View SaaS Application Usage on SaaS Security API

Use the SaaS Visibility Dashboard on SaaS Security API to explore details about application data and network traffic populated from the Cortex Data Lake.
SaaS Visibility
is the default visibility view on SaaS Security API for tenants provisioned before June 2, 2021. This feature is no longer available for tenants provisioned after June 2, 2021. For inline policy enforcement on your network, more granular control over SaaS application usage and user activity, greater analytics, and a large increase in the number of discovered SaaS applications, use SaaS Security Inline.
Wait for up to 24 hours after you connect SaaS Security API to Cortex Data Lake to view details about data residing within enterprise-enabled SaaS applications and network traffic from firewall logs.
  • Log in to SaaS Security, and click
    Explore
    SaaS Visibility
    .
    SaaS Visibility Dashboard
    1
    Dashboard Filters
    The SaaS Visibility Dashboard enables you to filter by application or time frame.
    Only a monthly view is supported. Weekly and quarterly views are currently deprecated.
    2
    Application
    Displays an interactive view of the total number of sanctioned and unsanctioned applications by
    Sanctioned Status
    or
    Risk Score
    .
    3
    Characteristics
    Displays the number of applications or bytes with poor characteristics:
    • No Certifications
    • Data Breach history
    • Poor Financial Viability
    • Poor Terms of Service
    • No IP Restrictions
    4
    All Applications
    Lists every sanctioned or unsanctioned application, by subcategory and App-ID, and can be filtered by
    Sanction Status
    or
    Poor Characteristics
    .
    5
    Export CSV
    Export details for all applications into a CSV file.
    6
    App Name
    Click the application name to view details (Description, SaaS Characteristics, Users, Usage, Similar Applications by Type, Malware, and Data Exfiltration).
  • Click the
    App Name
    to view detailed application information populated from your Cortex Data Lake and SaaS Security API.
    App Detail View
    1
    Dashboard Filter
    Filter the application details by time frame.
    Only a monthly view is supported. Weekly and quarterly views are currently deprecated.
    2
    App Description
    Displays the application title, a sanctioned (grey) or unsanctioned (red) icon, app description populated from App-ID and the ability to tag the application
    Sanctioned
    or
    Unsanctioned
    on SaaS Security API. This tag is local only to SaaS Security API and will not be applied to the firewall.
    3
    SaaS Characteristics
    View the Pass or Fail status for Certifications, Data Breaches, Financial Viability, Terms of Service, and IP Restrictions retrieved from the App-ID.
    4
    View Icon
    Toggle between data visualization or table view to display the app details. The
    Export CSV
    link is available on the table view.
    5
    Users
    Displays the number of users in comparison with the application with the most users. The table view displays a exportable list of usernames.
    6
    Usage
    Displays the number of sessions and bytes transferred for the selected app in comparison to other sessions and bytes for other applications.
    7
    Similar Applications by Type
    Displays the application, number of users and bytes of data transferred of similar applications.
    Depending on the cloud app
    Malware
    Displays if any malware has been detected.
    Data Exfiltration
    Displays the total number of files exposed publicly or externally along with number of files in each classification. Click the total number of files to view the list of Assets.

Recommended For You