usage.

Zygon won’t be very useful for SaaS applications connected to Okta or other official identity management solutions. Some SaaS startups are particularly successful because they can be set up in just a few seconds.

They take advantage of this by promoting bottom up adoption through freemium plans and features such as self-service, virality, and self-service. Dropbox, Zoom or Notion all represent this trend.

SaaS proliferation creates three issues for businesses: security, legal and cost.

Zygon uses the same approach to decentralize security and integrate with all SaaS products. Zygon encourages you to designate SaaS admins. They are now in charge of the use of a particular tool within the organization.

They receive recommendations on security configuration tasks such as multi-factor authentication. IT departments can take control of popular applications, prioritizing the rollout SSO authentication, controlling account orchestration, and more.

Zygon is a tool that allows for some control over SaaS usage. Zygon will flag multiple accounts for a service. Zygon will also flag if multiple employees are sharing the same account. Zygon can also minimize the attack surface if a company is looking to comply with SOC 2 or ISO frameworks.

Zygon is particularly useful if someone quits, or if there are a lot of layoffs. It can list services which are still in use even after an employee leaves the company.

“In the present situation, IT only controls a very limited number of SaaS apps. In the current context of layoffs these are huge security holes. We go even further by detecting the SaaS applications that have APIs or keys of access that need to be rotated’ when an employee leaves,” Smouts said.