Extend SaaS Visibility to Cortex Data Lake

Connect SaaS Security API to your Cortex Data Lake to retrieve logs and compile a combined view of unsanctioned and sanctioned application usage.
SaaS Visibility
is the default visibility view on SaaS Security API for tenants provisioned before June 2, 2021. This feature is no longer available for tenants provisioned after June 2, 2021. For inline policy enforcement on your network, more granular control over SaaS application usage and user activity, greater analytics, and a large increase in the number of discovered SaaS applications, use SaaS Security Inline.
For an inventory of SaaS application usage and patterns on your network, and to identify shadow IT, you need to know about data residing within enterprise-enabled SaaS applications, and network traffic generated by users using managed and unmanaged devices within your organization.
If you are using next-generation firewalls or GlobalProtect Cloud Service as an Internet gateway to secure on-premise or remote users and are storing traffic logs and other logs to the Cortex Data Lake, you need to connect SaaS Security API to the Cortex Data Lake to extend SaaS application visibility. All you need is the serial number for your Cortex Data Lake instance.
  1. Retrieve the Cortex Data Lake serial number for your organization.
    1. Select
      Assets
      Cloud Services
      .
    2. Locate your Cortex Data Lake serial number.
  2. Add your Cortex Data Lake serial number to SaaS Security API.
    1. Log in to SaaS Security.
    2. Select
      Settings
      SaaS Visibility
      .
    3. Using the serial number you retrieved above,
      Enter Serial Number
      .

Recommended For You