IT Brief Australia - Technology news for CIOs & IT decision-makers
Australia
Guides
#
artificial intelligence
#
digital transformation
#
disaster recovery
#
hybrid & remote work
#
internet of things
Search
Story image
#
Data Privacy
#
Cybersecurity
#
AWS

Obsidian Security completes IRAP assessment for SaaS

Today
Author image
By Sean Mitchell, Publisher

Obsidian Security announced it has completed the Infosec Registered Assessors Program (IRAP) Assessment, enhancing its credentials in the public sector and making its SaaS security platform available to Australia's Federal Government agencies.

The IRAP, developed by the Australian Signals Directorate, serves as an independent assessment of system security controls, with federal agencies relying on its outcomes to evaluate a system's suitability for their security requirements. The completion of the IRAP Assessment now provides Australian public sector agencies with greater confidence in deploying Obsidian Security to protect their SaaS identities, applications, and data.

Obsidian Security has observed a marked increase in SaaS breaches, which have surged 300% year-over-year, with identity-based attacks becoming prevalent. Consequently, the availability of Obsidian to Australian federal government agencies for a security strategy covering configuration, identity protection, detection, and response comes at a critical time.

Glenn Chisholm, Australian Co-Founder of Obsidian Security, highlighted the threats entities face with the rise of SaaS applications. "All these applications adopted by public and private organisations create all sorts of blind spots for security teams, especially around identity," Chisholm said. "Threat actors are increasingly focused on exploiting these gaps. Completing the IRAP assessment means we can protect government agencies from these sophisticated attacks in the same way we do for Australia's largest telcos, banks, and healthcare providers."

Chisholm further noted the inherent risk many organisations take by depending on their SaaS providers for application configuration, which can lead to the unintentional exposure of sensitive data. "While SaaS providers ensure the security of the application's infrastructure, the user is responsible for implementing appropriate security measures around their human and non-human identities – this includes things like multifactor authentication and privilege controls," he explained. "Compounding the risk, these apps are often implemented outside the purview of the organisation's security team. Obsidian offers a single platform for visibility, control, and global enforcement over the organisation's entire SaaS ecosystem."

Obsidian's completion of the IRAP Assessment to the PROTECTED security classification complements its existing global certifications, which include SOC 2 and ISO certifications 27001 and 27701. Moreover, in October, the company fortified its investment in the region with a new datacentre in Sydney, established on AWS infrastructure to bolster data sovereignty for local customers.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Pallion partners with Boomi for digital transformation boost
Deep observability: Why you need It and how you get it
Australian firms encouraged to adopt platform strategies
Strand boosts online revenue by 37% with Pattern's AI tools
Commvault unveils Clumio Backtrack for AWS data recovery
Top stories
How will ESG become a scoring mechanism for procurement departments?
NetWitness enhances cybersecurity with AI & SASE updates
Rapid Circle unveils Copilot AI Centre of Excellence in ANZ
Wavelink expands SecurePath initiative to Melbourne
Exclusive: LogicMonitor leads hybrid observability across APJ region