SaaS Application Hosting Characteristics
View the detailed risk profile and usage statistics for the SaaS applications on your network based on sanction state and hosting characteristics in App-ID™.
You can now identify, assess, and reduce risks related to SaaS applications with unfavorable hosting characteristics by leveraging the enhanced ACC filters in App-ID™. To help you determine which applications you should allow in your environment, five new application hosting characteristics are now available: data breaches, poor terms of service, no certifications, poor financial viability, and IP-based access restrictions. You can use these application characteristics to gain visibility, control and the information you need to make informed decisions about the apps on your network, and define actions to eliminate risks or prevent future violations.
The enhanced ACC filters allow you to view the detailed risk profiles and usage statistics for the SaaS applications on your network based on the following hosting characteristics:
SaaS Application Characteristic
It is important for you to know if the SaaS application has ever had an intentional or unintentional release of secure information to an untrusted environment without proper information security precautions. Data loss and exfiltration is a possible risk when you use SaaS applications that do not disclose breaches or that have been breached within the past three years.
Poor Terms of Service
Applications with poor terms of service such as termination of service at any time for any reason, or making your sensitive data public for non-payment can make your enterprise vulnerable to loss of intellectual property, data, or nonavailability of service.
Certifications can help you assess applications to verify if the application has gone through certain basic security precautions that have been validated and officially recorded by a certification party. Most certifications are not a one-time evaluation and provide you the assurance that the security of the application is periodically evaluated. Applications are checked for compliance with industry certifications such as SOC1, SOC2, SSAE16, PCI, HIPAA, FINRAA, or FEDRAMP.
Poor Financial Viability
If the application vendor goes out of business, the liquidation activities can have a serious impact your enterprise. For example, during liquidation the customer data is considered an asset and sold, potentially exposing your IP and losing the data to the liquidator. This characteristic checks for applications with the potential to be out of business within the next 18 to 24 months and reports the applications with poor financial viability.
An application without IP-based restrictions lack the ability to restrict end-user access from outside of the corporate network, and can expose your enterprise data to end-users outside of your known enterprise IP range (such as a corporate campus).
The data for the IP-based Restrictions characteristic is available to view in the Network Activity graphs and for generating a custom report.
For ease of use, the applications with unfavorable hosting characteristics are displayed automatically in the predefined Application Usage Report.
The application usage report displays in a new window, so your browser must allow pop-ups. If the preview window does not open, refer to your browser documentation for the steps to enable pop-ups.
The Applications with Risky Characteristics displays on page 2 of the report.
For a more tailored view, you can also use the characteristics to build a custom report.
Generate the SaaS Application Usage Report
Generate the SaaS Application Usage Report The SaaS Application Usage PDF report is a two-part report that allows you to easily explore SaaS application activity ...
Applications Overview The Applications page lists various attributes of each application definition, such as the application’s relative security risk (1 to 5). The risk value ...
Application Whitelist Example
Application Whitelist Example Keep in mind that you do not need to capture every application that might be in use on your network in your ...
App-ID enables you to see the applications on your network and learn how they work, their behavioral characteristics, and their relative risk. ...
Actions Supported on Applications
Actions Supported on Applications You can perform any of the following actions on this page: Actions Supported for Applications Description Filter by application To search ...
Monitor > PDF Reports > SaaS Application Usage
Monitor > PDF Reports > SaaS Application Usage Use this page to generate a SaaS application usage report that summarizes the security risks associated with ...
Get Increased Visibility Into New App-ID Activity
Get Increased Visibility Into New App-ID Activity The New App-ID characteristic enables you to monitor new applications on your network, so that you can better ...
Use HTTP Headers to Manage SaaS Application Access
Use Palo Alto Networks® firewall URL profiles to insert custom headers into HTTP requests so that you can control access to differing versions of web ...