Cheat Sheet: SaaS Security with Prisma Access
Focus
Focus
Prisma Access

Cheat Sheet: SaaS Security with Prisma Access

Table of Contents

Cheat Sheet: SaaS Security with Prisma Access

Manage your organization’s shadow IT risks, secure SaaS applications from cloud threats, and ensure compliance across all SaaS applications.
Where Can I Use This?What Do I Need?
  • Prisma Access (Managed by Strata Cloud Manager)
  • Prisma Access (Managed by Panorama)
Identify cloud-based threats and risky user activity in sanctioned and unsanctioned apps with SaaS Security Inline.
SaaS Security Inline on Prisma Access—both Panorama Managed and Cloud Managed—provides SaaS visibility so that you can identify cloud-based threats and risky user activity on sanctioned and unsanctioned SaaS apps. For Prisma Access (Managed by Strata Cloud Manager) users, SaaS Inline Security is built right in to give you a centralized view of network and CASB security. It offers SaaS visibility—which includes advanced analytics and reporting—so that your organization has the insights to understand the data security risks of sanctioned and unsanctioned SaaS application usage on your network.
Cloud Access Security Broker (CASB) bundle includes Saas Security Inline, Enterprise Data Loss Prevention (DLP) Inline, SaaS Security API, Data Loss Prevention (DLP) API, and SaaS Security Posture Management (SSPM).
Learn how to manage your organization’s shadow IT risks, secure SaaS applications from cloud threats, and ensure compliance across all SaaS applications.

Cheat Sheet: SaaS Security with Prisma Access (Managed by Strata Cloud Manager)

Here’s everything you need to know to use SaaS Security with Prisma Access (Managed by Strata Cloud Manager).

Get Started

Here’s how to get up and running with SaaS Security Inline on Prisma Access (Managed by Strata Cloud Manager):
  • Confirm that the SaaS Security add-on license is included with your Prisma Access subscription.
    Go to ManageService SetupOverview to check what’s available with your license.
    If you're using Strata Cloud Manager, go to ManageConfigurationNGFW and Prisma AccessOverview. Select the Prisma Access configuration scope.
  • If you haven’t already, activate the SaaS Security Inline app on the hub.
    After activation, SaaS Security Inline automatically discovers all SaaS applications and users and analyzes users’ SaaS activity and usage data from your Prisma Access logs that are stored in Strata Logging Service.
  • Manage administrator roles and access.
    Go to the hub to provide roles-based access to SaaS Security controls in Prisma Access Cloud Management.
    To comprehensively manage SaaS Security, users must also be an administrator for the SaaS Security Inline app. Jump directly from the Prisma Access Cloud Management dashboard to the SaaS Security Console to add SaaS Security Inline administrators.
  • Explore the SaaS Security dashboard in Prisma Access (Managed by Strata Cloud Manager).
    Go to ManageConfigurationSecurity ServicesSaaS Security.
    If you're using Strata Cloud Manager, go to ManageConfigurationSaaS Security.
    All dashboard views are supported directly in Prisma Access (Managed by Strata Cloud Manager). Examine these views to identify risky SaaS applications and users and SaaS Security Posture Management. SaaS Security Posture Management (SSPM) helps detect and remediate misconfigured settings in sanctioned SaaS applications through continuous monitoring.
  • Review and share the SaaS Security report.
    SaaS Security Inline includes a SaaS Security report that provides a snapshot of application usage with advanced aggregated data and views. This report serves as a communication tool between your SaaS security team and executive management. You can share this on-demand PDF report with your SaaS security team for a periodic check-in, or email the report to your executives to highlight the SaaS applications in use in your organization and the security risks they pose.
  • See what else you can do with SaaS Security and .

SaaS Policy Recommendations

To gain visibility into and control of SaaS applications, SaaS Security admins create SaaS rule recommendations with specific SaaS App-IDs provided by the App-ID Cloud Engine (ACE).
In Prisma Access (Managed by Strata Cloud Manager), you can now review and choose to accept the rules that SaaS Security admins recommend. SaaS rule recommendations are added to your web access policy—you must have Web Security enabled to leverage SaaS rule recommendations.
Here’s how you can get started — review the workflow to review and accept SaaS policy recommendations here:
  1. SaaS Security admins create SaaS rule recommendations in the SaaS Security Inline app or directly in Prisma Access (Managed by Strata Cloud Manager).
    ➡ In Prisma Access (Managed by Strata Cloud Manager), go to ManageConfigurationSecurity ServicesSaaS Security
    If you're using Strata Cloud Manager, go to ManageConfigurationSaaS Security.
  2. You can review and import SaaS rule recommendations.
    ➡ Go to ManageWeb SecurityWeb Access Policy
    If you're using Strata Cloud Manager, go to ManageConfigurationNGFW and Prisma AccessSecurity ServicesWeb SecurityWeb Access Policy. Select the Prisma Access configuration scope.
  3. The SaaS rule recommendations you’ve imported are labeled so you can easily identify them.

Cheat Sheet: SaaS Security with Prisma Access (Managed by Panorama)

Here’s everything you need to know to use SaaS Security with Prisma Access (Managed by Panorama).

Get Started

Here’s how to get up and running with SaaS Security Inline on Prisma Access (Managed by Panorama):
  • Confirm that the SaaS Security add-on license is included with your Prisma Access subscription.
    Go to PanoramaLicenses to check what’s available with your license.
  • If you haven’t already, activate the SaaS Security Inline app on the hub.
    After activation, SaaS Security Inline automatically discovers all SaaS applications and users and analyzes users’ SaaS activity and usage data from your Prisma Access logs that are stored in Strata Logging Service.
  • Manage administrator roles and access.
    Go to the hub to provide roles-based access to SaaS Security controls in Prisma Access Cloud Management.
    To comprehensively manage SaaS Security, users must also be an administrator for the SaaS Security Inline app. Jump directly from the Prisma Access Cloud Management dashboard to the SaaS Security Console to add SaaS Security Inline administrators.
  • Explore the SaaS Security dashboard in Prisma Access (Managed by Panorama).
    Go to Visibility.
    All dashboard views are supported directly in Prisma Access (Managed by Strata Cloud Manager). Examine these views to identify risky SaaS applications and users and SaaS Security Posture Management. SaaS Security Posture Management (SSPM) helps detect and remediate misconfigured settings in sanctioned SaaS applications through continuous monitoring.
  • Review and share the SaaS Security report.
    SaaS Security Inline includes a SaaS Security report that provides a snapshot of application usage with advanced aggregated data and views. This report serves as a communication tool between your SaaS security team and executive management. You can share this on-demand PDF report with your SaaS security team for a periodic check-in, or email the report to your executives to highlight the SaaS applications in use in your organization and the security risks they pose.
  • See what else you can do with SaaS Security and Panorama Managed Prisma Access.