Enterprise adoption of SaaS applications is increasing, leading to a growing repository of critical data. The session will explore the challenges of threat detection in SaaS environments, including shared responsibility models and limited visibility into application internals. Attendees will learn to craft threat detections that go beyond login attempts and focus on identifying malicious behavior.