New Features Introduced in April 2024
Table of Contents
Expand all | Collapse all
-
- New Features Introduced in November 2024
- New Features Introduced in October 2024
- New Features Introduced in August 2024
- New Features Introduced in July 2024
- New Features Introduced in June 2024
- New Features Introduced in May 2024
- New Features Introduced in April 2024
- New Features Introduced in March 2024
- New Features Introduced in January 2024
-
- New Features Introduced in November 2023
- New Features Introduced in October 2023
- New Features Introduced in September 2023
- New Features Introduced in August 2023
- New Features Introduced in July 2023
- New Features Introduced in June 2023
- New Features Introduced in May 2023
- New Features Introduced in April 2023
- New Features Introduced in March 2023
- New Features Introduced in January 2023
-
- New Features Introduced in December 2021
- New Features Introduced in October 2021
- New Features Introduced in September 2021
- New Features Introduced in August 2021
- New Features Introduced in July 2021
- New Features Introduced in June 2021
- New Features Introduced in May 2021
- New Features Introduced in March 2021
- New Features Introduced in January 2021
New Features Introduced in April 2024
Learn about the new features that became available in SaaS Security starting April
2024.
The following table provides a snapshot of new features introduced for SaaS Security
in April 2024. Refer to the Administrator’s Guide for more information
on how to use Data Security, SaaS Security Inline, and SaaS Security Posture Management (SSPM).
Feature
|
Description
|
---|---|
Detailed user and group information from Cloud Identity Engine in
SaaS Security Inline
|
If you activated the Cloud Identity
Engine on your tenant and configured directory sync
in Cloud Identity Engine for Azure Active Directory (Azure AD),
SaaS Security Inline can now obtain user information from Azure
AD through the Cloud Identity Engine. This additional
information is available to you in the Discovered Users view
and in the Users & Groups area of the Create New Policy
Recommendation page.
For the Discovered Users view
, SaaS Security Inline matches the discovered users with
user information from Azure AD to display additional user
details, such as the user's department, region, and manager. You
can also filter the view according to these additional details.
For the Create New Policy
Recommendation page, you now have the option to
include users and groups from Cloud Identity Engine in your
policy recommendations. SaaS Security Inline obtains the users
and groups from Azure AD through the Cloud Identity Engine. SaaS
Security Inline also obtains the dynamic user groups that the
Cloud Identity Engine has defined.
|
Improvements to tenant-level policy rule recommendations
|
When you create policy rule
recommendations at the tenant level, you can now
specify the Allow action for more
applications. Tenant-level policy rule
recommendations, if committed on the firewall, affect
only the application tenants identified in the recommendation.
The Allow action explicitly permits
network traffic on selected tenants, and was previously
supported for Box. The Allow action is
now also supported for GitHub, Microsoft SharePoint, and
Slack.
|
Behavior Threats detection
|
Behavior Threats is a
new feature in SaaS Security that helps you identify potential
threats to your organization from compromised accounts,
malicious insiders, and data breaches. Specifically, Behavior
Threats examines how your organization’s users are interacting
with sanctioned SaaS applications to identify suspicious user
activities that might indicate attempts to steal or corrupt
data.
New customers who purchase a license that includes Data Security
will have access to Behavior Threats immediately. For existing
customers with Data Security, we are rolling out Behavior
Threats over the coming weeks. If you're an existing customer
and you want get started with Behavior Threats sooner, contact
us at behavior-threats-support@paloaltonetworks.com.
|
Support for Custom Admin Roles in SSPM
|
You can now create Custom Admin Roles for
SSPM in the Strata Cloud Manager. With this launch, you have the
extended capability of managing the Role-Based Access Control,
leveraging the Identity and Access
Management (I&AM) central framework for complete
authentication and authorization.
|
Microsoft Labeling
|
Data Security supports Microsoft Labeling for Office 365
connectors. You can apply data labels to assets in your Office 365 connectors,
thus classifying and protecting sensitive information in your
organization.
|
Selective Scanning for Google Drive on Strata Cloud Manager
| |
Selective Scanning for Office 365 and Box apps on Strata Cloud Manager
|