Software as a Service is used to provide a specific application to a customer. This includes Office 365, Gmail, and Salesforce.

Data is the goal of SaaS testing. Generally this is user login information. We cannot launch exploits on the underlying infrastructure, this would be OOS.