New Features Introduced in April 2025
Focus
Focus
SaaS Security

New Features Introduced in April 2025

Table of Contents

New Features Introduced in April 2025

Learn about the new features that became available in SaaS Security in April 2025.

SSPM Feature Enhancements

In the SSPM product, we are regularly improving and enhancing functionality. Some recently introduced enhancements include the following enhancements:
  • Added Identity Support for Workday: The Identity Security component of SSPM uses information from an instance of a supported application and, optionally, your identity provider to give you visibility into account risks. As part of an ongoing effort to support more applications, we now provide account risk information for Workday.
  • Added Compliance Posture Standards: The Compliance dashboard shows your overall compliance posture across the common compliance standards and frameworks. The Compliance dashboard now shows information for the following regulation and framework:
    • The Artificial Intelligence Act of the European Union (EU AI Act) is an EU regulation (Regulation (EU) 2024/1689).
    • The U.S. National Institute of Standards and Technology (NIST) AI Risk Management Framework (AI RMF).

Google Chat App in Data Security

Data Security supports the Google Chat App enhancing your organization's data security and compliance capabilities. Key highlights of this feature are:
  • Comprehensive Scanning: Identify sensitive information in Google Chat messages and files uploaded from devices.
  • Advanced Exposure Monitoring: Track who has access to sensitive data shared within Google Chat, including external users.
  • Powerful Remediation Options: Delete risky messages or files and notify users via email about policy violations.
  • Flexible Policy Management: Create and enforce data asset policies to automatically identify and secure risky assets.
  • Detailed Asset Metadata: Filter and search Google Chat assets based on various attributes like data type, file type, owner, creation time, and DLP matches.
This new feature helps Information Security teams to proactively protect sensitive information, manage data access, and maintain compliance within Google Chat communications.

Meeting Bot Detection in SSPM

Meeting bots are powerful tools that can significantly enhance virtual collaborations. They excel at real-time transcription, creating accurate records of discussions as they happen. They can automate note-taking, generate concise summaries, and create lists of follow-up actions. By handling these tasks, they enable participants to focus more on the content of the meeting, leading to more productive and engaging discussions. Some meeting bots provide meeting analytics, such as metrics on each participant's contribution and the emotional tone of conversations.
Because of their usefulness, people have quickly adopted meeting bots to record meetings and automate tasks on virtual meeting platforms. However, meeting bots can pose significant risks to organizational security and privacy. They can join meetings undetected, potentially recording sensitive conversations without consent, leading to data breaches and confidentiality violations. Some meeting bots get information from calendars, such as meeting schedules, participants, and topics. This ability could also expose proprietary data to unauthorized parties.
To help you address the threats posed by meeting bots, SSPM now gives you visibility into the meeting bots that accessed meetings in the following virtual meeting platforms:
  • Zoom
  • Microsoft Teams
SSPM also detects the users who have synced meeting bots to their calendar (Google Calendar or Outlook) to automatically join meetings.
To enable SSPM to scan these meeting platforms and calendar applications for meeting bots, you onboard the Zoom, Office 365, and Google Workspace apps to SSPM. If you onboarded these apps to SSPM before SSPM introduced this meeting bot detection feature, you must re-onboard them to enable meeting bot detection.
After you onboard one or more of these apps, SSPM scans your app instances at regular intervals for a set of predefined meeting bots. SSPM displays this information in a new Meetings page (SSPM Meetings). Initially, the Meetings page shows only information about users who have synced bots to their calendar. SSPM displays information about bots that were present in meetings only after new meetings are held, and SSPM runs its meeting scans.
In addition to showing the number of meetings with bots and the bot users, SSPM shows information that you can use to determine whether you want to allow the meeting bot in your organization. For example, the Meetings page shows a risk score for each bot and the number of external users who attended meetings where the bot was present. If you determine that you don’t want to allow a particular meeting bot in your organization, you can revoke the bot. Revoking a bot removes it from all the calendars through which it could access meetings. If you linked SSPM to an issue tracking system, you can, instead of revoking the bot, create a ticket to investigate the bot usage further. For example, you could open a ticket to get more information from the bot users.

Behavior Threats Syslog Integration in SaaS Security

Behavior Threats supports syslog integration in SaaS Security for streamlined security monitoring. This integration allows you to send critical threat data directly to your existing syslog infrastructure, enhancing your ability to detect and respond to security incidents quickly. With syslog integration, you can empower your team with real-time threat intelligence, improve your incident response times, and strengthen your overall security posture. The Behavior Threats incident logs have the following fields:
  • log_type
  • description
  • date
  • severity
  • policy_id
  • user_email
  • timestamp