Learn about the automatic remediation options available
when an incident is discovered by SaaS Security API.
Now that you’ve determined that automatic remediation
is the best approach for your organization, use this powerful tool
to address security incidents that SaaS Security API discovers.
When you add
a new asset rule, select the remediation or action required
to automatically address the incident. These capabilities depend
support for your cloud app.
If an incident includes a link that allows
the asset to be publicly accessed (public link or direct
link), you can automatically remove the
links that allow the asset to be publicly accessed. You can remove
the direct link on the asset only, or you can also remove links
that expose the asset due to inheritance from parent folders.
you can remove external collaborators from any asset or parent folders.
an administrator automatically changes sharing on an asset, you
can send the asset owner a Remediation
Email Digest that describes the changes that were made (
Notify File Owner
Instead of automatically fixing the incident,
send file owners a Remediation
Email Digest that describes actions that they can take to
remediate the policy violation (
Notify via Bot
Instead of using the administrator account,
use a machine account to send the file or message owner a message
that describes the actions they can take to remediate the policy
For most policy rules, verify
This option allows you to identify potential risk for new cloud
apps that you added. Then, after you uncover specific incidents that
are determined to be high-compliance risks on your network, you
can modify the rule or add a new rule that triggers one of the autoremediate
actions to automatically remediate the policy violation.
Send Admin Alert
If there are compliance issues that need
immediate action, such as policy rules that are high-risk or sensitive,
you can send one or more administrators an alert.
SaaS Security API sends up to five emails per hour on matches against
each Cloud app instance.