Group-Based Visibility

Learn about the group-based visibility capabilities that SaaS Security API offers.
Without policy enforcement and visibility at a granular level, organizations are vulnerable to sensitive data loss and unauthorized access. SaaS Security API offers the following group-based visibility capabilities. However, before you can use group-based visibility, SaaS Security API must connect to Azure AD and scan for your groups.
—Offers granular enforcement of asset rules based on AD user group information. For example:
Automatic Remediation
HR employee shares a sensitive folder with entire company.
Create an incident.
Engineering employee shares a sensitive folder with entire company.
Notify file owner.
—Combines AD groups with role-based access control to enable differentiated permissions for administrators, enabling productivity while limiting visibility to the data stored on your managed SaaS apps.
—Use to include or exclude specific AD groups from scans to adhere to data privacy regulations. For example, you might want a group to have different privacy rules than another group, or you need to exclude users within a group due to confidentiality of assets.

Recommended For You