LastPass Launches SaaS Protect to Combat Shadow IT & AI Threats
▼ Summary
– LastPass SaaS Protect enhances SaaS Monitoring by enabling proactive access control with policy enforcements for organizations.
– Key business benefits include real-time SaaS governance, audit-ready compliance reporting, and cost optimization by identifying redundant apps.
– Small and mid-sized businesses face high risks due to SaaS sprawl, with 275 average apps used but only 26% overseen by IT teams.
– SaaS Protect, launching in beta for LastPass Business customers, helps manage shadow IT risks without disrupting workflow via browser extensions.
– LastPass’s Secure Access Experiences framework combines visibility, credential hygiene, and access control for streamlined security management.
LastPass has introduced SaaS Protect, a powerful new solution designed to help businesses tackle the growing challenges of shadow IT and AI-related security threats. This enhancement builds upon the company’s existing SaaS Monitoring features, shifting organizations from passive observation to active control over application access.
Key advantages of SaaS Protect include real-time governance for SaaS applications, allowing companies to block unauthorized or high-risk tools while guiding employees with customized alerts. The platform also simplifies compliance by generating detailed reports aligned with SOC 2 and other regulatory standards. Additionally, businesses can optimize software spending by identifying redundant subscriptions and underused licenses.
Currently in beta, SaaS Protect is available to LastPass Business and Business Max customers at no extra cost with the Business Max plan, with full rollout anticipated later this year.
The Rising Threat of SaaS Sprawl
Research from Zylo reveals that small and mid-sized businesses now rely on an average of 275 SaaS applications, yet IT departments manage only a quarter of that spending. The rest comes from individual teams and employees, often without oversight. Worse, studies suggest organizations may be using up to 10 times more apps than they realize, thanks to shadow IT and unauthorized AI tools.
This unchecked expansion creates security gaps that many businesses struggle to monitor. With 78% of employees reusing passwords across accounts, unmanaged apps become weak points, exposing sensitive data and increasing compliance risks. Without visibility into these tools, IT teams can’t secure them, leaving companies vulnerable to breaches and operational inefficiencies.
Don MacLennan, Chief Product Officer at LastPass, explains: “SMBs are dealing with a dangerous mix of unknown risks hiding in unapproved apps and AI services. SaaS Protect cuts through that chaos, giving businesses the control they need without extra IT burden.”
From Insight to Action
LastPass initially rolled out SaaS Monitoring in 2025, providing businesses with a clear view of app usage and password health. However, awareness alone isn’t enough, especially with projections showing that 75% of employees will use unauthorized software by 2027.
SaaS Protect takes the next step, letting companies enforce policies, detect risky behavior, and decide which apps to block or phase out, all without disrupting workflows. The tool works seamlessly through browser extensions, feeding real-time data and policy results directly to administrators.
A Unified Approach to Security
Part of LastPass’s broader Secure Access Experiences strategy, SaaS Protect combines visibility, credential protection, and access management into a single streamlined system. It’s tailored for businesses that need agility without sacrificing security, ensuring policies, not just passwords, drive access decisions.
For companies overwhelmed by SaaS sprawl and shadow IT risks, this solution offers a practical way to regain control while keeping operations running smoothly.
(Source: HelpNet Security)
