Secure Cloud Apps

Use Prisma SaaS to have visibility into and control over how your users are accessing and sharing data across SaaS applications.
Palo Alto Networks Prisma SaaS allows you to consistently define and enforce policy for securing data across all your sanctioned software as a service (SaaS) applications. Although each application has its own settings to secure how users can store and share data, the settings and levels of enforcement vary by application. By adding your applications to Prisma SaaS, you have visibility into and control over how your users are accessing and sharing data across your sanctioned applications.
When Prisma SaaS first connects to an application, it scans all the assets in the application and matches against the policy rules to retroactively uncover incidents and then displays all active incidents on the Dashboard. To maximize the results from this initial discovery process, configure the global scan settings for policy, examine your corporate acceptable use policy for SaaS applications, and review the default policy rules in Prisma SaaS before you start the scan.
Configure Prisma SaaS to control unmanaged device access to your sanctioned applications by redirecting traffic through your next generation firewall. Utilizing your existing corporate Identity Provider, add Prisma SaaS and SaaS application integration to authenticate requests and grant access to users using Prisma SaaS as SAML proxy.
Additionally, you can use Prisma SaaS to connect to your Cortex Data Lake to access your next-generation firewall or GlobalProtect Cloud Service logs to present a holistic view of sanctioned and unsanctioned SaaS application usage. This visibility on Prisma SaaS allows you granular control over access, unsanctioned application usage, and external exposure of data.
While Prisma SaaS performs deep content inspection, it does not store any data from your monitored applications. It stores only metadata about your assets, which is data about your data.

Related Documentation