Prisma Access
Cheat Sheet: SaaS Security with Prisma Access
Table of Contents
Expand All
|
Collapse All
Prisma Access Docs
-
- Prisma Access China
- 4.0 & Later
- 3.2 Preferred and Innovation
- 3.1 Preferred and Innovation
- 3.0 Preferred and Innovation
- 2.2 Preferred
-
-
-
- 5.0 Preferred and Innovation
- 4.2 Preferred
- 4.1 Preferred
- 4.0 Preferred
- 3.2 Preferred and Innovation
- 3.1 Preferred and Innovation
- 3.0 Preferred and Innovation
- 2.2 Preferred
Cheat Sheet: SaaS Security with Prisma Access
Manage your organization’s shadow IT risks, secure SaaS
applications from cloud threats, and ensure compliance across all
SaaS applications.
Where Can I Use
This? | What Do I Need? |
---|---|
|
|
Identify cloud-based threats and risky user activity in sanctioned and unsanctioned
apps with SaaS Security Inline.
SaaS Security Inline on Prisma Access—both
Panorama Managed and Cloud Managed—provides SaaS visibility so that you can identify
cloud-based threats and risky user activity on sanctioned and unsanctioned SaaS
apps. For Cloud Managed Prisma Access users, SaaS Inline Security is built right in
to give you a centralized view of network and CASB security. It offers SaaS
visibility—which includes advanced analytics and reporting—so that your organization has
the insights to understand the data security risks of sanctioned and unsanctioned
SaaS application usage on your network.
Cloud Access Security Broker (CASB) bundle includes Saas Security Inline, Enterprise
Data Loss Prevention (DLP) Inline, SaaS Security API, Data Loss Prevention (DLP)
API, and SaaS Security Posture Management (SSPM).
Learn how to manage your organization’s shadow
IT risks, secure SaaS applications from cloud threats, and ensure
compliance across all SaaS applications.
Cloud Management
Cloud Management
Here’s everything you need to
know to use SaaS Security with Prisma Access Cloud Management. |
Get Started
Here’s how to get up and running with SaaS
Security Inline on Prisma Access Cloud Management:
- Confirm that the SaaS Security add-on license is included with your Prisma Access subscription.Go toto check what’s available with your license.ManageService SetupOverviewIf you're using Strata Cloud Manager, go to. Select theManageConfigurationNGFW and Prisma AccessOverviewPrisma Accessconfiguration scope.
- If you haven’t already, activate the SaaS Security Inline app on the hub.After activation, SaaS Security Inline automatically discovers all SaaS applications and users and analyzes users’ SaaS activity and usage data from your Prisma Access logs that are stored in Cortex Data Lake.
- Manage administrator roles and access.To comprehensively manage SaaS Security, users must also be an administrator for the SaaS Security Inline app. Jump directly from the Prisma Access Cloud Management dashboard to theSaaS Security Consoleto add SaaS Security Inline administrators.
- Explore theSaaS Securitydashboard in Prisma Access Cloud Management.Go to.ManageConfigurationSecurity ServicesSaaS SecurityIf you're using Strata Cloud Manager, go to.ManageConfigurationSaaS SecurityAll dashboard views are supported directly in Prisma Access Cloud Management. Examine these views to identify risky SaaS applications and users and SaaS Security Posture Management. SaaS Security Posture Management (SSPM) helps detect and remediate misconfigured settings in sanctioned SaaS applications through continuous monitoring.
- Review and share the SaaS Security report.SaaS Security Inline includes a SaaS Security report that provides a snapshot of application usage with advanced aggregated data and views. This report serves as a communication tool between your SaaS security team and executive management. You can share this on-demand PDF report with your SaaS security team for a periodic check-in, or email the report to your executives to highlight the SaaS applications in use in your organization and the security risks they pose.
- See what else you can do with SaaS Security and Prisma Access Cloud Management.
SaaS Policy Recommendations
To gain visibility into and control of SaaS
applications, SaaS Security admins create SaaS rule recommendations
with specific SaaS App-IDs provided by the App-ID Cloud Engine (ACE).
In
Prisma Access Cloud Management, you can now review and choose to
accept the rules that SaaS Security admins recommend. SaaS rule
recommendations are added to your web access policy—you must have Web Security enabled to leverage
SaaS rule recommendations.
Here’s how you can get started
— review the workflow to review and accept
SaaS policy recommendations here:
- SaaS Security admins create SaaS rule recommendations in the SaaS Security Inline app or directly in Prisma Access Cloud Management.➡ In Prisma Access Cloud Management, go toManageConfigurationSecurity ServicesSaaS SecurityIf you're using Strata Cloud Manager, go to.ManageConfigurationSaaS Security
- You can review and import SaaS rule recommendations.➡ Go toManageWeb SecurityWeb Access PolicyIf you're using Strata Cloud Manager, go to. Select theManageConfigurationNGFW and Prisma AccessSecurity ServicesWeb SecurityWeb Access PolicyPrisma Accessconfiguration scope.
- The SaaS rule recommendations you’ve imported are labeled so you can easily identify them.
Panorama
Panorama
Here’s everything you need to
know to use SaaS Security with Panorama Managed Prisma Access. |
Get Started
Here’s how to get up and running with SaaS
Security Inline on Panorama Managed Prisma Access:
- Confirm that the SaaS Security add-on license is included with your Prisma Access subscription.Go toto check what’s available with your license.PanoramaLicenses
- If you haven’t already, activate the SaaS Security Inline app on the hub.After activation, SaaS Security Inline automatically discovers all SaaS applications and users and analyzes users’ SaaS activity and usage data from your Prisma Access logs that are stored in Cortex Data Lake.
- Manage administrator roles and access.To comprehensively manage SaaS Security, users must also be an administrator for the SaaS Security Inline app. Jump directly from the Prisma Access Cloud Management dashboard to theSaaS Security Consoleto add SaaS Security Inline administrators.
- Explore theSaaS Securitydashboard in Panorama Managed Prisma Access.Go toVisibility.All dashboard views are supported directly in Prisma Access Cloud Management. Examine these views to identify risky SaaS applications and users and SaaS Security Posture Management. SaaS Security Posture Management (SSPM) helps detect and remediate misconfigured settings in sanctioned SaaS applications through continuous monitoring.
- Review and share the SaaS Security report.SaaS Security Inline includes a SaaS Security report that provides a snapshot of application usage with advanced aggregated data and views. This report serves as a communication tool between your SaaS security team and executive management. You can share this on-demand PDF report with your SaaS security team for a periodic check-in, or email the report to your executives to highlight the SaaS applications in use in your organization and the security risks they pose.
- See what else you can do with SaaS Security and Panorama Managed Prisma Access.