SaaS Security API provides predefined policies
that are automatically applied after you add a cloud app and SaaS
Security API scans the assets on that cloud app, if they are
By default, some are
and others are
Predefined policies help you identify security threats without the
need to create a policy from scratch.
The immediate results from predefined polices
help you identify what sensitive content you have and evaluate and
understand how those policies are working on that content. Later,
you can modify—to change the underlying predefined profile—clone,
disable, or delete these policies; however, if you want to modify
the predefined policy, the SaaS Security team recommends that you
clone the predefined policy so that you can retain the original
predefined policy, then fine-tune the new policy to meet your unique needs.
Predefined policies discover commonly known sensitive
content and are based on strong security practices; when applicable, the
data patterns that underlie these predefined policies are based
on predefined profiles of
the same name. The same predefined policies are available whether
or not you have SaaS Security with Enterprise DLP Add–on,
although the availability of predefined profiles differs.
All predefined policies use
matching: a policy can be configured to
add individual match criteria using a dropdown list and an interactive
UI (Basic) or a query search (Advanced).