Calero launches SaaS tool to cut costs & tackle shadow IT
The company's new offering is structured to provide value to IT teams that are increasingly tasked with managing an expanding suite of cloud-based applications, often without the benefit of additional resources or headcount. The solution aims to deliver benefits across three primary areas: visibility, control, and optimisation of SaaS assets.
Increasing SaaS complexity
As organisations expand their reliance on cloud applications, Calero notes that a significant portion of SaaS tools are now being acquired outside formal IT and procurement channels. This growing phenomenon of 'shadow SaaS' can lead to redundancies, unnecessary expenditure, data silos, and additional operational risks for businesses.
The new SaaS Management Platform (SMP) is designed to provide support for IT departments at various stages of their SaaS and financial operations (FinOps) maturity. The solution responds to the need for rapid insight, without imposing additional workload on teams already managing multiple priorities.
Segmented approach
The company's offering comprises several modules. The Visibility component gives IT leaders immediate access to comprehensive information about which SaaS applications are in use across the organisation, including identifying unapproved or potentially risky tools. By leveraging existing data sources, the module aims to deliver rapid value with minimal overhead or cost.
Calero's Control module provides real-time, actionable intelligence to optimise relationships with key SaaS vendors. By consolidating discovery sources, finance system data, and vendor records, organisations can access a single source of truth about their application portfolio. This information is intended to help teams drive more efficient use of software licences, strengthen renewal negotiations, and maintain accountability across departments.
The final component, Optimisation, is aimed at helping organisations achieve strategic IT management objectives by enabling more efficient use of staff resources. By making use of Calero's managed services expertise, this module supports activities such as vendor data collection, licence management for staff changes, and renewal preparation, with the goal of improving user experiences and securing cost savings in SaaS spend.
Leadership perspective "Many leaders recognise they have a significant SaaS management problem but are unsure where to start," said Scott Gilbert, CEO of Calero. "Inaction comes at a cost. With over 30 years' experience helping organisations manage telecommunications, mobility, and market data, Calero makes it easier for leaders to address these challenges. We're committed to lowering barriers to entry and leading the way again."
Focus on immediate value
The company emphasises that the SaaS Management Platform is intended to be accessible for overstretched IT functions and to fit into existing technology management workflows. By targeting specific problems such as unauthorised SaaS proliferation and inefficient spending, Calero states the solution is designed to deliver tangible value quickly, without necessitating significant organisational change or resource allocation.
With SaaS adoption rates continuing to rise, technology teams are under pressure to regain oversight and control over their software environments. Calero's solution, structured around targeted modules, is positioned as a response to the increasingly complex IT and procurement landscape faced by enterprises of varying sizes.
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Techday NZ
6 days ago
- Techday NZ
Calero launches SaaS tool to cut costs & tackle shadow IT
Calero has launched a new software-as-a-service (SaaS) management solution intended to help IT leaders address the challenges of shadow SaaS adoption, uncontrolled spend, and the optimisation of application usage. The company's new offering is structured to provide value to IT teams that are increasingly tasked with managing an expanding suite of cloud-based applications, often without the benefit of additional resources or headcount. The solution aims to deliver benefits across three primary areas: visibility, control, and optimisation of SaaS assets. Increasing SaaS complexity As organisations expand their reliance on cloud applications, Calero notes that a significant portion of SaaS tools are now being acquired outside formal IT and procurement channels. This growing phenomenon of 'shadow SaaS' can lead to redundancies, unnecessary expenditure, data silos, and additional operational risks for businesses. The new SaaS Management Platform (SMP) is designed to provide support for IT departments at various stages of their SaaS and financial operations (FinOps) maturity. The solution responds to the need for rapid insight, without imposing additional workload on teams already managing multiple priorities. Segmented approach The company's offering comprises several modules. The Visibility component gives IT leaders immediate access to comprehensive information about which SaaS applications are in use across the organisation, including identifying unapproved or potentially risky tools. By leveraging existing data sources, the module aims to deliver rapid value with minimal overhead or cost. Calero's Control module provides real-time, actionable intelligence to optimise relationships with key SaaS vendors. By consolidating discovery sources, finance system data, and vendor records, organisations can access a single source of truth about their application portfolio. This information is intended to help teams drive more efficient use of software licences, strengthen renewal negotiations, and maintain accountability across departments. The final component, Optimisation, is aimed at helping organisations achieve strategic IT management objectives by enabling more efficient use of staff resources. By making use of Calero's managed services expertise, this module supports activities such as vendor data collection, licence management for staff changes, and renewal preparation, with the goal of improving user experiences and securing cost savings in SaaS spend. Leadership perspective "Many leaders recognise they have a significant SaaS management problem but are unsure where to start," said Scott Gilbert, CEO of Calero. "Inaction comes at a cost. With over 30 years' experience helping organisations manage telecommunications, mobility, and market data, Calero makes it easier for leaders to address these challenges. We're committed to lowering barriers to entry and leading the way again." Focus on immediate value The company emphasises that the SaaS Management Platform is intended to be accessible for overstretched IT functions and to fit into existing technology management workflows. By targeting specific problems such as unauthorised SaaS proliferation and inefficient spending, Calero states the solution is designed to deliver tangible value quickly, without necessitating significant organisational change or resource allocation. With SaaS adoption rates continuing to rise, technology teams are under pressure to regain oversight and control over their software environments. Calero's solution, structured around targeted modules, is positioned as a response to the increasingly complex IT and procurement landscape faced by enterprises of varying sizes.
Techday NZ
05-08-2025
- Techday NZ
AppOmni enhances SaaS platform with new AI security features
AppOmni has unveiled new SaaS and AI security capabilities to address the growing wave of artificial intelligence and SaaS-related risks faced by organisations. The company's latest platform updates include features to help security teams understand their exposure to AI threats and implement controls, with a focus on identifying both sanctioned and unsanctioned, otherwise known as shadow, AI applications - including those embedded in popular SaaS platforms. Complex attack surfaces The increasing adoption of AI in the enterprise landscape has created a more complex attack surface for security professionals. AI tools are now deeply integrated within SaaS environments, either as embedded features in platforms such as M365 or Google Workspace, or operating as independent agents. These tools handle and process sensitive data throughout the SaaS estate, making them both a potential facilitator and target for cyber attacks. According to AppOmni, the convergence of native AI applications and SaaS offerings means AI is quickly becoming a ubiquitous layer within software solutions used by businesses. This transformation highlights the need for organisations to gain visibility into their SaaS and AI landscape, particularly to identify unsanctioned or shadow tool usage, as well as to develop practical strategies for controlling and monitoring these technologies. Expanded application support AppOmni's platform now supports an additional 30 AI and SaaS applications, including widely adopted tools such as ChatGPT Enterprise, Claude, OpenAI, Anthropic, Cisco Umbrella, Cisco Secure Access, and Gong. The company also introduced three new product packages meant to provide a structured path for enterprises at varying stages of their SaaS security maturity journey. Each package includes a free SaaS and AI Attack Surface Assessment and a 90-day trial for the AppOmni Foundations package. Targeted solutions The three packages - Foundations, Advanced, and Enterprise - are each tailored to different organisational needs. The Foundations package serves as an entry-level option designed for companies looking to begin their SaaS security journey. It offers tools to discover shadow SaaS and AI, manage app users and permissions, and detect threats or anomalous activity. AppOmni states that its latest State of SaaS Security 2025 Report found 30% of businesses sought advanced SaaS security capabilities to mitigate risk. The Advanced package builds on this with more comprehensive threat detection and posture management. The Enterprise package, aimed at organisations with the highest security maturity, enables granular control over SaaS security settings and integration with existing security operations. Industry perspectives "Securing AI is now a board-level priority, and that battle must be fought within the SaaS ecosystem," said Brian Soby, Co-founder and CTO of AppOmni. "AI and SaaS security are two sides of the same coin since much of AI is delivered through SaaS. The first step for any organisation is to discover its shadow AI and SaaS usage. AppOmni is leading the charge by first exposing shadow AI, and then securing its use through policy controls for both standalone AI tools and AI embedded within SaaS applications. These innovations empower organisations to embrace AI by taking a comprehensive approach to SaaS security." Mark Butler, CISO (Advisory) at Trace3, offered his perspective on the significance of this integrated approach, stating, "AppOmni's new level of integrated capabilities delivers faster desired outcomes for both organisations and channel partners alike. The ability to discover, analyse, monitor, and secure the expanding landscape of SaaS and AI applications is a game-changer. Strengthening organisations' ability to maintain full visibility, defend against SaaS and AI drift, and ensure the intended use of critical SaaS apps and AI backed software drives increased business revenue and protects data while moving at the velocity of innovation." Recent developments The announcement comes after AppOmni's introduction of AskOmni, an AI-powered SaaS security assistant, and the industry's first SaaS Security Model Context Protocol (MCP) Server. With these advancements, AppOmni aims to support organisations in securing their organisations' AI usage, from the initial discovery of AI applications through to continuous monitoring, risk reduction, and response to emerging threats.
Techday NZ
03-07-2025
- Techday NZ
Most fintechs fail API security, risking sensitive payment data
New research conducted by Raidiam highlights significant weaknesses in API security across fintech companies, SaaS platforms, payments firms, and other enterprises operating outside regulated environments such as Open Banking. The report, which assessed security practices at 68 organisations, reveals that 84% remain vulnerable due to insufficient API protections, even when dealing with sensitive or high-value data. Widespread vulnerabilities The research indicates that 85% of the surveyed organisations handle either payment data or special category personal data, yet only one met the benchmark for modern, cryptographic API protection. The study found that outdated or insufficient controls—such as the use of static API keys and basic OAuth secrets—prevail among most firms, leaving them open to exploitation. "We've all read the recent headlines; API security should not be an afterthought. The gap between the sensitivity of data and the strength of controls is a board-level risk – not just a technical issue," said David Oppenheim, Head of Enterprise Strategy at Raidiam. Of the organisations surveyed, 57 out of 68 use bare API keys or basic OAuth credentials, mechanisms that have well-known security vulnerabilities. Less than half conduct regular API-specific penetration testing or runtime anomaly monitoring, measures deemed essential for identifying and addressing potential attack vectors in real time. Real-world consequences The report points to the 2023 Dell partner API breach as evidence that attackers are already actively exploiting these weak points in enterprise systems. These incidents underscore a growing risk for any entity exposing sensitive APIs without robust protective measures in place. According to the report, a Security vs Sensitivity Matrix mapping exercise revealed a severe misalignment between the sensitivity of the data held and the strength of security controls implemented. This mismatch increases the likelihood and potential impact of security incidents. "We found that even firms handling payment and personal data still rely on static API keys and basic secrets. In today's threat landscape, that's the digital equivalent of leaving the vault door open," Oppenheim added. "In regulated environments like Open Banking, stronger controls like mutual TLS and certificate-bound tokens are already standard. Outside those frameworks, there's a gaping hole." API risk in unregulated environments is becoming a prominent concern in the industry. In early 2025, the Chief Information Security Officer at JPMorgan Chase issued a public warning about rising vulnerabilities linked to third-party platforms, advocating for a shift towards prioritising security over rapid development. Gartner statistics cited in the report indicate that API breaches tend to leak 10 times more data than traditional attacks. The report states, "This isn't theoretical — attackers are already in." Recommendations for addressing risk The report provides a four-step action plan for organisations seeking to bridge the gap between data sensitivity and protection. It recommends elevating API security to a board-level priority, modernising controls through cryptographic methods such as mutual TLS (mTLS) and sender-constrained access tokens, increasing investment in developer awareness and security testing, and working with trusted partners to accelerate adoption of proven standards and infrastructure. Raidiam's expertise in secure digital data-sharing ecosystems is currently being made available to assist enterprise organisations in bringing API security standards up to date and closing the gaps identified by this research. Follow us on: Share on:
