Security Controls Incident Details
The Aperture service scans and analyzes email assets, settings, and user behavior and applies Security Control policies to identify exposures, risky user behavior, and sensitive documents. The service also performs deep content inspection for known and unknown malware, data exposure, and data exfiltration. When the Aperture service determines that a security control is an incident, it creates a incident detail view that you use to Assess Incidents in your managed SaaS applications. These details can include some or all of the following information:
Displays which security control rule or rules that were violated and the number of violations, the date the Aperture service discovered the incident, the scanned Cloud app, and identifies the email sender, key owner, or folder owner.
For assets that match the WildFire Analysis rule, you can Use the WildFire Report to Track Down Threats.
Links to the SaaS app and displays the settings available to configure, such as key rotation, password policy, and email auto-forward rules.
Displays notes that other Aperture administrators added for that asset to help you understand the incident and provides options to add notes, categorize the incidents, and Assign Incidents to Another Administrator.
Assess Incidents When you first add a new SaaS application, the Aperture service goes through a discovery phase where it compares the enabled data patterns ...
What is an Incident?
What is an Incident? An incident is a record you can use to track a policy violation in a managed SaaS application. The Aperture service ...
Remediate Issues The Palo Alto Networks® Aperture™ service provides detailed information about the incidents it detects as it scans assets in your managed SaaS applications. ...
Close Incidents When you Assess Incidents , you might sometimes find that neither the content of an asset nor the way it is shared pose ...
Manage Aperture Policy
Manage Aperture Policy Policy in Aperture™ is simple and aims to create an awareness of user actions and minimize the risks associated with the use ...
New Features Introduced in June 2018
New Features Introduced in June 2018 The following table provides a snapshot of new features introduced for Aperture™ in June 2018. Refer to the Aperture ...
Assign Incidents to Another Administrator
Assign Incidents to Another Administrator Sometimes you don’t have the proper context around the content or the Collaborators to properly Assess Incidents . In this ...
Aperture service focuses on Content Security, User Activity Monitoring, Security Configuration Controls and Third-Party App Integrations. ...
New Features Introduced in November 2017
New Features Introduced in November 2017 The following table provides a snapshot of new features introduced for Aperture™ in November 2017. Refer to the Aperture ...