Use Prisma SaaS to have visibility into and control over
how your users are accessing and sharing data across SaaS applications.
Palo Alto Networks Prisma SaaS allows you to consistently
define and enforce policy for securing data across all your sanctioned
software as a service (SaaS) applications. Although each application
has its own settings to secure how users can store and share data,
the settings and levels of enforcement vary by application. By adding
your applications to Prisma SaaS, you have visibility into and control
over how your users are accessing and sharing data across your sanctioned
When Prisma SaaS first connects to an application, it scans all
the assets in the application and matches against the policy rules
to retroactively uncover incidents and then displays all active
incidents on the Dashboard. To maximize the results from this initial
discovery process, configure the global scan settings for policy,
examine your corporate acceptable use policy for SaaS applications,
and review the default policy rules in Prisma SaaS before you start
Configure Prisma SaaS to control unmanaged device access to your
sanctioned applications by redirecting traffic through your next
generation firewall. Utilizing your existing corporate Identity
Provider, add Prisma SaaS and SaaS application integration to authenticate
requests and grant access to users using Prisma SaaS as SAML proxy.
Additionally, you can use Prisma SaaS to connect to your Cortex
Data Lake to access your next-generation firewall or GlobalProtect
Cloud Service logs to present a holistic view of sanctioned and
unsanctioned SaaS application usage. This visibility on Prisma SaaS
allows you granular control over access, unsanctioned application
usage, and external exposure of data.
While Prisma SaaS performs deep content inspection, it does not
store any data from your monitored applications. It stores only
metadata about your assets, which is data about your data.