Home
EN
Location
Documentation Home
Palo Alto Networks
Support
Live Community
Knowledge Base
MENU
Home
SaaS Security
SaaS Security Administrator's Guide
SaaS Security API
Remediate Risks of Sanctioned SaaS Apps
Automatically Remediate Incidents
Quarantine
Document:
SaaS Security Administrator's Guide
Quarantine
Download PDF
Last Updated:
Fri Apr 01 12:24:05 PDT 2022
Table of Contents
Search the Table of Contents
SaaS Security
What’s SaaS Security?
SaaS Security License Types
Configure Basic Settings
Set the Time Zone
Configure the Default Language
SaaS Security API
Get Started with SaaS Security API
What’s SaaS Security API?
Support on SaaS Security API
Supported SaaS Applications on SaaS Security API
Supported Content, Remediation and Monitoring
Supported File Types for Scanning Assets
Supported File Types for WildFire Analysis
Supported SaaS Applications with Selective Scanning
Supported Languages for Scanning Assets
Activate SaaS Security API on the Hub
Access SaaS Security API
Connect Directory Services to SaaS Security API
Begin Using Azure Active Directory Groups
Manage Your Directory Service on SaaS Security API
Manage SaaS Security API Administrators
Add SaaS Security API Administrators
Add a Custom Admin Role
Predefined Role Privileges on SaaS Security API
Select an Authentication Method
Configure SAML Single Sign-On (SSO) Authentication
Configure Google Multi-Factor Authentication (MFA)
Reset Administrator Authentication
Reset Administrator Password
Unblock an Administrator
View Administrator Activity on SaaS Security API
Create Teams (Beta)
Configure Settings on SaaS Security API
Collaborators
Exposure Level
Define Your Internal Domains
Define Trusted and Untrusted Users and Domains
Enable Data Masking
Configure the Email Alias and Logo for Sending Notifications
Secure Sanctioned SaaS Apps on SaaS Security API
Add Cloud Apps to SaaS Security API
Begin Scanning an Amazon S3 App
Scan a Single Amazon S3 Account
Cross Account Scan Multiple Amazon S3 Accounts
Add the Amazon S3 App
Exclude Amazon S3 Buckets from Scans
Begin Scanning an Amazon Web Services App
Begin Scanning a Bitbucket Cloud App
Begin Scanning a Box App
Begin Scanning a Cisco Webex Teams App
Begin Scanning a Citrix ShareFile App (Beta)
Begin Scanning a Confluence App (Beta)
Begin Scanning Dropbox or Yammer
Begin Scanning a GitHub App
Begin Scanning a Gmail App
Begin Scanning a Google Cloud Storage App
Begin Scanning a Google Drive App
Begin Scanning Third-Party Apps on the G Suite Marketplace
Begin Scanning a Jira Cloud App
Add a Jive App
Install the Jive Add-On
Begin Scanning a Jive App
Begin Scanning a Microsoft Azure Storage App
Begin Scanning a Microsoft Exchange App
Begin Scanning Microsoft Office 365 Apps
Begin Scanning a Microsoft Teams App
Begin Scanning a Salesforce App
Begin Scanning a ServiceNow App
Begin Scanning a Slack for Enterprise Grid App
Begin Scanning a Slack for Pro and Business App
Begin Scanning a Workplace by Facebook App (Beta)
Begin Scanning a Zendesk App
Begin Scanning a Zoom App (Beta)
Unmanaged Device Access Control on SaaS Security API
Configure Unmanaged Device Access Control
Reauthenticate to a Cloud App
Verify Permissions on Cloud Apps
Start Scanning a Cloud App
Stop Scanning a Cloud App
Rescan a Managed Cloud App
Delete a Managed Cloud App
API Throttling
Configure Classification Labels
Manage Policy for Sanctioned SaaS Apps
Policy Types on SaaS Security API
Data Patterns
SaaS Security with Enterprise DLP
Predefined Data Patterns on SaaS Security API
Proximity Keywords
Confidence Levels
Shared Data Profiles and Data Patterns
Modify a Predefined Data Pattern
Create a Custom Data Profile
Add a File Property Data Pattern
Create a Custom Data Pattern
Enable or Disable a Machine Learning Data Pattern
Configure WildFire Analysis
Configure Regular Expressions
Enable or Disable a Data Pattern
View and Filter Data Pattern Match Results
Asset Rules
Predefined Policies on SaaS Security API
Add a New Asset Rule
Building Blocks in Asset Rules
Match Criteria for Asset Rules
View Asset Details
User Activity Rules
Add a New User Activity Rule
Match Criteria for User Activity Rules
Examples of User Activity Rules
View Policy Violations for User Activity
Security Control Rules
Add a New Security Control Rule
View Policy Violations for Security Controls
Third-Party App Settings
Add a New Setting for Third-Party Apps
View Information for Third-Party Apps
Fine-Tune Policy
Modify a Policy Rule
Disable a Policy Rule
Assess Incidents on SaaS Security API
What is an Incident?
Assess New Incidents on SaaS Security API
View Asset Details
Filter Incidents
Security Controls Incident Details
Track Down Threats with WildFire Report
Track Down Threats with AutoFocus
Customize the Incident Categories
Close Incidents
Download Assets for Incidents
View Asset Snippets for Incidents
Analyze Inherited Exposure
Email Asset Owners
Modify Incident Status
Generate Reports on SaaS Security API
Generate the SaaS Risk Assessment Report
Generate the GDPR Report
Assess Data Violations on SaaS Security API
What is a Data Violation?
Assess New Data Violations on SaaS Security API
Configure Data Violation Alerts on SaaS Security API
Filter Data Violations on SaaS Security API
View Asset Snippets for Data Violations on SaaS Security API
View Data Violation Metrics on SaaS Security API
Modify Data Violation Status on SaaS Security API
Remediate Risks of Sanctioned SaaS Apps
Remediation Approaches for Incidents
Automatic Incident Remediation Options
Automatically Remediate Incidents
Quarantine
Manage Quarantined Files
Change Sharing
Remediation Email Digest
View Remediation Activity Logs
Remediate Third-Party Apps
Manually Remediate Incidents
Modify Incident Status
Manually Quarantine Assets
Assign Incidents to Another Administrator
Create a Custom Email Template
Monitor SaaS Security API
Monitor Services on SaaS Security API
Monitor Scan Results on the Dashboard
View All Open Incidents
View All Domains for Collaborators
Monitor and Investigate User Activity
SaaS Application Visibility on SaaS Security API
Extend SaaS Visibility to Cortex Data Lake
View SaaS Application Usage on SaaS Security API
Group-Based Visibility
Enable Group-Based Policy
Enable Group-Based Incident Management
Enable Group-based Selective Scanning (Beta)
Use Faceted Search to Filter Assets
Use Advanced Search
Use Advanced Search Expressions
Export Results to CSV File
Enterprise DLP App on Hub
Troubleshoot Issues on SaaS Security API
Resolve Onboarding Issues
Resolve Quarantine Failures
Syslog and API Client Integration on SaaS Security API
Syslog Integration on SaaS Security API
Configure Syslog Monitoring on SaaS Security API
Syslog Field Descriptions
Incidents Log Fields
Remediation Activity Log Fields
Policy Violation Log Fields
Activity Monitoring Log Fields
Admin Audit Log Fields
API Client Integration on SaaS Security API
Cortex XSOAR for SaaS Security API
Add Your API Client to SaaS Security API
API Client Authentication
Retrieve a Token
Authentication Errors
API References on SaaS Security API
HTTP Request Methods and Status Codes
Log Events API
Incident and Remediation API
SaaS Security Inline
Get Started with SaaS Security Inline
What’s SaaS Security Inline?
Navigate To SaaS Security Inline
Navigate To SaaS Security Inline for NGFW and Panorama Managed Prisma Access
Navigate To SaaS Security Inline for Cloud Managed Prisma Access
SaaS Visibility for NGFW
SaaS Visibility and Controls for NGFW
SaaS Visibility for Prisma Access
SaaS Visibility and Controls for Panorama Managed Prisma Access
SaaS Visibility and Controls for Cloud Managed Prisma Access
Activate SaaS Security Inline for NGFW
Activate SaaS Security Inline for Prisma Access
Connect SaaS Security Inline and Cortex Data Lake
Integrate with Azure Active Directory
Manage SaaS Security Inline Administrators
Add SaaS Security Inline Administrators
Predefined Role Privileges on SaaS Security Inline
View Administrator Activity on SaaS Security Inline
Select an Authentication Method
Configure Google Multi-Factor Authentication (MFA)
Configure SAML Single Sign-On (SSO) Authentication
Assess Risks of Unsanctioned SaaS Apps
View Usage Data for Unsanctioned SaaS Apps
SaaS Visibility Application Attributes
Identify Risky SaaS Applications and Users
SaaS Security Report
Generate the SaaS Security Report
Filter Unsanctioned SaaS Apps
Remediate Risks of Unsanctioned SaaS Apps
Manage Policy for Unsanctioned SaaS Apps
SaaS Policy Rule Recommendations
App-ID Cloud Engine
Guidelines for SaaS Policy Rule Recommendations
Predefined SaaS Policy Rule Recommendations
Apply Predefined SaaS Policy Rule Recommendations
Create SaaS Policy Rule Recommendations
Delete SaaS Policy Rule Recommendations
Enable SaaS Policy Rule Recommendations
