First Drift, Now GAInsight: Closing The Gaps In SaaS Hygiene
Okta, Wednesday, November 26th, 2025
From late 2023, Okta mandated a short list of security controls for all critical software-as-a-service (SaaS) providers used to support our operations.
These controls proved essential in insulating Okta and our customers from the compromise of Salesloft Drift in August 2025, and have since insulated Okta and our customers from the more recent compromise of customer success management software provider, Gainsight.
I have written this blog post to both reassure customers about the security of their interactions with Okta, but also to guide all CISOs on the work that needs to be done to limit the blast radius of future SaaS supply chain attacks.