CloudLock used the CARI to categorize the 222,000 applications it had identified across the 900 organizations in its sample. Of those total applications, 27 percent were deemed to be high risk, while the majority fell into the medium-risk category. (See Figure 6.) Half of those organizations had OAuth connections related to a popular gaming application that was released in the summer of 2016.

Through our analysis, we have found that all organizations, regardless of their size, industry, or region, have a relatively even distribution of low-, medium-, and high-risk applications (Figures 7 and 8).

High