Use this workflow to onboard SaaS Security Inline.
SaaS Security Inline provides SaaS visibility
so that you can identify cloud‑based threats and risky user activity
on sanctioned and unsanctioned SaaS apps.
is quite simple. If your CDL (Cortex Data Lake) is configured to receive
logs from your Palo Alto Networks firewalls, after activation, SaaS
Security Inline automatically discovers all SaaS applications and
users and analyzes users’ SaaS activity and usage data and presents
risk analytics. After you evaluate the data in the Dashboard, you’re
ready to tag SaaS apps, configure risk scores, and generate reports
to better understand and respond to SaaS application usage of sanctioned and
unsanctioned SaaS apps.
Use the following workflow if you
want to use SaaS visibility only. If you want to use all the features
of SaaS Security Inline, including SaaS visibility, ACE, and policy
rule recommendations to protect against cloud‑based threats, use
the SaaS Visibility and Controls for NGFW workflow instead.