Hi all...first time poster. Could not find a relevant topic area hence "Miscellaneous" (but please redirect me if this should go elsewhere)...My organization has started to significantly increase the use of RMAD/MADP/LCNC platforms to create cloud-to-cloud transactions which, in most cases, are merely data transfer but in some cases are legitimate cross cloud changes. I am starting to wonder if and when the XSS attacks most often attributed to API disruptions will come around to focus on this new type of semi-transparent data transaction. The off the shelf CASB solution can not see, and therefore cannot report on, the conversation between the apps involved in an RMAD transaction. Beyond change control and a hefty dose of CYA, does anyone have any recommendations or has anyone started to consider how to be somewhat more omniscient in what actually occurs during these transactions?