Business Productivity

Optimizing license usage with AWS AppFabric

In today’s fast-paced digital landscape, companies rely on multiple software-as-a-service (SaaS) applications to streamline their operations and support productivity. While the convenience and flexibility of these applications are undeniable, managing licenses effectively has become a complex challenge for many IT and security teams as the rate of SaaS adoption increases. Handling multiple log file types, provisioning licenses, and meeting security and compliance requirements are just a few hurdles that compound with each new SaaS application that an organization onboards. AWS AppFabric emerges as a solution that can help security teams address these challenges. AppFabric is a fully managed service that quickly integrates with SaaS applications to increase observability and enables security teams to monitor license usage across their ingested SaaS applications.

In this blog post, I discuss how underutilized SaaS applications can raise costs and present security risks within your organization. I also share how to address this and other SaaS application adoption challenges using AppFabric.

Underutilized SaaS applications raise costs and present a security risk

On average, organizations deploy over 100 SaaS applications throughout the business. However, one-third of these applications are underutilized due to overestimation of license requirements, evolving business needs, and lower than anticipated adoption. Some companies quickly acquire accounts in SaaS applications, but are slow to release accounts when usage declines. This stems from a lack of visibility into usage patterns and leads to unused licenses and unnecessary costs.

There is an inherent security risk with unused accounts in SaaS applications. They can be compromised and go undetected for an extended period, resulting in intellectual property loss, compliance violations, privacy intrusions, and damage to an organization’s reputation.

Address SaaS application adoption challenges with AppFabric

Varied schemas used by multiple vendors adds to the complexity of managing applications within an organization. AppFabric eases this burden by leveraging the Open Cybersecurity Schema Framework (OCSF), a collaborative, open-source effort to provide a standard schema for common security events. AppFabric normalizes and enriches data from multiple SaaS applications, providing organizations with the advantage of a standardized schema for their application audit logs. This normalization process simplifies the varied source data into a consistent format, making it easier to analyze.

In addition to normalizing audit logs into a standard schema, AppFabric integrates with a variety of security tools and services. These integrations include Amazon QuickSight, Amazon Security Lake,, Barracuda XDR, Dynatrace, Netskope, NetWitness, Rapid7, Singularity Cloud, and Splunk. This broad range of integrations empowers teams to choose the security tools that align with their specific needs and preferences.

Analyze SaaS application usage with AppFabric data

One way organizations can analyze their SaaS application usage is with a solution composed of AppFabric, Amazon Athena, and Amazon QuickSight. With this solution, organizations can optimize their SaaS application licenses by observing activity, detecting inactive users, and visualizing usage trends over time. Figure 1 shows the architecture of a SaaS application activity monitoring solution built on AWS.

Figure 1 Example architecture for a SaaS application activity dashboard

The QuickSight dashboard in Figure 2 shows example visualizations using data from AppFabric. The dashboard indicates which applications had increased and decreased usage for the last month, which users haven’t used any SaaS application in the last 30 and 60 days, as well as overall monthly and quarterly activity trends. Visualizations like these help organizations provision the appropriate number of licenses for the SaaS applications in their portfolio.

Figure 2 Example SaaS application activity analysis


In this blog, I shared how data from AppFabric is used to monitor SaaS application activity and identify areas to optimize SaaS application licenses. AppFabric enables organizations to gain deeper insights into SaaS application usage without the overhead of managing custom integrations. Analyzing the data in tools like Amazon QuickSight, allows IT and security teams to visualize the activity in their SaaS applications and make timely decisions on license requirements. By understanding usage patterns and taking proactive measures to optimize license expenditures, companies can manage their SaaS environments with efficiency, security, and adaptability. Visit the AppFabric console to connect your SaaS applications and begin ingesting data. Or visit AppFabric resources to learn more.

Brett Pointer

Brett Pointer

Brett, a Solutions Architect at Amazon Web Services, collaborates with SLG & EDU customers in the US to provide virtual desktops and applications, supporting their BYOD initiatives.

Bobby Williams

Bobby Williams

Bobby is a Senior Solutions Architect at AWS. He has decades of experience designing, building, and supporting enterprise software solutions that scale globally. He works on solutions across industry verticals and horizontals and is driven to create a delightful experience for every customer.