When you first add a cloud app,
Prisma SaaS goes through a discovery phase where it:
the enabled data patterns and active policy rules against the information
about all users associated with your assets.
Gathers metadata for the assets (folder, repository, and table
names and information about the files, such as the owner and collaborators)
and the actual contents of the files.
Adds new incidents after it scans the assets.
SaaS monitors changes in all of your monitored cloud apps. How soon
Prisma SaaS identifies incidents depends on a variety of factors,
including the volume of users and assets on your SaaS application,
and the SaaS application provider’s process for queuing and API throttling.