What’s SaaS Security Inline?
Learn about SaaS Security Inline capabilities.
SaaS Security Inline natively integrates with your NGFW and Prisma Access tenants managed by Panorama or Strata Cloud Manager to provide granular
SaaS app visibility and control of unsanctioned SaaS apps through advanced analytics,
reporting, visualization, categorizations, and Security policy authoring so that you can
minimize data security risks to your organization. Employees inadvertently use SaaS apps
that violate compliance agreements or that carry risks that exceed your organization’s
tolerance. SaaS Security Inline discovers such risks so that you can understand
them and take action.
SaaS Security Inline provides easy deployment and inline policy enforcement.
SaaS Security Inline leverages
ACE (App-ID Cloud Engine) technology and
SaaS policy rule recommendations to provide
greater and faster SaaS app discovery and a seamless SaaS security workflow between your
organization’s administrators for improved security posture.
SaaS Security Inline provides:
Shadow IT discovery—Using our language-agnostic
ACE technology, automatically
discovers new SaaS apps to keep pace with the new and emerging SaaS apps.
SaaS Security Inline identifies over 74,800 SaaS apps using
machine-learning algorithms to achieve a high-level of accuracy and speed.
Definition of a SaaS App: For the purpose of discovery, we define a SaaS
app as any app delivered as a service over the internet. The app should have the
capability to upload, download, or share content. Additionally, the app might
have the following capabilities and characteristics:
- The ability to be delivered and managed remotely
- Features such as session login and data transfer
- Pricing or subscription pages
- Shadow IT control—Enables you to author SaaS policy rule recommendations based on
a combination of apps, users and groups, categories, activities, device posture
(personal vs. corporate) and Enterprise Data Loss Prevention (E-DLP) data profiles and collaborate
with your firewall administrator on SaaS security policy rules to control
intentional and unintentional risky SaaS apps and user activity, allowing access to
corporate SaaS apps only for the legitimate users.
- Shadow IT visibility and reporting—Delivers an up-to-date combined view of both
unsanctioned and sanctioned SaaS app usage across categories and subcategories, including
Content Marketing, Collaboration & Productivity, and ERP:
Risk assessment—Exposes risky SaaS apps that are being used in
your app ecosystem.
SaaS Security Inline tracks over
80
attributes, and calculates a risk score based on over
55 of these
attributes. The risk score is between 1 (low risk) and 5 (high risk). To
calculate the risk score,
SaaS Security Inline considers the following types of attributes:
You can generate a
SaaS Security Report to help
you assess risks posed by unsanctioned SaaS apps. The SaaS Security
Report summarizes the most risky SaaS apps in your network. After
processing completes, the report is automatically emailed to you as a
PDF attachment.
Risk score customizing tools to enable you to manually
change the risk score for
individual SaaS apps without changing the underlying calculation method,
or adjust the weights for the underlying attributes and allow
SaaS Security Inline to recalculate and apply the risk score
automatically.
- Risk categorization—Identifies safer alternatives to risky SaaS apps
with advanced filters with drill-down views for granularity to locate the
SaaS app that meets your organization’s risk tolerance; NPS score metric to
assess customer satisfaction with SaaS apps; and tagging, both custom and default,
to differentiate sanctioned SaaS apps from unsanctioned SaaS apps that are
being used by employees in your organization for efficient monitoring and
policy enforcement.
SaaS Security Inline complements
Data Security
capabilities to provide an integrated CASB (Cloud Access Security Broker)
solution.
