Managed Security Services, API security

SaaS Alerts Seeks MSP, MSSP Signatures for Software Security Petition Drive

Clop ransomware gang exploits SysAid server bug

Cloud software security monitoring platform SaaS Alerts is launching an industry campaign to secure third-party software, targeting 2,500 MSP and MSSP signatures on a petition by March 8 to coincide with the Right of Boom event.

The petition was launched on December 4, and SaaS Alerts says those signatures of 2,500 MSPs represent an estimated 250,000 small businesses. MSPs who would like to support this effort are encouraged to sign the “I want my SaaS alerts” petition.

The launch complements the expansion of the SaaS Alerts platform with a capability called App Wizard. This capability allows MSPs and MSSPs to request that SaaS Alerts integrate with and provide monitoring data for specific applications.

While SaaS Alerts already provides such security monitoring for key industry platforms, such as Microsoft 365 and Google Workspace, this will allow MSPs to request security monitoring for other platforms, too. For instance, maybe an MSP specializes in dental practice end clients and wants to monitor and protect a specific platform that they use. They can request that and if that software provider offers a "viable" API — one that includes security log data — that SaaS Alerts can integrate with the platform within 72 hours. That integration will enable security monitoring by any MSP or MSSP that is part of the SaaS Alerts community.

What is Viable API?

Third-party risk is a huge issue in the software industry, as threat actors target the software supply chain to gain access to their victims. While some major software vendors provide security log data as part of their APIs, including Microsoft 365, Google Workspace, Salesforce, Dropbox and Slack, other big vendors don’t provide that security log data. That means companies like SaaS Alerts cannot provide monitoring and protection for those that don’t provide that type of data. SaaS Alerts CEO Jim Lippie calls this a “viable” API.

For instance, Intuit’s Quick Books Online is the top application requested for integration with SaaS Alerts, but Intuit does not offer an API that provides security log data, Lippie said. The platform API does not collect data about who is logging in, where they are logging in from, what are they looking at, and what are they taking.

“Those are the four most important things when we are looking at the security behavior associated with an application,” Lippie said. “We want the help of the entire MSP community to help us bring awareness to this issue. There’s a lot of really great applications out there that don’t have the security log data available in them.”

MSPs, MSSPs Protecting Clients from Third-Party Risk

Lippie told MSSP Alert that MSPs can request such integration for any customer business software. SaaS Alerts will then determine if that software has a viable API. If it does, SaaS Alerts will be able to enable monitoring of that software within 72 hours for the entire SaaS Alerts community of MSPs and MSSPs.

Lippie believes this is a great opportunity for MSPs because it enables them to protect their clients’ third-party software.

“This is a massive opportunity for MSPs as more software shifts from on-premises to the cloud,” Lippie said. “This is the next frontier.”

Setting API Standards

Lippie said said SaaS Alerts decided it wanted to monitor security log data in the top platform category used by every MSP out there — RMM software (remote monitoring and management).

“But when we looked at the APIs of some of those applications, the information wasn’t there for us,” Lippie said.

To remedy the situation, SaaS Alerts worked with the major players, including ConnectWise, Kaseya and N-able. They also worked with Syncro and Ninja.

“Now we have all that information available to us so that we can monitor those applications on behalf the community,” Lippie said. “Our hope is that by creating awareness around this issue, we can influence other leading software companies to incorporate this information so we make the entire industry and community stronger.”

Jessica C. Davis

Jessica C. Davis is editorial director of CyberRisk Alliance’s channel brands, MSSP Alert, MSSP Alert Live, and ChannelE2E. She has spent a career as a journalist and editor covering the intersection of business and technology including chips, software, the cloud, AI, and cybersecurity. She previously served as editor in chief of Channel Insider and later of MSP Mentor where she was one of the original editors running the MSP 501.