View SaaS Application Usage on SaaS Security API
Use the SaaS Visibility Dashboard on SaaS Security API
to explore details about application data and network traffic populated
from the Cortex Data Lake.
SaaS Visibility
is
the default visibility view on SaaS Security API for tenants provisioned
before June 2, 2021. This feature is no longer available for tenants provisioned
after June 2, 2021. For inline policy enforcement on your network,
more granular control over SaaS application usage and user activity,
greater analytics, and a large increase in the number of discovered
SaaS applications, use SaaS Security Inline.Wait
for up to 24 hours after you connect SaaS
Security API to Cortex Data Lake to view details about data residing
within enterprise-enabled SaaS applications and network traffic
from firewall logs.
- Log in to SaaS Security, and click .
SaaS Visibility Dashboard1Dashboard FiltersThe SaaS Visibility Dashboard enables you to filter by application or time frame.Only a monthly view is supported. Weekly and quarterly views are currently deprecated.2ApplicationDisplays an interactive view of the total number of sanctioned and unsanctioned applications bySanctioned StatusorRisk Score.3CharacteristicsDisplays the number of applications or bytes with poor characteristics:- No Certifications
- Data Breach history
- Poor Financial Viability
- Poor Terms of Service
- No IP Restrictions
4All ApplicationsLists every sanctioned or unsanctioned application, by subcategory and App-ID, and can be filtered bySanction StatusorPoor Characteristics.5Export CSVExport details for all applications into a CSV file.6App NameClick the application name to view details (Description, SaaS Characteristics, Users, Usage, Similar Applications by Type, Malware, and Data Exfiltration). - Click theApp Nameto view detailed application information populated from your Cortex Data Lake and SaaS Security API.
App Detail View1Dashboard FilterFilter the application details by time frame.Only a monthly view is supported. Weekly and quarterly views are currently deprecated.2App DescriptionDisplays the application title, a sanctioned (grey) or unsanctioned (red) icon, app description populated from App-ID and the ability to tag the applicationSanctionedorUnsanctionedon SaaS Security API. This tag is local only to SaaS Security API and will not be applied to the firewall.3SaaS CharacteristicsView the Pass or Fail status for Certifications, Data Breaches, Financial Viability, Terms of Service, and IP Restrictions retrieved from the App-ID.4View IconToggle between data visualization or table view to display the app details. TheExport CSVlink is available on the table view.5UsersDisplays the number of users in comparison with the application with the most users. The table view displays a exportable list of usernames.6UsageDisplays the number of sessions and bytes transferred for the selected app in comparison to other sessions and bytes for other applications.7Similar Applications by TypeDisplays the application, number of users and bytes of data transferred of similar applications.Depending on the cloud appMalwareDisplays if any malware has been detected.Data ExfiltrationDisplays the total number of files exposed publicly or externally along with number of files in each classification. Click the total number of files to view the list of Assets.
