View Asset Details
Learn about how SaaS Security API displays detailed information
about an asset violating a policy rule.
As SaaS Security API scans your managed cloud apps and
discovers content, you can view the details on . This page provides
context into the findings so you can Assess
Incidents and Monitor and Investigate User Activity across these
applications.
The details for each incident vary depending on:
- Which cloud app retains the asset.
- Whether the asset is a file or a container (for example, a folder or a repository).
- The policy rule the asset violated.
- How the asset is shared.
- Whether users accessed the file or took other actions on the file.
Asset
Detail Description | ||
|---|---|---|
1 | Asset Summary | Summarizes asset file name, file type, exposure
on cloud app, owner, and last updated timestamp. |
2 | Quarantine | Indicates that an admin quarantined the
file. Depending on your admin role permissions, you
can Delete or Restore the
asset. |
3 | Basic Info | Displays metadata about the asset, including:
|
4 | Incidents | Displays which policy rule or rules that
an asset violates, the date SaaS Security API identified the incident, the
status of the incident, and whether there have been previous incidents
associated with the asset. From here you can Assign Incidents to Another Administrator. |
5 | Matching Data Patterns | Displays the data pattern that the asset
matched, number of occurrences, and date found. Administrators with
specific role priviledges can request snippets to
view any available details about the asset matching the data pattern. For
assets that match the WildFire Analysis rule, you can Use
the WildFire Report to Track Down Threats. |
6 | How is this File exposed? | Details how the asset is exposed (Published
to the web, accessible by a public URL, if sign-in is required,
or the asset is exposed by a parent folder). You can View
Details to access the asset URL, if available. Strikethrough
text on attributes denotes no exposure. |
7 | Who is accessing this File? | Lists information about the users that most
recently interacted with the file: timestamp, event (for example, whether
the user downloaded the file), username, IP address, and location.
You can View All Related Activities to see details about
this event and all other events associated with this file.
Such information helps you investigate whether there is malicious
or inappropriate access to the file. |
8 | Lists Internal and External collaborators
for the asset. This section appears only if the asset has an External exposure
level. Additionally, if the collaboration settings are defined at
the asset level, you can change the trust settings. You can define
a collaborator as trusted or untrusted .
If the asset inherits a collaborator from a parent folder, you must
change these settings from the parent folder. | |
9 | Displays the asset tree, policy violations,
and exposure level for
a given asset. View the asset in context of its file and folder
hierarchy to help you identify risks and inherited exposure. Displays
a list of collaborators (members) to help you identify who has access
to shared drives (Google Drive) or team folders (Dropbox) and inherited exposure. | |
10 | Events inside this folder | Displays user activity for
all the files within the selected folder, depending on your cloud app. |
11 | Actions | Lists available actions for an asset, depending
on the cloud app and admin role permissions: |
