SaaS (Security as-if adding Salt) haha Security is like salt. You need to add it at the right time, add just the right amount, and keep in mind the health/dietary needs. One can’t really learn the art-of-salt, unless one cooks, and eats what they cooked! So here you go! My view of learning Security as-if learning the art of salting. What does this paradigm mean to say learning a SaaS Cloud Platform? Well, it means, go ahead, get say a trail Office 365 subscription *, set up the default, then start securing it, or as security people say, harden it. It escapes me as to why it is still called hardening, feels like it is neither Agile or DevSecopsy**, so let's say hardening is like a callus that a pro-player develops. Anyways, unless one sets up a user, one will not experience the skipped/skimped password settings, and next unless one assigns a role** one will not experience membership management issues. So, go ahead create a fe...