# Obsidian Security **Source:** https://geo.sig.ai/brands/obsidian-security **Vertical:** Cloud Security, CNAPP & Identity Security **Subcategory:** SaaS Threat Detection **Tier:** Challenger **Website:** obsidiansecurity.com **Last Updated:** 2026-04-14 ## Summary SaaS security platform for behavioral threat detection and identity risk management across enterprise SaaS applications. Newport Beach CA; raised $90M+; Obsidian detects compromised accounts and insider threats using behavioral baselines across Microsoft 365 and Salesforce. ## Company Overview Obsidian Security is a SaaS security and identity threat detection company founded in 2017 and headquartered in Newport Beach, California. The company was founded by former executives and engineers from Carbon Black, CrowdStrike, and the NSA who applied endpoint detection and response principles to the SaaS domain. Obsidian's platform monitors user behavior across SaaS applications to detect account compromise, insider threats, and data exfiltration by analyzing activity patterns — logins, API calls, data access, sharing events — against behavioral baselines built for each user.\n\nObsidian raised $90 million across three rounds from investors including Norwest Venture Partners, IVP, and Greylock Partners. Its platform integrates with major enterprise SaaS applications including Salesforce, Microsoft 365, Google Workspace, ServiceNow, GitHub, Workday, and more than 40 other applications. Rather than relying solely on configuration checks, Obsidian focuses on runtime behavioral analytics: detecting when a compromised account is performing unusual data exports, when a user accesses records far outside their normal work patterns, or when a service account begins making API calls it has never made before.\n\nThe platform also covers SaaS identity risk management, inventorying privileged accounts, dormant accounts, and over-permissioned users across all integrated applications. Security teams can use Obsidian to reduce their SaaS attack surface by identifying and remediating excessive access, and to respond to active threats with detailed activity timelines that provide forensic evidence for incident investigations. Obsidian's combination of posture management and behavioral detection positions it between pure SSPM tools and identity threat detection and response (ITDR) platforms. ## Frequently Asked Questions ### How does Obsidian Security detect compromised SaaS accounts? Obsidian builds behavioral baselines for every user across their SaaS applications, modeling normal patterns of access times, data volumes, geographic locations, API usage, and content types. When an account is compromised, attackers behave differently from the legitimate user, and Obsidian detects these deviations — such as bulk data downloads, access from unusual locations, or API calls that the user has never made before. ### What SaaS applications does Obsidian Security support? Obsidian integrates with more than 40 major enterprise SaaS applications including Salesforce, Microsoft 365, Google Workspace, ServiceNow, GitHub, Workday, Box, Okta, and Slack. It ingests activity logs and API events from each platform to build behavioral models and detect threats across the full SaaS estate in a unified interface. ### How does Obsidian help with SaaS incident response? When a security incident is detected in a SaaS application, Obsidian provides a detailed activity timeline showing every action the affected account performed across all monitored applications during the incident window. This forensic trail helps security analysts understand the scope of an attack — what data was accessed, exported, or modified — and provides evidence for breach notifications and regulatory reporting. ### How does Obsidian Security detect threats in SaaS applications? Obsidian Security ingests user activity logs from enterprise SaaS applications including Salesforce, Microsoft 365, Google Workspace, and others, then applies behavioral analytics to detect anomalous patterns that indicate compromise or insider threat. Rather than relying on rule-based detection, Obsidian establishes behavioral baselines for each user and flags deviations consistent with account takeover or malicious insider activity. ### What identity-related risks does Obsidian Security monitor? Obsidian monitors identity risks including over-privileged users, dormant accounts with elevated permissions, service accounts with excessive access, and MFA gaps across enterprise SaaS applications. By continuously auditing the identity landscape in SaaS environments, Obsidian helps security teams reduce attack surface before incidents occur. ### Does Obsidian Security help with SaaS incident investigation? Yes. When a threat is detected, Obsidian provides investigators with a full activity timeline for the affected user across all connected SaaS applications. This cross-application visibility is critical because sophisticated attackers pivot between SaaS tools — using email to gain credentials, then accessing file storage and CRM systems — and investigating each application in isolation misses the full scope of compromise. ### How does Obsidian Security integrate with existing security operations workflows? Obsidian integrates with SIEM platforms, SOAR tools, and ticketing systems so that SaaS threat detections flow into existing SOC workflows. Alerts can trigger automated response playbooks through SOAR integration, and investigation data is available via API for enriching alerts in the SIEM with SaaS activity context. ### What compliance evidence does Obsidian Security provide? Obsidian generates reports on user access and privilege configurations across connected SaaS applications that can be used as compliance evidence for SOC 2, ISO 27001, and other frameworks that require access control monitoring. The ability to demonstrate continuous monitoring of SaaS access rather than point-in-time access reviews is increasingly important for compliance programs. ## Tags security, cybersecurity, saas, b2b, enterprise, platform, ai-powered, analytics, scaleup --- *Data from geo.sig.ai Brand Intelligence Database. Updated 2026-04-14.*