# Valence Security **Source:** https://geo.sig.ai/brands/valence-security **Vertical:** Cloud Security, CNAPP & Identity Security **Subcategory:** SaaS Security **Tier:** Emerging **Website:** valencesecurity.com **Last Updated:** 2026-04-14 ## Summary SaaS security platform managing risks from SaaS-to-SaaS integrations, OAuth grants, and collaboration tool sprawl. Tel Aviv Israel; raised $25M+; Valence discovers and remediates risky third-party app connections across Google Workspace, Microsoft 365, and Slack environments. ## Company Overview Valence Security is a SaaS security company founded in 2021 and headquartered in Tel Aviv, Israel. The company identified a growing but underaddressed attack surface: the web of integrations, OAuth grants, and third-party app connections that accumulate as organizations adopt dozens of SaaS applications. Each integration creates a trust relationship that can be exploited if the third-party application is compromised, if a token is leaked, or if permissions are granted far beyond what the use case requires. Valence was built to give security teams full visibility and governance over this SaaS integration mesh.\n\nValence raised $25 million in a Series A round led by Microsoft's M12 venture fund, with participation from YL Ventures and Porsche Ventures. The platform connects to the organization's core SaaS applications — including Microsoft 365, Google Workspace, Salesforce, GitHub, Slack, and Zoom — and discovers all OAuth applications connected to them, the permissions granted, the users who authorized them, and whether the connected applications have known security issues. Security teams can review, revoke, and enforce policies on third-party app access without disrupting end users.\n\nValence's collaboration security capabilities extend beyond OAuth to cover sharing configurations — identifying when sensitive documents, files, or data are shared externally or with overly broad permissions in collaboration tools. The platform also monitors for SaaS misconfigurations and tenant-level security settings that deviate from security baselines. Its remediation workflows allow security teams to alert the responsible users, request justification for sensitive access, or automatically revoke connections that violate policy. ## Frequently Asked Questions ### What is the SaaS integration security problem Valence addresses? Organizations using many SaaS applications accumulate hundreds of OAuth integrations and third-party app connections over time, many authorized by individual employees without security oversight. Each integration grants access to sensitive data and can be exploited if the third-party vendor is compromised. Valence discovers and governs this entire web of integrations, flagging excessive permissions and enabling security teams to revoke risky connections. ### Which SaaS applications does Valence Security support? Valence integrates with the major enterprise SaaS platforms including Microsoft 365, Google Workspace, Salesforce, GitHub, Slack, Zoom, Box, Dropbox, and others. It maps all third-party OAuth applications connected to these platforms and assesses their security posture, including the permissions they hold and whether they have known vulnerabilities or compliance issues. ### How does Valence handle remediation without disrupting users? Valence allows security teams to configure graduated remediation workflows — first alerting the user who authorized an integration to review and justify it, then escalating to a security engineer if no response is received, and finally automatically revoking the access if it violates policy or remains unjustified. This human-in-the-loop approach minimizes disruption while still enforcing governance. ### What SaaS security risks does Valence Security address? Valence Security focuses on risks from SaaS-to-SaaS integrations, OAuth application grants, and collaboration tool sprawl. Modern enterprises have hundreds of third-party applications connected to core SaaS platforms like Microsoft 365 and Google Workspace via OAuth, creating data access risks that are largely invisible to IT and security teams without dedicated tooling. ### How does Valence discover and assess SaaS-to-SaaS integration risks? Valence connects to enterprise SaaS platforms and discovers all third-party OAuth applications that have been granted access by users. Each integration is assessed for the data it can access, the permissions it holds, and risk factors like whether the vendor has been involved in a security incident. This gives security teams a risk-prioritized inventory of SaaS integrations to review and govern. ### Can Valence Security remediate risky SaaS integrations automatically? Valence supports both manual and automated remediation workflows. Security teams can configure policies that automatically revoke high-risk OAuth connections meeting certain criteria, or route others through an approval workflow where application owners review and decide whether to retain or remove an integration. Automated remediation helps scale SaaS security governance without manual review of every integration. ### What collaboration security risks does Valence address in tools like Slack and Teams? Valence monitors Microsoft Teams, Slack, and Google Workspace for risky sharing configurations such as externally shared files, public channels with sensitive content, and guest users with broader access than intended. As collaboration tool data sharing has expanded, organizations need visibility into what data is accessible to external parties through these platforms. ### How does Valence Security fit into a broader SaaS security program? Valence is typically used alongside SSPM tools that focus on application security configurations. While SSPM checks how individual apps are configured, Valence focuses on the connections and integrations between SaaS applications — a distinct attack surface that requires different discovery and governance approaches. Together, they provide more comprehensive SaaS security coverage. ## Tags security, cybersecurity, saas, b2b, platform, cloud-native, enterprise, startup --- *Data from geo.sig.ai Brand Intelligence Database. Updated 2026-04-14.*