Cloud security startup Obsidian Security Inc. today announced the release of its latest suite of software-as-a-service security solutions.

Obsidian’s three new services, Compliance Posture Management, Integration Risk Management and Extend, enable security and government, risk and compliance teams to increase their SaaS security and compliance posture measurably.

Leading the releases, Compliance Posture Management is designed to enable organizations to measure and maintain compliance across SaaS environments. The service measures internal security policies and third-party standards, including Service Organization Control 2, National Institute of Standards and Technology Special Publication 800-53 800-53, International Organization for Standardization 27001 and the Computer Misuse Act.

The service maps complex frameworks to individually manageable SaaS controls, giving teams clear and continuous assurance that the applications their business is relying on are in compliance with the legal and regulatory obligations they must uphold. Obsidian claims that, on average, customers can expect to reduce the cost and complexity associated with SaaS compliance from months to minutes.

Integration Risk Management surfaces risk exposure introduced by SaaS integrations and helps security teams minimize that risk by over 80%. The service starts with a deep understanding of complex interconnections between applications, mapping permissions and different access levels to analyze integration activity and uncover areas of excessive risk.

Integration Risk Management is said to give security teams visibility into their integrations across the entire SaaS estate and also automatically remediate SaaS third-party integration threats in real time via centrally defined security policies.

Last but not least, Obsidian Extend addresses the issue where security teams struggle with protecting sensitive business data across an enterprise information technology ecosystem compromising dozens of SaaS platforms such as Salesforce Inc., Workday Inc., Google Workspace and Microsoft 365. Obsidian Extend solves the problem by providing a consolidated, automated and scalable solution for organizations to assess and monitor security risk across their entire SaaS estate.

“For far too long, Security and GRC teams have been working in the dark,” Glenn Chisholm, chief product officer of Obsidian Security, said in a statement. “We hear from security leaders time and again that they have no control over their ever-expanding mesh of SaaS applications and that they worry about every new integration posing an exponentially increased organizational risk. On the other hand, GRC and compliance teams today lack basic tooling and often take several months to gather the evidence they need in SaaS to demonstrate and verify compliance with local and industry regulations.”

Obsidian Security is a venture capital-backed startup, having last raised $90 million in funding in April 2022. Investors include Insitutional Venture Partners LLC, GV Management Company LLC, Menlo Ventures, Greylock and Wing Venture Capital.

Image: Obsidian Security