niftycent.com
NiftyCent
US
Login
Marketplace
Discounts

Show HN: Shadow IT Scan – Uncover SaaS Apps, Users and Risky OAuth Scopes

Hey HN,

TL;DR: We’ve launched a free version of our Shadow IT scanner to identify which SaaS apps are used in your company, who uses them, and if they have high-risk OAuth scopes.

Philip and I went through YC with AccessOwl in 2022. We started the company because, in our previous roles, we struggled to track all the SaaS apps, users, and granted OAuth scopes. The Shadow IT scanner started as a small feature within AccessOwl, which manages SaaS vendors and user accounts centrally. But a standalone scanner would have made our lives so much easier in our previous roles. So, we thought, why not release it?

And here it is: a free, standalone Shadow IT scanner!

Hope you find it useful :) The Shadow IT scan helps with:

1. Offboarding: Employees often don’t report all the apps they sign up for, making it tough to track and secure these accounts when they leave, especially with the common SSO tax.

2. Security: OAuth scopes are quickly granted but rarely reviewed or removed, leading to organizations unknowingly spreading their data.

3. Compliance: Auditors need a list of SaaS vendors, which is hard to compile when employees sign up for tools independently.

Any surprises in your scan? What features would you like to see in the next version? Looking forward to your feedback!

FAQ

What’s Shadow IT? Unauthorized SaaS apps within an organization not centrally managed, posing security and compliance risks.

How does it work? Our tool connects to your Google Workspace or M365 instance, identifies OAuth tokens granted, and maps them to known SaaS tools. Note: In this v1 version, it only detects apps using the “Sign in with Google/Microsoft” button.

Who is this for? Typically IT and InfoSec teams, but in smaller companies, it may fall under the CTO.

Is it safe to use? Yes, reading OAuth tokens is standard for SaaS management tools. Data extraction only occurs when you initiate a scan. AccessOwl is SOC 2 Type II audited and GDPR compliant.

Comments URL: https://news.ycombinator.com/item?id=41118468

Points: 27

# Comments: 6

https://www.accessowl.io/scan

Created 1mo | Jul 31, 2024, 11:40:05 PM


Login to add comment

Other posts in this group

Sleep duration, chronotype, health and lifestyle factors affect cognition [pdf]
Sleep duration, chronotype, health and lifestyle factors affect cognition [pdf]

Article URL: https://bmjpublichealth.bmj.com/content/bmjph/2/1/e001000.full.pdf

Comments URL:

Sep 9, 2024, 1:40:10 AM | Hacker news
Linux's Bedtime Routine
Linux's Bedtime Routine

Article URL: https://tookmund.com/2024/09/hibernation-preparation

Comments URL:

Sep 9, 2024, 1:40:09 AM | Hacker news
LLM_transcribe_recording: Bash Helper Using Mlx_whisper
LLM_transcribe_recording: Bash Helper Using Mlx_whisper

Article URL: https://gist.github.com/Olshansk/888533614765cd13139515d55573d676

Comments URL:

Sep 9, 2024, 1:40:08 AM | Hacker news
ATProto for Distributed System Engineers
ATProto for Distributed System Engineers

Article URL: https://atproto.com/articles/atproto-for-distsys-engineers

Comments URL:

Sep 9, 2024, 1:40:07 AM | Hacker news
Jd – JSON Diff and Patch
Jd – JSON Diff and Patch

Article URL: https://github.com/josephburnett/jd

Comments URL: https://news.ycombin

Sep 8, 2024, 11:30:12 PM | Hacker news
Htmx, Raku and Pico CSS
Htmx, Raku and Pico CSS

Article URL: https://rakujourney.wordpress.com/2024/09/08/htmx-raku-and-pico-css/

Comments URL:

Sep 8, 2024, 11:30:12 PM | Hacker news
The Fennel Programming Language
The Fennel Programming Language

Article URL: https://fennel-lang.org/

Comments URL: https://news.ycombinator.com/item?id=41483

Sep 8, 2024, 11:30:10 PM | Hacker news
Techie
Techie