Determine the Risks Posed by a Third-Party Plugin

For a SaaS application that hosts third-party plugins, navigate to view its third-party plugins.
On the
Connected Applications
Connected Applications
tab, view the list of third-party plugins that one or more users added to the SaaS app.

The table on this page lists the plugin applications that were connected to the SaaS app. The table displays information for each plugin, such as its severity (based on the scopes that were granted to the plugin), whether the plugin was installed for the organization or for individual users, and whether the plugin is a public or private application. The information that SSPM can display in the table depends on the SaaS platform that is hosting the plugin.
The Status column of the table identifies which plugins were Not Reviewed. Assess these plugins to determine if they are a risk to your environment.
To filter the table to show only certain applications, click any of the application counts displayed in the upper section of the page, such as the application severity or review status counts. In the table, you can also
Add Filter
to filter the table by attributes such as the application severity, review status, or accessed scopes.
Click the table's download icon to export the table information to a CSV file. The file will contain all the applications unless you applied a filter to the table.
In the Applications column, click the name of the third-party plugin that you want to review.

Examine the details of the third-party plugin.
View the plugin's Scopes to determine if the access permissions that were granted to the plugin are greater than you want to allow.
View the plugin Users to identify the users who installed the plugin.
Take action on the third-party plugin.
From the Actions column, you can specify that the plugin was
Reviewed
, or you can
Revoke Access
to the plugin. From the
Users
tab, you can also
Revoke Access
for individual users (if SSPM supports the
Revoke Access
action for the particular SaaS platform).