Back

Astrix Security Wins 2022 Cybersecurity Breakthrough Award for Cloud Security

Astrix Security Named PaaS Security Solution of the Year in Prestigious International Awards Program

[New York – October 6, 2022] – Astrix Security, the industry’s leading solution securing app-to-app integrations, announced today that it has been named the winner of the “PaaS Security Solution of the Year” award in the cloud security category in the sixth annual CyberSecurity Breakthrough Awards, which recognizes the top companies, technologies, and products in the global information security market today.

Astrix Security ensures organizations’ core systems are securely connected to third-party cloud services, allowing them to safely unleash the power of app-to-app integration and automation. Astrix’s agentless, easy-to-deploy solution provides holistic visibility into all app-to-app connections across PaaS, SaaS and IaaS environments, and instantly detects and mitigates integration threats exposing them to supply chain attacks, data leakage, and compliance violations.

“We’re delighted to be recognized as a cloud security leader in the CyberSecurity Breakthrough Awards program,” said Alon Jackson, CEO and Co-Founder of Astrix. “Employees today can freely integrate cloud services and APIs into core business assets like Salesforce, Github, and Office 365, creating a hyperconnected workspace that requires oversight and security against the growing threat of supply chain attacks coming from third-party integrations, such as the recent attacks against Microsoft, GitHub and Mailchimp. Winning the second industry award in only four months is yet another testament to the industry’s need for a security solution that allows organizations to reap the benefits of third-party apps and automation, without compromising security.”

With agentless, one-click deployment, Astrix enables security teams to instantly see through the fog of connections, detect redundant, misconfigured, and malicious third-party exposure to their critical systems, and provides practical remediation steps. In doing so, Astrix empowers enterprises to gain control over their entire app-layer access for the first time, set enforcement guardrails, and prevent policy drifts with zero-trust security controls.

To see the full list of winners, please visit: https://cybersecuritybreakthrough.com/

About Astrix

Founded in Tel Aviv in 2021, Astrix Security protects the modern enterprise’s growing third-party app interconnectivity with its novel zero-trust solution. Powered by continuous exposure identification, Astrix provides organizations with visibility and lifecycle management to preemptively secure their most critical systems. Founded by two veterans of the Israel Defense Force 8200 military intelligence unit, CEO Alon Jackson and CTO Idan Gour, Astrix’s team is rapidly expanding. Astrix is backed by leading investors Bessemer Venture Partners, F2 Venture Capital, and Venrock. Learn more at https://astrix.security or follow us on Twitter.

Request a demo

See how Astrix can help you take
control of your third-party integrations.



This will close in 0 seconds

Contact us



This will close in 0 seconds

The Ultimate Guide to Securing App-to-App Integrations

How to discover and remediate over-privileged, unnecessary, and malicious integrations to your most critical systems.

This will close in 0 seconds

Risk #3: Compliance violations
  • What it is: An act that compromises an organization’s ability to comply with relevant governmental, legal, or industry frameworks – for example, data privacy regulations (like GDPR) or security and governance (like SOC 2).
  • Recent example: Ticketmaster received a $1.6 million fine for GDPR violations after hackers exploited vulnerabilities in the code of a third-party chat app vendor on its checkout page, exposing customers’ personal and payment data.
  • Why third-party integrations increase the risk: Any third-party application involved in data processing is part of an enterprise’s regulatory purview – meaning that the organization is ultimately responsible (often financially and legally) for its handling of sensitive data.
Risk #2: Direct malicious access
  • What it is: Malicious actors seek direct access to core platforms by tricking users into providing consent (via OAuth permissions rather than explicit credential phishing) or by taking advantage of leaked API keys, certificates, webhooks urls, etc.
  • Recent example: Microsoft recently warned of a phishing attack in which Office 365 users received emails intended to trick them into granting OAuth permissions to a fake app.
  • Why third-party integrations increase the risk: With third-party applications increasingly integrated to core platforms, access tokens enable malicious actors access to data and operations on organization critical systems.
Risk #1: Supply chain attacks
  • What it is: A third-party app integrated to a trustworthy central platform may “leak” sensitive data into a less secure environment. Malicious actors abuse security vulnerabilities associated with a legitimate (but less secure) third-party application – and exploit its privileged access to sensitive information (like credentials or data).
  • Recent example: Hackers compromised the software development tool Codecov to gain access to – and rapidly copy and export to an attacker-controlled server – sensitive secrets,credentials and IP associated with software accounts at thousands of clients.
  • Why third-party integrations increase the risk: More and more third-party applications hold the “keys to the kingdom”: the most privileged credentials in the enterprise. Any third party application that can be compromised opens up the possibility of unauthorized intrusion (and data extraction, ransoming, and more) by malicious actors.