The Saas Security Alliance (CSA) has released a Saas Security Report: Trends and Vision in 2025-2026, which is looking into the current situation of Saas Security to reveal the main challenges and explore how organizations secure and manage their SAAS environments. The results confirm the urgency of organizations to convert their security to Sais into a more uniform and designed approach for this. The current approach to Saas's security is not enough.
Encouraged the security security, the survey was identified in determining the current state of Saas security, detecting the main challenges, and exploring how institutions secure and manage their SAAS environments.
Saas security strategies cannot keep pace with the increasing complexity of the SAAS scene, remain fragmented, interacting, and incomplete. Despite the increasing awareness of the urgent need for the security of the strong Saas, institutions must bypass the AD App-Applow controls to fill the gap between the high investments and actual capabilities-while continuing to follow a more uniform approach that addresses basic challenges such as discovery, supporting the situation, discovering the threat, and treating risk.
“Saas has become an essential part of modern commercial operations, but its insurance is still an influential goal. Although investing in Saas's security and determining their priorities, there is still excessive confidence in the current Saas security strategies. The truth is that the adoption is distributed, the unexploited tools, and the compact operations leave the critical gaps in the vision, identity management, and the third arrival from Hillary Baron, author of Search.
The main results of the report include:
Saas Security is a top priority for 86 % of organizations, as 76 % of respondents say they increase their budgets this year.
Although organizations that commit more resources for the security of Saas, the data referred to by data (63 %) and poor access control (56 %) still expose them to risks, indicating that many of them are still unable to determine the basic protection needed to secure sensitive data across its environments.
79 % of organizations expressed confidence in their programs. This high level of confidence may be to hide critical capacity gaps, as 55 % of the respondents participate that employees adopt Saas tools without participating in security and reporting 57 % that they are struggling with the Saas Security Department.
I am still a challenge. 58 % of the respondents said that the imposition of appropriate concession levels was difficult, and 54 % lacked automation to manage the life cycle – as it directly contributes to violations, the complexity of accidents responding, and leaving exposed organizations.
The Saas-TO-SAAS integration and GENAI tools expand the scope of the attack, leaving nearly half of the organizations (46 %) struggling to monitor non-human identities (NHIS) and 56 % concerned with reaching an excessive application programming interface.
Many organizations depend on fragmented strategies, such as the sellers arising (69 %), and general purposes such as safety brokers access to the cloud (CASBS) (43 %), and hand reviews (46 %), which leads to critical gaps across the Saas environment that will only accommodate with these systems becoming more complicated.
“The results of the report reveal a clear shift: Saas security is no longer a late idea. Organizations are not recognized only by their importance-it takes measures to improve the discovery of the Sais shade, managing the situation, and revealing the threat. With the speed of SAAS, it is important to evolve the saode.
The survey was conducted online by CSA in January 2025 and received 420 response from IT and security technology specialists who represent large organizations in various industries and sites. CSA research analysts analyzed and interpreted this report. Shepherds are members of CSA who support the results of the research project but have no additional impact on content development or CSA research editing rights.
Refer to the security security report for Saas: Trends and Vision for the year 2025-2026.
