Exploitation and Security of SaaS Applications

At the June 2017 Open Web Application Security Project (OWASP) meetup in Seattle, WA., CEO of DigitSec, Waqas Nazir, spoke to attendees about the exploitation and security of SaaS applications.

Today, SaaS applications have found their way into the heart of most modern enterprises. Companies that rely on SaaS applications typically don’t focus on their security due to the assumptions that the platform provider has already deployed proper security controls.

In this talk, Waqas presented examples of attack vectors and exploitation techniques which are especially applicable to SaaS platforms that allow customizations such as Salesforce’s Force.com. He also discussed the need to utilize smart assessment methodologies when assessing the security posture of SaaS applications, as conventional methods sometimes don’t apply to SaaS providers.

Learn more about OWASP and get information about their Meetup chapter here:


Picture of digitsec



DigitSec brings four scans to protect Salesforce: Source Code Analysis, Custom Runtime Testing, Software Composition Analysis, & Cloud Security Configuration Review. #DevOps

Recent Posts

Sign up for our Newsletter

Get security tips sent to your inbox.

Sign up to get updates and security insights from DigitSec