Savvy aims to address the vulnerabilities associated with SaaS apps, providing a solution to minimize user-initiated security incidents.
In 2022, the average number of SaaS apps used by organizations globally reached about 130, a significant increase from just eight in 2015, according to Statista.
This surge in app usage prompted Guzner and his co-founders Yoav Horman, Eldar Kleiner, and David Ben Zakai to incubate Savvy, focusing on assisting enterprises in managing SaaS vulnerabilities effectively.
Savvy operates as a browser extension, offering real-time alerts to users when they are about to take an insecure action.
By monitoring actions performed on desktops or laptops, Savvy can detect potentially problematic user behaviors, such as submitting sensitive data to untrusted sources like ChatGPT.
- Advertisement -
On the backend, security teams can create automation playbooks that trigger workflows based on user actions. The platform provides insights and metrics at the role, team, and user levels, allowing for employee risk profiling if desired.
While other startups like Valence Security and Spin Technology also offer platforms to secure SaaS apps, Savvy differentiates itself through its proactive approach.
For instance, when a user attempts to submit sensitive data, Savvy promptly alerts them to the potential risk. The primary objective of Savvy is to improve cyber hygiene without hindering productivity.
Recognizing that users may occasionally bypass security measures to expedite work, Savvy strikes a balance between user convenience and data protection.
Employee monitoring software has gained traction in companies with remote workers, with 60% of such organizations utilizing staff monitoring tools, as stated by Harvard Business Review.
This trend, driven by the growing demand for business intelligence and analytics across workforces, is projected to make the employee monitoring software market worth $12.3 billion by 2033.
Regarding privacy implications, Savvy takes precautions to limit the collection and usage of sensitive data. The majority of data processing occurs locally within the Savvy app, and customers can opt for a deployment model in a private cloud.
However, Savvy does collect metadata for monitoring and reporting purposes, retaining it for 180 days by default. While this metadata retention may raise concerns among monitored users and the companies relying on Savvy, Guzner emphasizes that it is an inherent aspect of such security solutions.
Enterprises recognize the importance of granting employees the freedom to use SaaS apps for their work responsibilities.
However, the rapid adoption of SaaS, the lack of standardized apps and their security controls, and the complexities introduced by app integrations have burdened security teams.
Guzner emphasizes the need for a fundamental shift in decision-making and actions surrounding software usage to address the challenges posed by SaaS sprawl.