Learn about the tools available on Data Security to help you remediate
policy violations.
Where Can I Use This?
What Do I Need?
NGFW (Managed by Strata Cloud Manager)
Prisma Access (Managed by Strata Cloud Manager)
Data Security license
Or any of the following licenses that include the Data Security license:
CASB-X
CASB-PA
Palo Alto Networks® Data Security provides detailed information about
the issues it detects as it scans the assets in your managed SaaS
applications. You can use these details to guide you when you decide whether
the incidents or issues found pose real threats to your sensitive data and
intellectual property, and to assess your security controls and practices so
that you can decide how to eliminate the issues you determine are risks.
Remediation Approaches
After you perform an initial assessment, you’ll have the perspective you need to
determine the best remediation approach for your organization based on your
organization’s risk tolerance, volume of incidents identified, and your SOC
team’s resources. You can choose automatic
remediation, manual
remediation, or a hybrid of both approaches. Some organizations
prefer full or partial manual remediation for a hands-on approach while
others depend heavily on an automated approach with some manual remediation
or somewhere in between.
automatic remediation—Large number of assets.
manual remediation—Small number of assets.
View Remediation Activity Logs
You can proactively monitor incident remediation logs to track activity on Data Security. These logs enable you to:
Audit the progress of automatic remediation.
Track how incidents were addressed.
The logs include actions taken automatically by Data Security and
actions taken by asset owners and administrators.
View the remediation activity logs, select Data SecurityLogsRemediation Activity LogsView Logs.
Filter the list and narrow the results to meet your audit needs.
Facet
Filter by
Search
Part of filename or user name.
Duration
Time frame when the remediation activity
occurred.
Action
Remediation action taken on the asset.
Actor
Asset owners and Administrator (or service)
that performed the action. To view all activity by
an administrator, browse the admin activity
log.
Choose SaaS Security to
view remediation activity that was done
automatically as part of a policy rule.
