In 2025, attackers aren’t breaking in through zero-days — they’re logging in. Identity has become the primary attack surface, and once access is gained, everything else happens fast.

Today, we’re joined by Chip Buck, CTO of SaaS Alerts — someone who lives at the front lines of identity-based attacks across SaaS platforms every single day. Chip sees how session theft, OAuth abuse, and legitimate-looking logins turn into real business damage for MSPs and their clients.

This isn’t a theoretical discussion. We’re here to talk about what identity attacks actually look like in the wild, what MSPs are missing, and how to detect and respond before access turns into impact.