Cheat Sheet: SaaS Security on Prisma Access Cloud Management

Manage your organization’s shadow IT risks, secure SaaS applications from cloud threats, and ensure compliance across all SaaS applications.
This feature requires the
SaaS Security
add-on license for Prisma Access.
Identify cloud-based threats and risky user activity in sanctioned and unsanctioned apps with SaaS Security Inline.
SaaS Security Inline is built-in to Cloud Managed Prisma Access to give you a centralized view of network and CASB security. It offers SaaS visibility—which includes advanced analytics and reporting—so that your organization has the insights to understand the data security risks of sanctioned and unsanctioned SaaS application usage on your network.

Get Started

Here’s how to get up and running with SaaS Security Inline on Prisma Access Cloud Management:
  • Confirm that the SaaS Security add-on license is included with your Prisma Access subscription
    Go to
    Service Setup
    to check what’s available with your license.
  • If you haven’t already, activate the SaaS Security Inline app on the hub
    After activation, SaaS Security Inline automatically discovers all SaaS applications and users and analytzes users’ SaaS activity and usage data from your Prisma Access logs that are stored in Cortex Data Lake.
  • Go to the hub to provide role based access to SaaS Security controls in Prisma Access Cloud Management.
    • Data Security Admin
      —Can access Enterprise DLP and SaaS Security controls, but cannot push configuration changes to Prisma Access.
    • SaaS Admin
      —Can access SaaS Security settings but cannot push configuration changes to Prisma Access.
    To comprehensively manage SaaS Security, users must also be an administrator for the SaaS Security Inline app.
  • Explore the
    SaaS Security
    dashboard in Prisma Access Cloud Management
    Go to
    Security Services
    SaaS Security
    • The
      Discovered Applications
      Discovered Users
      dashboard views are supported for Prisma Access Cloud Management. Examine these views to identify risky SaaS applications and users.
    • Jump directly from the Prisma Access Cloud Management dashboard to the
      SaaS Security Console
      to access Application Dictionary, reports, and other settings.
    • Although you can access the Policy Recommendations view from the SaaS Security Console and author SaaS policy rule recommendations, policy synchronization is not currently supported for Prisma Access.
  • Review and share the SaaS Security report
    The SaaS Security Inline app includes a SaaS Security report provides a snapshot of application usage with advanced aggregated data and views. This report serves as a communication tool between your SaaS security team and executive management. You can share this on-demand PDF report with your SaaS security team for a periodic check-in, or email the report to your executives to highlight the SaaS applications in use in your organization and the security risks they pose.

Recommended For You