SAAS Application Security

by Praveen Kanniah

Praveen Kanniah

SAAS apps make our lives easier, for the obvious reason that the vendor manages the Infrastructure, applications, data and security too. However, there is a catch, every SAAS app comes up with its own way of performing access control, which is very different from the platform level security. Any misconfigurations/lack of access control can lead to major data breaches.

The talk covers:

• Who owns what, Organization vs the SAAS provider

• Misconfigurations/Lack of Access Controls in Salesforce apps leading to data leaks

• Securing SAAS Apps (CASB, CSPM, SSPM)


Praveen Kanniah

Architect - Product Security, PhonePe

Praveen has been in the AppSec space, Information Security for almost 12 years now, having tried his hands on various aspects of AppSec, including manual pen testing, rolling out Secure SDL, implementing secure code analyzers, automating pen-tests, developing a framework for container security and more.

Praveen also love to break complicated topics into simpler explanations and share it with everyone through my blogs.