Supported SaaS Applications

SaaS applications are cloud apps where the software and infrastructure are owned and managed by the application service provider but where you retain full control of the data, including who can create, access, share, and transfer information stored in the hosted application. Although most SaaS applications allow you to configure rules about how data can be shared, the way data is exposed and the rules for controlling this sharing of data vary from application to application, which makes it difficult to ensure consistent security policy across all applications, assets, and users. The Aperture service provides centralized policy and enforcement for your SaaS applications so that you can ensure that all your corporate data is protected at all times. The service scans content to detect data exfiltration and malware propagation, monitors user activity, and provides activity-based alerting to notify you of malicious or risky behavior. This visibility allows you to assess incidents, quarantine users and data, and remediate any violations to protect against threats caused by malware, inadvertent sharing, excessive permissions, and data exposure.
The following table lists the SaaS applications that the Aperture service supports and briefly describes what type of content is scanned for each application and what actions are available to secure your business-critical data in each one.
SaaS Applications
Description
Amazon S3
(Requires Evident Storage license)
On Simple Storage Service(S3), the Aperture service scans files in S3 buckets.
The Aperture service provides activity monitoring, activity-based alerting, and remediation.
Amazon Web Services
(Requires Evident Storage license)
On the Amazon Web Services (AWS) console, you can check for security group settings that allow access to your AWS resources from outside and for services that can exit from your AWS VPC. It also checks for password complexity and allows you to identify users who can login to the AWS account without multi-factor authentication (MFA).
The Aperture service provides activity monitoring, and activity-based alerting for the AWS console.
Box
On Box, the cloud-based file-sharing and collaboration application, you can scan data in files and folders.
The Aperture service provides activity monitoring, activity-based alerting, remediation.
Versions supported are Business, Business Plus, Enterprise.
Begin Scanning a Box App.
Cisco Webex Teams
On Webex Teams, the cloud-based teamwork application that supports file sharing and secure messaging, you can scan data in files and messages.
The Aperture service provides activity monitoring, activity-based alerting, remediation.
Versions supported are Starter, Plus, Business, and Enterprise.
If you are using the Standard service plan for Cisco Webex Teams, consider upgrading to the Pro Pack service plan before you add the app to the Aperture service. The Pro Pack plan provides visibility in to events such as messages and files posted on the app, and users who were added to spaces, that occurred more than 90 days ago.
Begin Scanning a Cisco Webex Teams App.
Confluence
On Confluence, the centralized platform for knowledge sharing, document management, project planning, you can scan pages and attachments.
The Aperture service provides activity monitoring, activity-based alerting, remediation.
Version supported is Confluence Cloud
Begin Scanning a Confluence App
Dropbox
On DropBox, a personal cloud storage service used for file sharing and collaboration, you can scan files and folders.
The Aperture service provides activity monitoring, activity-based alerting, remediation.
Versions supported are Business Standard, Advanced, Enterprise.
Begin Scanning Dropbox, GitHub, or Yammer
GitHub
You can scan all files (source code and intellectual property) stored on this collaborative web-based service.
Versions supported are Business Cloud.
Begin Scanning Dropbox, GitHub, or Yammer
Gmail
On the Business and Enterprise versions of the email service from Google, you can scan email content and attachments and identify if users have configured email forwarding rules in their inbox.
The Aperture service provides activity monitoring, and activity-based alerting. Begin Scanning a Gmail App
Google
On the Business and Enterprise versions of Google Drive, the cloud-storage and file backup application, you can scan files and folders. The Aperture service provides activity monitoring, activity-based alerting, and remediation. Begin Scanning a Google Drive App
G Suite Marketplace
On the Business and Enterprise versions of G-Suite Marketplace you can scan 3rd party apps.
The Aperture service provides remediation.
Google Cloud Storage
(Requires Evident Storage license)
On the Business and Enterprise versions of Google Cloud Storage, you can scan projects, buckets, and files.
The Aperture service provides activity monitoring, activity-based alerting, remediation.
Begin Scanning a Google Cloud Storage App
Jive
On the Cloud version of Jive, the commercial collaboration and knowledge management tool, you can scan questions, discussions, documents, blogs, files and comments.
The Aperture service provides activity monitoring, activity-based alerting.
Add a Jive App.
Microsoft Azure Storage
(Requires Evident Storage license)
On the Business and Enterprise versions of Microsoft Azure Storage, you can scan storage accounts, containers, and files.
The Aperture service provides activity monitoring, activity-based alerting, remediation.
Office 365
You can scan files and folders on all versions of OneDrive for Business and SharePoint Online applications, except Home and Firstline Workforce. The Aperture service provides activity monitoring, activity-based alerting, remediation for both these applications as soon as you Begin Scanning Microsoft Office 365 Apps.
Microsoft Exchange
On all versions of Microsoft Exchange, except Home and Firstline Workforce, you can scan email content and attachments. The Aperture service also allows you to identify users who have configured email retention policies other than what has been configured by the corporate administrator, and if users have configured email forwarding rules in their inbox.
The Aperture service provides activity monitoring, and activity-based alerting. Begin Scanning a Microsoft Exchange App.
Yammer
The Aperture service can scan messages and attachments on this collaboration tool that is included with Office 365. There is no support for monitoring, alerting, or remediation on Yammer.
Begin Scanning Dropbox, GitHub, or Yammer
Salesforce
On the Standard, Premier and Sandbox versions of Salesforce customer relationship management (CRM) service, you can scan files attached to Chatter, Chatter body.
The Aperture service supports activity monitoring, activity-based alerting, remediation. Begin Scanning a Salesforce App.
Secure Data Space (SDS)
On the Enterprise version of SDS’ file synchronization and share application, the Aperture service can scan containers including files and folders, and it supports activity monitoring, activity-based alerting, remediation. Begin Scanning a Secure Data Space App.
ServiceNow
On all versions of ServiceNow, the Aperture service enables you to scan tables and attachments, and the service supports activity monitoring, activity-based alerting.
Sharefile
On the Team, Business and Virtual Data Room versions of Citrix Systems’ ShareFile, a file synchronization and storage service, you can scan files and folders.
The Aperture service supports activity monitoring, activity-based alerting, remediation on ShareFile.
Begin Scanning Citrix ShareFile Apps
Slack for Enterprise
On the Enterprise version of the cloud-based team collaboration tool, you can scan messages and attachments. Begin Scanning a Slack for Enterprise App. The Aperture service supports remediation on Slack.
Workplace by Facebook
On Workplace, the collaborative enterprise platform run by Facebook, you can scan posts, comments, and files. Begin Scanning a Workplace by Facebook App.
The Aperture service does not support for monitoring, alerting or remediation on Workplace by Facebook.

Related Documentation