VendorsObsidian Security
Obsidian Security
Cybersecurity reports and statistics published by Obsidian Security
0 categories1 reports
Research Reports
Reports and publications from Obsidian Security
Recent Statistics & Reports
There was a 300% year-over-year increase in SaaS breaches between September 2023 and 2024.
1/1/2025
SaaS spend is approximately $8,700 per employee.
1/1/2025
85% of SaaS breaches began with a compromised identity.
1/1/2025
Adversary-in-the-middle (AiTM) attacks accounted for 39% of these incidents.
1/1/2025
The fastest time from initial access to data exfiltration was as little as 9 minutes.
1/1/2025
MFA failed to prevent attacks in 84% of incident responses.
1/1/2025
Organizations typically deploy around 100 AI applications, with 60% lacking proper security controls or federation behind the IdP.
1/1/2025
The average cost of a SaaS breach has risen to $4.88 million.
1/1/2025
Organisations can achieve an 85% reduction in their SaaS attack surface with better security measures.
1/1/2025
The healthcare sector experienced the highest number of SaaS breaches from September 2023-2024, accounting for 14% of the total. This was followed by state and local government at 13% and financial services at 11%.
1/1/2025
Other credential compromise techniques used to target SaaS applications included self-service password reset (24%), single-factor password guessing (14%), and push fatigue (13%).
1/1/2025
99% of SaaS compromises originate at the identity provider (IdP).
1/1/2025