SaaS Data Leakage

medium

saas-data-leakage

Sensitive data unintentionally shared externally through SaaS collaboration features such as file sharing, public links, or guest access

Information Disclosure

MITRE ATT&CK techniques

ID	Name	Tactic
T1567	Exfiltration Over Web Service	Exfiltration
T1530	Data from Cloud Storage Object	Collection

Common Weakness Enumeration

Mitigating controls

ctrl-saas-leak-1: Configure external sharing policies and restrictions
ctrl-saas-leak-2: Implement DLP policies for sensitive content detection
ctrl-saas-leak-3: Monitor and audit external sharing activities
ctrl-saas-leak-4: Disable public link sharing for sensitive content
ctrl-saas-leak-5: Implement data classification and labeling

References

https://cloudsecurityalliance.org/research/cloud-controls-matrix/