The Valence SaaS Security Platform leverages agentless integrations to analyze the configurations and activities of your SaaS applications - from Microsoft 365, GitHub, Salesforce, Workday, Google Workspace and dozens of others. The platform manages identity, data, configuration and integration SaaS risks to provide SaaS Security Posture Management (SSPM) capabilities. Valence also enables users to assess how the current security configurations compare to industry best practices such as NIST, ISO, CIS and others. The findings are translated to actionable insights that allow security teams to prioritize the most urgent risks with recommended remediation steps.

Within minutes, Valence enables organizations to:

• Fix Misconfigurations - configure security controls according to best practices and standards (CIS, ISO, NIST, etc.)
• Govern Saas-to-SaaS - manage OAuth tokens, API keys, third-party integrations and low/no-code automation
• Protect Data - reduce externally shared data, files, sites, code repositories and other assets
• Secure Identities - control admin privilege sprawl and enforce strong authentication with SSO, IdP and MFA

In addition to visibility into SaaS risks, Valence has out-of-the-box remediation capabilities:

Automated Remediation of SaaS Risks

Valence enables security teams to define security policies and to automate the remediation of SaaS security risks. The Valence platform automatically detects configuration drift and applies automated security guardrails to reduce the workload required to protect critical SaaS data and identities from misconfigurations and ungoverned third-party access.

Business User Collaboration

Security teams can leverage the Valence automated chatbots via email, Slack, etc. to communicate with their users and collaborate on remediation efforts. This allows the security team to educate business users regarding SaaS security best practices and to enforce SaaS security policies without inhibiting SaaS use or growth, to increase business velocity and innovation. By collaborating with the distributed workforce, security teams can gain critical context into SaaS security risks and scale remediation efforts with minimal overhead.

Integrations with Microsoft Security products:

• Microsoft Entra ID - The joint offering provides insights into SSO or MFA enforcement gaps due to local configurations in SaaS applications, overprivileged identities, dormant accounts, and other risks. Valence also provides manual and automated remediation workflows to allow to reduce such risks. In addition, the platforms correlate threat signals such as Microsoft Entra ID’s risky user and service principal signals and Valence’s proprietary SaaS threat alerts.

• Microsoft Sentinel - The joint solution allows security teams to pull critical data and context from Valence’s SaaS Security Platform, and to receive alerts from Valence’s SaaS threat detection alerting. This allows to enrich existing workflows or to trigger new workflows to effectively contextualize and respond to SaaS threats.