New Features Introduced in December 2024
Table of Contents
Expand all | Collapse all
-
- New Features Introduced in December 2024
- New Features Introduced in November 2024
- New Features Introduced in October 2024
- New Features Introduced in August 2024
- New Features Introduced in July 2024
- New Features Introduced in June 2024
- New Features Introduced in May 2024
- New Features Introduced in April 2024
- New Features Introduced in March 2024
- New Features Introduced in January 2024
-
- New Features Introduced in November 2023
- New Features Introduced in October 2023
- New Features Introduced in September 2023
- New Features Introduced in August 2023
- New Features Introduced in July 2023
- New Features Introduced in June 2023
- New Features Introduced in May 2023
- New Features Introduced in April 2023
- New Features Introduced in March 2023
- New Features Introduced in January 2023
-
- New Features Introduced in December 2021
- New Features Introduced in October 2021
- New Features Introduced in September 2021
- New Features Introduced in August 2021
- New Features Introduced in July 2021
- New Features Introduced in June 2021
- New Features Introduced in May 2021
- New Features Introduced in March 2021
- New Features Introduced in January 2021
New Features Introduced in December 2024
Learn about the new features that became available in SaaS Security starting December
2024.
The following new features were introduced for SaaS Security in December 2024. Refer to
the Administrator’s Guide for more information on
how to use Data Security, SaaS Security Inline, SaaS Security Posture
Management (SSPM), and Behavior Threats.
View Office 365 Account Risks
SaaS Security Posture Management (SSPM) includes an Identity Security component to help you
identify risks in your identity posture. Now, the Identity Security component gives
you visibility into Office 365 account risks for human and non-human accounts.
Human accounts are accounts that are associated with an individual
who accesses Office 365 through a web interface with ID and password credentials.
Nonhuman accounts are typically services that authenticate to an
Office 365 API by using a token or an API key.
By connecting to your Office 365 instance, the Identity Security component helps you
identify the following account risks so you can take action:
- Human accounts that have not been accessed for a specified period.
- Accounts that have not had their credentials rotated for a specified period.
- Human accounts that have excessive permissions.
- Guest accounts, which can represent a risk if their access is not properly restricted.
By connecting to your identity provider, the Identity Security component also helps
you identity local Office 365 accounts, which are accounts that were not created
through your identity provider.
Global View of Third-Party Plugins with GenAI Plugin Detection
SaaS Security Posture Management (SSPM) now gives you greater visibility and control
over the third-party plugins that are connected to marketplace apps, such as Google
Workspace and Salesforce. By navigating to the new 3rd Party Plugins page in SSPM (Posture Security 3rd Party Plugins) you can now examine all third-party plugins from this one location.
The 3rd Party Plugins page displays information for the following marketplace
apps:
- Atlassian (includes Jira and Confluence)
- Azure
- Google Workspace
- Salesforce
- ServiceNow
- Slack Enterprise
- Zoom
The 3rd Party Plugins page displays a variety of details about the third-party
plugins. You can view each plugin's severity, which is based on the access scopes
that users granted to the plugin, and a risk score. The risk score is between 1 (low
risk) and 5 (high risk) and is calculated from over 55 application attributes
including compliance attributes, security and privacy attributes, and identity
access management attributes. By examining a plugin's severity and risk score, you
can quickly identify the riskiest plugins. For each plugin, you can navigate to more
details, such as the exact scopes that it can access. Depending on the marketplace
app, you can view the users who have installed the plugin.
Because the recent and rapid proliferation of generative artificial intelligence
(GenAI) apps has introduced new vulnerabilities for data leakage or deliberate
attacks, the 3rd Party Plugins page also highlights GenAI apps. You can view the
total number of GenAI plugins that were accessed, and apply a built-in filter to
show the GenAI plugins that have not been reviewed. For GenAI apps, the risk score
calculation also considers attributes unique to GenAI apps and gives extra weight to
these attributes.
Based on plugin information on the 3rd Party Plugins page and the plugin details
page, you can decide whether you want to allow a third-party plugin in your
environment. Depending on the level of permission that SSPM has to the marketplace
app, and on the capabilities that the marketplace app's API provides, you can revoke
user access to a third-party plugin directly from SSPM. When this is not possible,
you can go to the SaaS app's administration console to revoke a plugin's access. If
you linked SSPM to an issue tracking system, you can create a ticket to revoke user
access and assign it to an administrator of the marketplace app.