Analyze Inherited Exposure

Learn about the tools Prisma SaaS provides to help you analyze inherited exposure.
Prisma SaaS enables you to investigate the scope and source of the risky behavior and identify inherited exposure. Assets can inherit exposure from:
  • Parent folders. Explore an asset’s file and folder structure using the asset tree.
  • Shared Drives (Google Drive) or Team Folders (Dropbox). Browse the membership list.
explore-hierarchy.png

Inherited Exposure from Parent Folders

Prisma SaaS enables you to explore an asset’s hierarchy. After you determine the root-cause of the inherited access, you can remove the direct link on the file(s) or all direct and indirect exposures through parent folders, depending on the cloud app. You can take these actions manually or automatically.
  1. Select
    Explore
    Assets
    or
    Explore
    Incidents
    .
  2. Click on an asset.
  3. Locate the
    Explore
    pane or
    Actions
    Explore
    .
    Wait a few seconds for the asset tree to load.
  4. Observe the icons on the assets.
    • Red exclamation point
      —Denotes policy violations.
    • Exposure icons
      —Denotes associated risks, including the creation date, file type, exposure, owner.
    explore-hiearchy-object.png
  5. Select any object in the asset tree to display information about assets within the same parent folder.
    To:
    Click on:
    Display more files in root or parent folder.
    Show more
    link or folder link in
    Directory Path
    Collapse a column.
    Hide more
    link or folder link in Directory Path
    Adjust the asset tree.
    Recenter link
    or drag the tree
    Identify the policies this asset violates and all assets that violate these same policies.
    Rule link
    in Incidents pane
    Return to asset tree and file information for the initial asset.
    View Asset Details
    link

Inherited Exposure from Shared Drives and Team Folders

Prisma SaaS provides a membership tree so you can explore the members for a given shared drive (Google Drive) or team folder (Dropbox). After you identify External users that pose a risk to your organization, you can delete them from the shared drive or team folder.
  1. Select
    Explore
    Assets
    or
    Explore
    Incidents
    .
  2. Click on an asset.
  3. Locate the
    Explore on Google
    or
    Explore on Dropbox
    pane.
  4. In the
    Name
    column, click on the folder or shared drive name.
  5. Identify any
    External
    members.
    asset-group-ownership.png

Recommended For You