SaaS Security is an integrated CASB (Cloud Access Security Broker) solution that helps Security teams like yours meet the challenges of protecting the growing availability of sanctioned and unsanctioned SaaS applications and maintaining compliance consistently in the cloud while stopping threats to sensitive information, users, and resources. SaaS Security options include SaaS Security API (Data Security in the Cloud Management Console), SaaS Security Inline (Discovered Apps in the Cloud Management Console), and SaaS Security Posture Management (SSPM).
Use SaaS Security Inline to discover and manage risks posed by unsanctioned SaaS apps while you rely on SaaS Security API to scan assets in the cloud space for at-rest detection, inspection, and remediation across all user, folder, and file activity within sanctioned SaaS applications. SaaS Security Posture Management (SSPM) helps detect and remediate misconfigured security settings in sanctioned SaaS applications through continuous monitoring.
With all three SaaS Security components, you have an integrated CASB that offers better security outcomes without the complexity of third-party integrations and the overhead and cost of managing the large number of vendors that exist with legacy CASBs.
Review the SaaS Security privacy datasheet for details on the privacy of the data you store in SaaS applications and how SaaS Security handles that data.
|Allowed List of IP Addresses
|For a smooth app onboarding experience, an updated region-specific IP address list is now available. Add these IP addresses to the allowed list in your firewalls.
You can now check onboarding status that validates if the connector has onboarded successfully. Validations have been launched for the following connectors:
|Improvements to tenant-level policy rule recommendations
|When you create policy rule recommendations at the tenant level, several improvements are now available, including increased tenant selection for applying policy rule recommendations and the addition of the Allow action for specific apps.
|Tenant-level visibility and control for Salesforce Sales Cloud
|For Salesforce Sales Cloud applications, you can now detect the specific application tenants that are being accessed by users and submit policy rule recommendations at the tenant level.
Support for Custom Admin Roles in Data Security
You can now create Custom Admin Roles for Data Security in the Strata Cloud Manager.
|Autotagging recommendations for Sanctioned apps
|To help you identify discovered apps that you should tag as Sanctioned, SaaS Security Inline now provides tagging recommendations. Using information from the Cloud Identity Engine, SaaS Security Inline determines if a detected app is an enterprise application accessible through your identity provider.
|New security and privacy attributes
|When you are viewing an application's attribute values in the Application Detail view in SaaS Security Inline, new security and privacy attributes are available.
|Tenant-level visibility and control for Aha! (Aha.io)
|For Aha! (Aha.io) applications, you can now detect the specific application tenants that are being accessed by users and submit policy rule recommendations at the tenant level.
Improved application searching in SaaS Security Inline
The search function in SaaS Security Inline has been improved to yield better results when searching for applications.
Scan support for Workday App (Beta)
You can connect a Workday instance to Data Security to gain visibility into Workday User Activities.
|Interconnected SaaS: Third-party plugin detection in SSPM
|SSPM gives you visibility into the third-party plugins that are being used in your organization. You can then take action by approving the plugin or by revoking user access to it.
|Tenant-level visibility and control for Azure OpenAI
|For Azure OpenAI applications, you can now detect the specific application tenants that are being accessed by users and submit policy rule recommendations at the tenant level.
|You can now check onboarding status that validates if the connector has onboarded successfully. Validations have been launched for the Slack Enterprise V2 connector
|For features added in earlier releases, see the SaaS Security Release Notes.
Learn about the types of data patterns available on SaaS Security API—predefined, custom, and file property.
Learn how to identify and remediate risky apps on SaaS Security Inline.
Learn how to generate the SaaS Security Inline Report to share with your SaaS security team and executive management team.