Assess Incidents on SaaS Security API

Learn how to assess incidents on SaaS Security API.

When you first add a cloud app, SaaS Security API goes through a discovery phase where it:

Compares the enabled data patterns and active policy rules against the information about all users associated with your assets.

Gathers metadata for the assets (folder, repository, and table names and information about the files, such as the owner and collaborators) and the actual contents of the files.

Adds new incidents after it scans the assets.

SaaS Security API monitors changes in all of your monitored cloud apps. How soon SaaS Security API identifies incidents depends on a variety of factors, including the volume of users and assets on your SaaS application, and the SaaS application provider’s process for queuing and API throttling.

What is an Incident?

Assess New Incidents

Download Assets for Incidents

Filter Incidents

Security Controls Incident Details

Track Down Threats with WildFire Report

Track Down Threats with AutoFocus

Customize the Incident Categories

Modify Incident Status

Close Incidents

View Asset Snippets for Incidents

Analyze Inherited Exposure