Policy Types on SaaS Security API

Learn about the tools SaaS Security API offers to help you define policies that identify sensitive information and monitor activity.
SaaS Security API offers policy types that give you the controls to manage assets, user activity, third-party apps and security controls across all supported SaaS and IaaS applications. A log is generated for events that match a policy rule when logging is enabled for the rule.
SaaS Security API scans supported file types for supported SaaS applications. As SaaS Security API starts scanning your cloud apps, monitor the assets, content types, incidents, users, policy violations, collaborators, and domains that the service discovers during the scan.
Policy Type
Asset policy rules enable you to identify issues with data governance. To know about what type of content is stored in the cloud app and who has access to it, content security rules use data patterns and match criteria to automatically discover activity in your sanctioned SaaS applications and remediate incidents around data segregation, personal and financial information, intellectual property, malware, data breaches, and sensitive documents in your organization.
User Activity
User activity policy rules enable you to identify abnormal behavior. To know about unusual user activity or compliance violations, you can use match criteria to monitor activity such as downloading or exporting data out of the SaaS application, set the activity threshold that triggers a policy violation, and track the IP address where the activity was initiated.
Group-based policy offers granular enforcement of asset rules based on AD user group information.
Security Controls
Security controls policy rules enable you to define rules that monitor email activity in SaaS applications and proper configuration in IaaS applications to prevent data exfiltration and exposure. These rules unlike the content security policy focus on administrators of an application instead of users.
Third-Party apps policy settings enable you to detect and remediate any non-compliant third-party apps to prevent data exfiltration or unauthorized access.

Recommended For You