: What’s SaaS Security Inline?
Focus
Focus

What’s SaaS Security Inline?

Table of Contents

What’s SaaS Security Inline?

Learn about SaaS Security Inline capabilities.
SaaS Security Inline natively integrates with your NGFW, Panorama Managed Prisma Access, and Cloud Managed Prisma Access to provide granular SaaS application visibility and control of unsanctioned SaaS apps through advanced analytics, reporting, visualization, categorizations, and Security policy authoring so that you can minimize data security risks to your organization. Employees inadvertently use SaaS apps that violate compliance agreements or that carry risks that exceed your organization’s tolerance. SaaS Security Inline discovers such risks so that you can understand them and take action.
SaaS Security Inline provides easy deployment and inline policy enforcement. SaaS Security Inline leverages ACE (App-ID Cloud Engine) technology and SaaS policy rule recommendations to provide greater and faster SaaS app discovery and a seamless SaaS security workflow between your organization’s administrators for improved security posture.
SaaS Security Inline provides:
  • Shadow IT discovery—Using ACE (App-ID Cloud Engine) technology, automatically discovers new SaaS apps to keep pace with the new and emerging SaaS apps. SaaS Security Inline identifies over 71,000 SaaS apps using machine-learning algorithms to achieve a high-level of accuracy and speed.
    Definition of a SaaS App: For the purpose of discovery, we define a SaaS app as any application delivered as a service over the internet. The application should have the capability to upload, download, or share content. Additionally, the application might have the following capabilities and characteristics:
    • The ability to be delivered and managed remotely
    • Features such as session login and data transfer
    • Pricing or subscription pages
  • Shadow IT control—Enables you to author SaaS policy rule recommendations based on a combination of applications, users and groups, categories, activities, device posture (personal vs. corporate) and Enterprise DLP data profiles and collaborate with your firewall administrator on SaaS security policy rules to control intentional and unintentional risky SaaS apps and user activity, allowing access to corporate SaaS apps only for the legitimate users.
  • Shadow IT visibility and reporting—Delivers an up-to-date combined view of both unsanctioned and sanctioned SaaS application usage across categories and subcategories, including Content Marketing, Collaboration & Productivity, and ERP:
    • Risk assessment—Exposes risky SaaS applications that are being used in your application ecosystem. The risk score is between 1 (low risk) and 5 (high risk) and is based on over 55 attributes. To calculate the risk score, SaaS Security Inline considers the following types of attributes:
      You can generate a SaaS Security Report to help you assess risks posed by unsanctioned SaaS apps. The SaaS Security Report summarizes the most risky SaaS applications in your network. After processing completes, the report is automatically emailed to you as a PDF attachment.
      Risk score customizing tools to enable you to manually change the risk score for individual SaaS applications without changing the underlying calculation method, or adjust the weights for the underlying attributes and allow SaaS Security Inline to recalculate and apply the risk score automatically.
    • Risk categorization—Identifies safer alternatives to risky SaaS applications with advanced filters with drill-down views for granularity to locate the SaaS app that meets your organization’s risk tolerance; NPS score metric to assess customer satisfaction with SaaS applications; and tagging, both custom and default, to differentiate sanctioned SaaS apps from unsanctioned SaaS apps that are being used by employees in your organization for efficient monitoring and policy enforcement.
SaaS Security Inline complements Data Security capabilities to provide an integrated CASB (Cloud Access Security Broker) solution.