>
    Strata Copilot
    Add and Discover Applications
    Focus
    Download PDF
    Focus
    1. Home
    2. Prisma Access
    3. Prisma Access Administration
    4. About Private App Security
    5. Add and Discover Applications
    Download PDF
    Prisma Access

    Add and Discover Applications

    Table of Contents

    Add and Discover Applications

    Add the applications you want to protect using Private App Security.
    Where Can I Use This?What Do I Need?
    • Prisma Access (Managed by Strata Cloud Manager)
    • Prisma Access (Managed by Panorama)
    There are two ways to define the applications to be protected by Private App Security:

    Add New Applications Manually

    Admins can follow these steps to add applications manually.
    To add an application, it is necessary for you to confirm that at least one active gateway or remote network has been active for a minimum of one hour. This is essential, because the private key from the gateway or remote network is required to generate the per-domain certificate.
    1. Log in to Strata Cloud Manager.
    2. Select ConfigurationApplication ServicesApplication SettingsApplications.
    3. Select Add Application.
    4. The Add Application page appears. Complete General and Destination Details.
      1. Add an Application Name and an optional Description. Select a Type (for example, Web Browsing), and search for an optional Group.
        An application group is a collection of applications to which an admin wants to apply identical policies. Instead of applying similar policies to each individual application, the admin can create an application group, add all relevant applications, and assign a single policy to the entire group. This streamlines policy management, making it cleaner and more efficient.
      2. Under Destination Details, define the application's destinations. Each application might have multiple domains; enter all of them here. Enter each domain name accompanied by port number 443, and Save your changes.

    Define Application Groups

    An application group is a collection of applications, and one application can belong to multiple application groups. Application groups provide the ability to bundle multiple applications that need to be managed in a similar way. The application security policies can be than associated directly through these app groups, keeping the configuration leaner.
    1. Go to ConfigurationApplication ServicesApplication SettingsApplication Groups.
    2. Select Add Group.
    3. Enter a name and an optional description.
    4. Save your changes.
    From the Application Groups table, click on the name of a group to see the apps it includes.

    Define Applications from Automatically Discovered Domains

    Admins often lack awareness of all private applications and domains accessed internally. Additionally, they may not be able to identify which applications are safeguarded by Private App Security policies to prevent application-specific attacks. On the Application Discovery page, we list all private domains being accessed that lack protection from Private App Security; for example, domains not included in an application definition and without associated Private App Security policies. To minimize the risk of application-specific attacks, these domains can be easily integrated into an application definition and subjected to best practice Private App Security policies. These private applications are vital to the business and may contain sensitive data.
    1. Go to ConfigurationApplication ServicesApplication SettingsDiscovery.
    2. Under Discovered Applications, view the list of private domains that generate traffic but are not protected by Private App Security. Select the domain or domains for which you want to apply Private App Security policies. To select all domains, click FQDN.
    3. Decide whether to add this domain to a New or already Existing application.
    4. The selected domain is prepopulated in the next application definition screen, where the admin needs only to define a name for this application.

    © 2026 Palo Alto Networks, Inc. All rights reserved.