: Supported Content, Remediation and Monitoring
Focus
Focus

Supported Content, Remediation and Monitoring

Table of Contents

Supported Content, Remediation and Monitoring

View the list of supported SaaS applications and their supported remediation options on Data Security.
Before you add a cloud app to Data Security, learn about the scan, remediation, and monitoring features that Data Security supports for your cloud app. Usually when a remediation capability isn't supported, it’s due to the cloud app’s API. However, as a cloud app’s API changes often Data Security is able to expand support. Unless otherwise stated, forward scan includes new assets, deleted assets, and updated content on assets. Additionally, sometimes a feature isn't relevant to a cloud app’s paradigm (for example, the cloud app doesn’t have folders), and so the feature isn’t applicable.

Content Support on Data Security

Scan content support is different from remediation support. Data Security can scan content based on supported file types and supported languages, but within that remediation depends on the cloud app. Additionally, Data Security offers different types of scan methods based on the type of cloud app and not all exposure levels apply to some cloud apps. Additionally, unless otherwise stated, Forward Scan typically includes new assets, deleted assets, and content updates on assets.
Cloud App
Scan Content
Scan Methods
Notes
Amazon S3
Buckets, Files
Yes
Yes
Multi-account
Internal, External,Public
Bitbucket
Commit files, Repository
Yes
Yes
n/a
Internal, Public
By default, the backward scan limit is set to 1 year. If you wish to extend this limit to more than 1 year, contact SaaS Security Technical Support.
Box
Files, Folders
Yes
Yes
Yes
All
ChatGPT Enterprise
Messages, files uploaded, and files generated by GPT
Yes
Yes
No
Internal, External, Public, Company
Cisco Webex Teams
Rooms, Messages, Files
Yes
Yes
No
Internal, External, Public
Confluence
Page content, Attachments, Comments
Yes
Yes
No
Internal, External,Public
Internal exposure is supported only when you have your email visibility set to global visibility in the Confluence app.
Confluence Data Center
Page content, Attachments, Comments
Yes
Yes
No
Internal, External, Company
By default, the backward scan limit is set to 1 year. If you wish to extend this limit to more than 1 year, contact SaaS Security Technical Support.
Dropbox ( Individual Folder and Team Folder)
Files, Folders
Yes
Yes
No
All
GitHub
Files, Folders
Yes
Yes
No
Internal, Public
Backward scanning is supported up to 1 year only.
Gmail
Email content, Attachments
No
Yes
No
Internal, External
For internal emails, only attachments are scanned. For external emails, both email content and attachments are scanned.
Google Drive - My Drive
Files, Folders
Yes
Yes
Yes
All
Google Drive - Shared Drives
Files, Folders
Yes
Yes
Yes
All
Jira
Issue Descriptions, Comments, Attachments, Projects
Yes
Yes
n/a
No
By default, the backward scan limit is set to 1 year. If you wish to extend this limit to more than 1 year, contact SaaS Security Technical Support.
Jira Data Center
Issue Descriptions, Comments, Attachments, Projects
Yes
Yes
n/a
No
Data Security performs a backward scan spanning 15 years from the date of onboarding for both existing and new customers. The default rate limit is 100 requests per second, but you can also set your own limit. This rate limit is divided between forward and backward scans. When the rate limit reaches 60% of the threshold, the backward scan halts. However, it resumes once the rate limit falls below this threshold. The recommended rate limit is 10 requests per second. A minimum rate limit of 2 requests per second is recommended so that your forward scanning is not adversely affected.
Microsoft Exchange
Email content, Attachments
No
Yes
No
Internal, External
For internal emails, only attachments are scanned. For external emails, both email content and attachments are scanned.
Microsoft Office 365 - OneDrive
Files, Folders
Yes
Yes
Yes
All
Data Security will scan files uploaded by external collaborators only if those external collaborators are added to the Azure Active Directory as External.
Microsoft Office 365 - SharePoint
Files, Folders
Yes
Yes
No
All
Microsoft Teams
Channel Messages, Direct Chats
No
Yes
n/a
Internal, External,Company
Attachments are supported using Office 365.
Due to new Microsoft licensing requirements, Microsoft Teams connector will work only for customers running the E5 licenses.
Salesforce
Files, Tables, Chatter body
Yes
Yes
No
All
Backward or Forward scan: the service performs Backward scan until it reaches current time, then performs Forward scan.
Content: While Data Security stores the metadata for all unstructured files, it stores structured file data selectively. For example, a Salesforce Chatter message has structured data and is stored only when the content in the message matches a defined data pattern but an attachment on Salesforce Chatter has unstructured data, so Data Security scans the attachment and stores the metadata.
ServiceNow
Tables, Attachments
Yes
Yes
No
All
ShareFile
Files, Folders
Yes
Yes
No
All
Slack Enterprise
Files, Messages
Yes
Yes
Yes
All
  • Currently, all Slack Enterprise asset exposure is set as Internal only.
  • By default, the backward scan limit is set to 1 year. If you wish to extend this limit to more than 1 year, contact SaaS Security Technical Support.
Slack Pro and Business
Files, Messages in Public Channels
No
Yes
No
No
Forward Scan: scans for new assets only—not deleted assets and content updates on assets.
No Scan support for messages in Private channels and Direct messages.
Zendesk
Files, Attachments
No
Yes
n/a
Internal, Public
Forward Scan: scans for new assets only—not deleted assets and content updates on assets.
Zoom
Chats, Messages, Transcripts
No
Yes
No
None
Scan support for messages including private and public channels and direct messages within Team Chat.
Support for cloud-recorded, zoom meeting voice transcripts when related settings are enabled on Zoom.

Remediation Support on Data Security

The following table outlines support by remediation capability.
  • When an admin quarantine is supported, unless otherwise stated, all file actions within that quarantine are also supported, including Delete asset, Restore assets, and Download asset.
  • When admin quarantine is supported, the assets that you can quarantine and the quarantine actions (for example, Download) that you can perform on them include all those that also have scan support, unless otherwise stated.
  • All cloud apps support basic incident management actions, including Send Admin Alert and Create Incident, unless otherwise stated.
Remediation support is organized by remediation stage:

Automatic Remediation of Incidents on Data Security

The following automatic remediation of incidents is supported.
Cloud App
Incident Autoremediation
Notes
Asset Quarantine
Change Sharing
Remove Public Links
(Files & Folders)
Notifications
User
Admin
Direct Link
Inherited Link
Notify File Owner
Notify via Bot
Amazon S3
Yes
Yes
Only files
Yes
Yes
No
n/a
Bitbucket
No
No
Yes
Yes
Yes
Yes
Box
Yes
Yes
Only files
Yes
Yes
Yes
n/a
ChatGPT
No
No
No
No
Yes
n/a
The following manual remediation are supported:
  • Delete Conversation
  • Unshare CustomGPT
Cisco Webex Teams
No
No
No
No
Yes
Yes
Supports deletion of messages and files.
Confluence
No
Yes
Only files
No
No
Yes
No
Confluence Data Center
No
Yes
Only attachments
No
No
No
No
Dropbox - Individual Folder
Yes
Yes
Only files
Yes
Yes
Yes
n/a
Dropbox - Team Folder
n/a
Yes
Only files
Yes
Yes
Yes
n/a
GitHub
No
No
No
Yes
No
n/a
Gmail
No
No
No
No
No
n/a
Google Drive - My Drive
Yes
Yes
Yes
Yes
Yes
n/a
Google Drive - Shared Drives
n/a
Yes
Yes
Yes
n/a
n/a
Jira Data Center
No
No
No
No
Yes
No
Jira
Yes
No
No
No
Yes
Yes
Microsoft Exchange
No
No
No
No
No
n/a
Microsoft Office 365 - OneDrive
Yes
Yes
Only files
Yes
No
Yes
n/a
Microsoft Office 365 - SharePoint
No
Yes
Only files
Yes
No
Yes
n/a
Microsoft Teams
Yes
No
n/a
n/a
Yes
n/a
Quarantine for Attachments is supported using Office 365.
Salesforce
No
No
No
No
No
n/a
ServiceNow
No
No
No
No
No
n/a
ShareFile
No
Yes
Only files
Yes
Yes
Yes
n/a
Slack Enterprise
No
No
No
No
Yes
Yes
Notifications sent via Slack to the quarantine administrator and the asset owner.
Slack Pro and Business
No
No
No
No
No
Yes
Zendesk
No
No
No
No
No
Yes
Zoom
No
No
No
No
No
No

Post-Remediation of Incidents on Data Security

The following post remediation of incidents is supported.
Post-Remediation
Notes
Cloud App
Admin Quarantine Actions
Delete
Restore
Download
Amazon S3
Yes
Yes
Yes
Bitbucket
No
No
No
Box
Yes
Yes
Yes
ChatGPT
No
No
No
Cisco Webex Teams
No
No
No
Supports deletion of messages and files.
Confluence
Yes
Yes
Yes
Confluence Data Center
Yes
Yes
Yes
Dropbox - Individual Folder
Yes
Yes
Yes
Dropbox - Team Folder
Yes
Yes
Yes
GitHub
No
No
No
Gmail
No
No
No
Google Drive - My Drive
Yes
Yes
Yes
When a file is restored from Admin Quarantine, collaborators are not restored.
Google Drive - Shared Drives
Yes
Yes
Yes
When a file is restored from Admin Quarantine, collaborators are not restored.
Jira Data Center
No
No
No
Jira
No
No
Yes
Microsoft Exchange
No
No
No
Microsoft Office 365 - OneDrive
Yes
Yes
Yes
Microsoft Office 365 - SharePoint
Yes
Yes
Yes
Microsoft Teams
None supported for supported scan content
Quarantine for Attachments are supported using Office 365.
Salesforce
No
No
No
ServiceNow
No
No
No
ShareFile
Yes
Yes
Yes
Slack Enterprise
No
No
No
Slack Pro and Business
No
No
No
Zendesk
No
No
No
Zoom
No
No
No

Incident Management Support on Data Security

Specific SaaS apps provide for incident management of Incidents:

Incidents Support on Data Security

The ability to display incidents and other related data depends on the SaaS app. Unless otherwise stated, incidents account for all supported content for a given SaaS app.
Cloud App
Incidents
Bitbucket
Yes
Google Drive
Yes
Jira Data Center
Yes
Jira
Yes
Microsoft Teams
Yes
Slack Enterprise
Yes
Slack Pro and Business
Yes

User Activity Support on Data Security

Cloud App
Notes
Amazon S3
Yes
Yes
No
Bitbucket
Yes
Yes
No
Box
Yes
Yes
Yes
ChatGPT
No
No
No
Cisco Webex Teams
No
No
No
Confluence
Yes
Yes
No
Confluence Data Center
Yes
No
No
Dropbox - Individual Folder
Yes
Yes
Yes
Dropbox - Team Folder
Yes
Yes
Yes
GitHub
No
No
No
Gmail
Yes
Yes
n/a
Google Drive - My Drive
Yes
Yes
Yes
Google Drive - Shared Drives
Yes
Yes
Yes
Jira Data Center
No
No
n/a
Jira
Yes
Yes
n/a
Microsoft Exchange
Yes
No
n/a
Microsoft Office 365 - OneDrive
Yes
Yes
No
Microsoft Office 365 - SharePoint
Yes
Yes
No
Microsoft Teams
Yes
No
n/a
Salesforce
Yes
Yes
n/a
ServiceNow
Yes
Yes
n/a
ShareFile
Yes
Yes
No
Slack Enterprise
No
No
n/a
Slack Pro and Business
No
No
No
Workday
Yes
Yes
No
Zendesk
No
No
No
Zoom
No
No
No

Snippet Support on Data Security

A snippet enables you to investigate a pattern match. Data Security supports snippets for most cloud apps. However, snippets might not be available for you if:
  • Data Security does not support snippets for your cloud app or the specific asset type (file vs. chat)
  • You have not set Write access for Request Snippets in Common Services.
Data Security’s ability to support snippets for your cloud app highly depends on the capabilities available in cloud app vendor’s public API.