Adaptive Shield
Adaptive Shield is an Israel-origin SaaS Security Posture Management (SSPM) platform—acquired by CrowdStrike in 2023—focused on continuously assessing SaaS application configurations, mapping them to security/compliance frameworks, and driving remediation workflows across common enterprise SaaS stacks.
Visit WebsiteCompany Overview
Adaptive Shield (Israel-origin, founded 2019) built an SSPM platform that inventories SaaS applications and continuously evaluates their security-relevant configurations (e.g., identity settings, sharing controls, OAuth app permissions, admin roles) against best-practice baselines and compliance frameworks. The core value proposition is reducing SaaS misconfiguration and configuration drift by providing centralized visibility, risk scoring, policy templates, and guided/automated remediation workflows where SaaS APIs allow.
The SSPM market has matured rapidly, with direct SSPM specialists competing against broader security platforms (SSE/CASB, CNAPP, and endpoint-native vendors) that are extending into SaaS posture and identity-centric risk controls. Differentiation typically hinges on breadth/depth of SaaS connectors, quality of policy/compliance mappings, identity/OAuth risk analytics, alert fidelity, and operationalization (ticketing/automation) rather than novel ML. Adaptive Shield’s strategic shift post-2023 is best analyzed through CrowdStrike’s platform distribution and cross-sell motion rather than as an independent go-to-market.
For defense and allied government users, SSPM is operationally relevant wherever mission or administrative workflows rely on SaaS (M365, Google Workspace, Salesforce, ServiceNow, Atlassian, GitHub, Slack, etc.). The dual-use value is enabling continuous compliance (e.g., NIST 800-53/CMMC-aligned controls), reducing insider/credential abuse blast radius, and preventing data spillage via misconfigured sharing and third-party OAuth apps. Strategic value is strongest as part of a broader zero-trust and endpoint/identity security stack—useful to allied defense ecosystems, but not inherently defense-unique technology.
Dual-Use Assessment
SaaS security posture management has dual-use applications for government cloud application security. Defense organizations require continuous monitoring and remediation of SaaS configurations to maintain security compliance for operational cloud tools.
Key Technologies
- SaaS Security Posture Management (SSPM) across multi-SaaS environments
- Configuration drift detection and policy-as-code style controls for SaaS settings
- OAuth/third-party app risk assessment and permission governance
- Identity and access posture assessment (roles, admin privileges, MFA/conditional access checks)
- Compliance mapping and reporting (e.g., NIST/ISO/SOC2/CIS-style benchmarks; verify specific frameworks supported)
- Workflow automation/integrations (ticketing, SIEM/SOAR connectors; verify current integrations post-acquisition)
Use Cases & Applications
- Continuous SaaS configuration assessment and drift monitoring across enterprise SaaS portfolios
- Detection and remediation of risky sharing, external collaboration, and admin privilege misconfigurations in M365/Google Workspace-class environments
- Third-party OAuth application governance to reduce supply-chain and token abuse risk
- Audit-ready compliance reporting for regulated industries and government contractors (e.g., CMMC/NIST-aligned evidence collection—implementation-dependent)
- Security operations workflow automation: creating tickets/playbooks for SaaS misconfiguration findings
- Defense/government cloud collaboration hardening to reduce data spillage and unauthorized access in SaaS-based mission support tools
Strategic Value to U.S.-Israel Alliance
Adaptive Shield provides SaaS security posture management for defense organizations maintaining secure configurations across cloud applications used for operational and administrative functions.
Interested in this startup?
Learn more about our investment approach or get in touch to discuss opportunities in dual-use technology.