SaaS Security


SaaS Security is an integrated CASB (Cloud Access Security Broker) solution that helps Security teams like yours meet the challenges of protecting the growing availability of sanctioned and unsanctioned SaaS applications and maintaining compliance consistently in the cloud while stopping threats to sensitive information, users, and resources. SaaS Security options include SaaS Security API (Data Security in the Cloud Management Console), SaaS Security Inline (Discovered Apps in the Cloud Management Console), and SaaS Security Posture Management (SSPM).

Use SaaS Security Inline to discover and manage risks posed by unsanctioned SaaS apps while you rely on SaaS Security API to scan assets in the cloud space for at-rest detection, inspection, and remediation across all user, folder, and file activity within sanctioned SaaS applications. SaaS Security Posture Management (SSPM) helps detect and remediate misconfigured security settings in sanctioned SaaS applications through continuous monitoring. 

With all three SaaS Security components, you have an integrated CASB that offers better security outcomes without the complexity of third-party integrations and the overhead and cost of managing the large number of vendors that exist with legacy CASBs.

Review the SaaS Security privacy datasheet for details on the privacy of the data you store in SaaS applications and how SaaS Security handles that data.

What's New

Month Feature Description
January 2024 Allowed List of IP Addresses For a smooth app onboarding experience, an updated region-specific IP address list is now available. Add these IP addresses to the allowed list in your firewalls.

Onboarding Validations

You can now check onboarding status that validates if the connector has onboarded successfully. Validations have been launched for the following connectors:

  • Box
  • GitHub V2
  • Microsoft Exchange
  • Zoom



Improvements to tenant-level policy rule recommendations When you create policy rule recommendations at the tenant level, several improvements are now available, including increased tenant selection for applying policy rule recommendations and the addition of the Allow action for specific apps.

Tenant-level visibility and control for Salesforce Sales Cloud For Salesforce Sales Cloud applications, you can now detect the specific application tenants that are being accessed by users and submit policy rule recommendations at the tenant level. 

Support for Custom Admin Roles in Data Security

You can now create Custom Admin Roles for Data Security in the Strata Cloud Manager.



Autotagging recommendations for Sanctioned apps To help you identify discovered apps that you should tag as Sanctioned, SaaS Security Inline now provides tagging recommendations. Using information from the Cloud Identity Engine, SaaS Security Inline determines if a detected app is an enterprise application accessible through your identity provider.

New security and privacy attributes When you are viewing an application's attribute values in the Application Detail view in SaaS Security Inline, new security and privacy attributes are available.

Tenant-level visibility and control for Aha! (Aha.io) For Aha! (Aha.io) applications, you can now detect the specific application tenants that are being accessed by users and submit policy rule recommendations at the tenant level. 

Improved application searching in SaaS Security Inline

The search function in SaaS Security Inline has been improved to yield better results when searching for applications.


November 2023

Scan support for Workday App (Beta)

You can connect a Workday instance to Data Security to gain visibility into Workday User Activities. 



Interconnected SaaS: Third-party plugin detection in SSPM SSPM gives you visibility into the third-party plugins that are being used in your organization. You can then take action by approving the plugin or by revoking user access to it.

Tenant-level visibility and control for Azure OpenAI For Azure OpenAI applications, you can now detect the specific application tenants that are being accessed by users and submit policy rule recommendations at the tenant level.

Onboarding Validations You can now check onboarding status that validates if the connector has onboarded successfully. Validations have been launched for the Slack Enterprise V2 connector


For features added in earlier releases, see the SaaS Security Release Notes.

Documentation

SaaS Security Release Notes

SaaS Security Administrator's Guide

Recommended Topics

Data Patterns


Learn about the types of data patterns available on SaaS Security API—predefined, custom, and file property.

Identify Risky SaaS Applications and Users


Learn how to identify and remediate risky apps on SaaS Security Inline.

Generate the SaaS Security Inline Report


Learn how to generate the SaaS Security Inline Report to share with your SaaS security team and executive management team.

Videos

Lightboard Series: Protect SaaS Applications with Next-Gen Security

This Lightboard video provides an overview of the key SaaS security requirements, including specific examples that showcase how our next-generation security platform provides complete SaaS control, based on users, content, and applications.

Lightboard Series - Securing Office 365

This Lightboard video is an overview on how to implement and secure Office 365.

Related Content

Enterprise DLP

Prisma Access

Book Image

Try the Podcast Series