The Future of Networkless Attacks

🚨 SaaS ATT&CK Matrix: The Future of Networkless Attacks 🚨

At Klavan, we’ve integrated the wicked cool research from Push Security, who built on the MITRE ATT&CK framework, to provide our clients with enhanced protection against hashtag#SaaS-first attack techniques.

These attacks don’t target endpoints or customer networks—they operate entirely within SaaS environments, which is why we call them networkless attacks.

The SaaS ATT&CK Matrix - see image below - outlines a range of techniques from Reconnaissance to Exfiltration, including:

- SAML Enumeration for initial access
- Shadow Workflows for persistence
- API Secret Theft for credential access
- Takeout Services for exfiltration

🧠 Why This Matters

SaaS security is becoming a critical part of the cyber landscape. Push Security’s research helps us at Klavan stay ahead of evolving threats by focusing on attack techniques specific to SaaS.

This allows us to better protect our clients and anticipate new challenges in this space.

⚠️ No Traditional C2 Required

In the SaaS world, attackers don’t need traditional Command & Control (C2) methods—they can access cloud apps directly.

That’s why our approach focuses on securing your SaaS platforms from these new and emerging threats.

At Klavan, we’re committed to using the latest research, like that from Push Security, to provide our clients with proactive, effective SaaS security solutions.