: Remediate SaaS App Misconfigurations
Focus
Focus

Remediate SaaS App Misconfigurations

Table of Contents

Remediate SaaS App Misconfigurations

Take action in SSPM to remediate SaaS app misconfigurations.
After you browse the posture security alerts on the Dashboard and investigate the misconfigurations that SaaS Security Posture Management (SSPM) detected, you can take action, depending on the remediation options available for that risk.
  • Remediate by initiating the built-in best practice action available.
  • Manually remediate by changing the configuration on the SaaS app directly.
  • Waive the best practice suggestion for this security setting.
  1. Navigate to SaaS Security Posture Management.
  2. Remediate the risk that the incident poses to your organization.
  3. From the
    Failed
    policy violation, take one of the following actions based on the
    Remediation Type
    :
    • System-led Remediation
      —From the policy violation, click the
      Setting Name
      , then:
      • Remediate—Select the row and
        Remediate
        .
        Status
        changes from
        Misconfigured
        to
        Resolved
        . Optionally, select the lock icon, then toggle
        Drift Prevention
        if you do not want other administrators to change the setting value—to prevent configuration drift.
      • Waive—Select the eye icon to waive the best practice suggestion for this security setting.
        Status
        changes from
        Misconfigured
        to
        Ignored
        .
        If all settings are either
        Resolved
        or
        Ignored
        , that policy is marked as
        Passed
        .
    • Manual Remediation
      —Select
      Setting Name
      , then review the remediation explanation provided and follow the related link to modify the setting value on the SaaS app vendor’s website. Click
      Confirm Change
      to indicate that you resolved the issue.
      Status
      changes from
      Misconfigured
      to
      Pending
      . If, after the lapse time for the scan interval (15 minutes), SaaS Security Posture Management detects that the misconfiguration no longer exists, the status changes to
      Resolved
      . Otherwise, the status reverts to
      Misconfigured
      .

Recommended For You