Security Controls Incident Details

Use Security Controls incident details to investigate why SaaS Security API created an incident for a security control policy violation.
SaaS Security API scans and analyzes email assets, settings, and user behavior and applies Security Control policies to identify exposures, risky user behavior, and sensitive documents. The service also performs a deep content inspection for known and unknown malware, data exposure, and data exfiltration. When SaaS Security API determines that the security control is an incident, it creates an incident detail view that you use to Assess Incidents in your managed SaaS applications. These details can include some or all of the following information:
Incident Detail
Setting Detail
Displays which security control rule was violated, the date SaaS Security API discovered the incident, the scanned Cloud app, and identifies the email sender, principal owner, or folder owner.
For assets that match the WildFire Analysis rule, you can Use the WildFire Report to Track Down Threats.
Setting Name
Links to the SaaS app and displays the settings available to configure, such as key rotation, password policy, and email auto-forward rules.
Option to
a message to the email sender, principal owner, or folder owner or
the incident.

Recommended For You