hngopher.com

       [HN Gopher] Show HN: Shadow IT Scan - Uncover SaaS Apps, Users a...
       ___________________________________________________________________
        
       Show HN: Shadow IT Scan - Uncover SaaS Apps, Users and Risky OAuth
       Scopes
        
       Hey HN,  TL;DR: We've launched a free version of our Shadow IT
       scanner to identify which SaaS apps are used in your company, who
       uses them, and if they have high-risk OAuth scopes.  Philip and I
       went through YC with AccessOwl in 2022. We started the company
       because, in our previous roles, we struggled to track all the SaaS
       apps, users, and granted OAuth scopes. The Shadow IT scanner
       started as a small feature within AccessOwl, which manages SaaS
       vendors and user accounts centrally. But a standalone scanner would
       have made our lives so much easier in our previous roles. So, we
       thought, why not release it?  And here it is: a free, standalone
       Shadow IT scanner!  Hope you find it useful :) The Shadow IT scan
       helps with:  1. Offboarding: Employees often don't report all the
       apps they sign up for, making it tough to track and secure these
       accounts when they leave, especially with the common SSO tax.  2.
       Security: OAuth scopes are quickly granted but rarely reviewed or
       removed, leading to organizations unknowingly spreading their data.
       3. Compliance: Auditors need a list of SaaS vendors, which is hard
       to compile when employees sign up for tools independently.  Any
       surprises in your scan? What features would you like to see in the
       next version? Looking forward to your feedback!  FAQ  What's Shadow
       IT? Unauthorized SaaS apps within an organization not centrally
       managed, posing security and compliance risks.  How does it work?
       Our tool connects to your Google Workspace or M365 instance,
       identifies OAuth tokens granted, and maps them to known SaaS tools.
       Note: In this v1 version, it only detects apps using the "Sign in
       with Google/Microsoft" button.  Who is this for? Typically IT and
       InfoSec teams, but in smaller companies, it may fall under the CTO.
       Is it safe to use? Yes, reading OAuth tokens is standard for SaaS
       management tools. Data extraction only occurs when you initiate a
       scan. AccessOwl is SOC 2 Type II audited and GDPR compliant.
        
       Author : mathiasn
       Score  : 24 points
       Date   : 2024-07-31 12:05 UTC (10 hours ago)
        
 (HTM) web link (www.accessowl.io)
 (TXT) w3m dump (www.accessowl.io)
        
       | antonmi wrote:
       | Very interesting, gonna check it!
        
         | PhLR wrote:
         | Thanks! Any interesting findings?
        
       ___________________________________________________________________
       (page generated 2024-07-31 23:00 UTC)