Learn how to remediate third-party apps that Prisma SaaS
You can view and assess third-party apps to
determine if the potential security threats are real and, if so,
and send notifications to users.
When you block an app after
it’s already in use, Prisma SaaS revokes access for all users that
are currently using that app. Sometimes you’ll determine that an identified
app does not pose a real threat. In that case, simply
the following workflow to drill down into an app and assess whether
it poses a security threat. Alternatively, you can automaticalty block an
Explore > Third-Party apps
By default, all discoveries are listed as
you assess and remediate them. You can:
Hover-over an app
view a summary of the app.
) Immediately take
third-party app in the list view.
) Immediately select any number of
Filter third-party apps associated with a particular
Drill down into the details by clicking the app
This detailed view displays the metadata of the third-party
app and the associated links and cloud apps so that you can get
more context around them.
After you understand the details, remediate the third-party
There are several ways to manually remediate:
Remediate one or more results—Select the log entry
Filter by users accessing a specific third-party app and
on the log entry,
Filter by third-party app status—Select one of the following states:
—You have not yet assessed
this app. Meanwhile, any user can provide this app authorization
to company data. By default, Prisma SaaS assigns all new discoveries
—Any user can provide this
app authorization to company data.
—The users you define can provide
this app authorization to company data. The app is blocked for all other