Begin Scanning a Workplace by Facebook App (Beta)

Set up a token for your Workplace community to configure your app and connect to the Aperture service to scan assets.
Before you can begin scanning a Workplace by Facebook app, you must configure a token that generates an app with specific user permissions enabled and a page, a type of bot for your Workplace community. The page name reflects the name of your custom integration, and the profile picture matches the icon you chose when creating the custom configuration. As you prepare the Workplace account, take note of the token shown to you when creating your custom integration, since it is shown only once, and required to complete the setup of the Workplace app on Prisma SaaS and to read and write posts on your page.
To begin scanning a Workplace by Facebook app:
  1. Prepare to connect your Workplace by Facebook account to Prisma SaaS.
    1. Log in to the Workplace by Facebook console as an administrator.
    2. In your company dashboard, select
      Integrations
      Create Custom Integration
      .
    3. Choose a relevant name and description for the app and click
      Create
      .
    4. (Optional)
      Select an icon for the app by clicking
      Update
      to display any time the app is seen, such as in a group posting.
  2. Each Workplace app comes with unique
    Permissions
    to control the information being read or written to by that app. Grant the following permissions:
    Permission
    Description
    Read Group Content
    Read posts, comments, and member profiles in selected groups.
    Read Security Logs
    Access details of security events, including login attempts and password requests.
    Read user email
    Access any group member's email address.
    Read all messages
    Access messages sent to anyone in the community.
    Read user timeline
    Read all posts made by group members on a user's timeline
    Manage Group Content
    Manage posts and comments in selected groups.
    Manage Groups
    Edit or remove selected groups and their members.
    Impersonate Account
    Post and comment in groups and read messages from any user account.
  3. Click
    Create Access Token
    and
    understand
    the token terms. Click
    Done
    and
    Save
    the configuration.
    Copy and safely store the access token shown to you, as you will need the token to setup your account on Prisma SaaS and make API calls. As a system administrator, it is important to make sure that you only share access tokens with trusted developers within your organization and Facebook-approved third-party developers.
  4. Add the Workplace by Facebook app to Prisma SaaS.
    1. From the Prisma SaaS
      Dashboard
      , click
      Add a Cloud App
      , and select
      Workplace by Facebook
      .
      workplace-by-facebook-tile-frame-beta.png
    2. Select
      Connect to Account
      .
    3. Paste the
      Access Token
      copied in the previous step and click
      OK
      .
      workplace-by-facebook-enter-token.png
  5. (Optional)
    Give a descriptive name to this app instance and specify an incident reviewer.
    1. Select the Workplace by Facebook in the Cloud Apps list.
    2. Enter a descriptive
      Name
      to differentiate this instance of Workplace by Facebook from other instances.
  6. Add policy rules.
    When you add a new cloud app, Prisma SaaS automatically scans the app against the default data patterns and displays the match occurrences. As a best practice, consider the business use of your app to determine whether you want to Add a New Asset Rule to look for incidents unique to Workplace by Facebook.
  7. (Optional)
    Configure or edit a data pattern.
    You can Configure Data Patterns to identify specific strings of text, characters, words, or patterns to make it possible to find all instances of text or information to match a data pattern you specify.
  8. Start scanning the new Workplace by Facebook app for incidents.
    1. Select
      Settings
      Cloud Apps & Scan Settings
      .
    2. In the Cloud Apps row that corresponds to the new Workplace by Facebook app, select
      Actions
      Start Scanning
      .
      Prisma SaaS scans all assets in the associated Workplace by Facebook app and identifies incidents. Depending on the number of assets, it may take some time to complete the process. However, as soon as you begin to see this information populating on the Prisma SaaS
      Dashboard
      , you can begin to Assess Incidents.
  9. Monitor the results of the scan.
    As Prisma SaaS scans files and matches them against enabled policy rules, you can Monitor Scan Results on the Dashboard to verify that your policy rules are effective. Monitoring the progress of the scan during the discovery phase allows you to Fine-Tune Policy to modify the match criteria and ensure better results.

Related Documentation