SaaS
We've curated 46 cybersecurity statistics about SaaS to help you understand how the security challenges and best practices surrounding software-as-a-service platforms are evolving in 2025.
Related Topics
Showing 1-20 of 46 results
83% confirmed incident rate for organizations using multi-tenant SaaS identity platforms.
96% of companies running AI in production, using AI broadly, and operating on multi-tenant SaaS identity infrastructure face shadow AI challenges.
90% of companies running AI in production, using AI broadly, and operating on multi-tenant SaaS identity infrastructure reported a confirmed incident.
56% of organizations report that they can’t effectively enforce continuous least privilege for service accounts across cloud, SaaS, and on-premises environments.
40% of unknown AI agents emerge in SaaS tools with built-in automation.
Only 28% of organizations report full visibility into non-human identities across cloud, on-premises and SaaS environments.
One in four users (25%) rely on broad, difficult-to-audit static profile bundles for SaaS access.
Over 80% of SaaS access is managed through static profiles.
Threat actors exploited identity issues to gain initial access in 83% of the incidents involving major cloud and SaaS-hosted environments.
86% of SaaS midmarket organizations kept headcount at pace with their digital estate, with only 10% growing more slowly.
Attackers leverage third-party SaaS applications in 23% of incidents.
60% of senior IT and business decision-makers worldwide reported reduced visibility of where their data resides due to the growth of multi-cloud and SaaS environments.
46% of organizations cite cloud and SaaS data sprawl as a top challenge. ).
57% of organizations experienced cloud application or SaaS-related cyber incidents in the past 12 months, according to the 2025 Security Operations Trends Report.
Only 15% of organizations feel fully prepared to handle the movement of sensitive data through SaaS and Shadow IT tools.
52% say difficulty monitoring SaaS and hybrid work environments is the biggest barrier to maturing their insider risk program.
29% of organizations identify external APIs and SaaS-embedded AI features as their greatest AI supply chain risk.
61% of senior IT decision-makers highlight physically segregated storage as a key requirement for modern SaaS backup.
37% of senior IT decision-makers still rely solely on their SaaS application’s native backup capabilities.
APIs in technology & SaaS providers' environments saw a 400% spike in critical vulnerabilities.