: New Features Introduced in April 2024
Focus
Focus

New Features Introduced in April 2024

Table of Contents

New Features Introduced in April 2024

Learn about the new features that became available in SaaS Security starting April 2024.
The following table provides a snapshot of new features introduced for SaaS Security in April 2024. Refer to the Administrator’s Guide for more information on how to use Data Security, SaaS Security Inline, and SaaS Security Posture Management (SSPM).
Feature
Description
Detailed user and group information from Cloud Identity Engine in SaaS Security Inline
If you activated the Cloud Identity Engine on your tenant and configured directory sync in Cloud Identity Engine for Azure Active Directory (Azure AD), SaaS Security Inline can now obtain user information from Azure AD through the Cloud Identity Engine. This additional information is available to you in the Discovered Users view and in the Users & Groups area of the Create New Policy Recommendation page.
For the Discovered Users view , SaaS Security Inline matches the discovered users with user information from Azure AD to display additional user details, such as the user's department, region, and manager. You can also filter the view according to these additional details.
For the Create New Policy Recommendation page, you now have the option to include users and groups from Cloud Identity Engine in your policy recommendations. SaaS Security Inline obtains the users and groups from Azure AD through the Cloud Identity Engine. SaaS Security Inline also obtains the dynamic user groups that the Cloud Identity Engine has defined.
Improvements to tenant-level policy rule recommendations
When you create policy rule recommendations at the tenant level, you can now specify the Allow action for more applications. Tenant-level policy rule recommendations, if committed on the firewall, affect only the application tenants identified in the recommendation. The Allow action explicitly permits network traffic on selected tenants, and was previously supported for Box. The Allow action is now also supported for GitHub, Microsoft SharePoint, and Slack.
Behavior Threats detection
Behavior Threats is a new feature in SaaS Security that helps you identify potential threats to your organization from compromised accounts, malicious insiders, and data breaches. Specifically, Behavior Threats examines how your organization’s users are interacting with sanctioned SaaS applications to identify suspicious user activities that might indicate attempts to steal or corrupt data.
New customers who purchase a license that includes Data Security will have access to Behavior Threats immediately. For existing customers with Data Security, we are rolling out Behavior Threats over the coming weeks. If you're an existing customer and you want get started with Behavior Threats sooner, contact us at behavior-threats-support@paloaltonetworks.com.
Support for Custom Admin Roles in SSPM
You can now create Custom Admin Roles for SSPM in the Strata Cloud Manager. With this launch, you have the extended capability of managing the Role-Based Access Control, leveraging the Identity and Access Management (I&AM) central framework for complete authentication and authorization.
Microsoft Labeling
Data Security supports Microsoft Labeling for Office 365 connectors. You can apply data labels to assets in your Office 365 connectors, thus classifying and protecting sensitive information in your organization.
Selective Scanning for Google Drive on Strata Cloud Manager
Data Security supports OU based Selective Scanning for Google Drive on Strata Cloud Manager.
Selective Scanning for Office 365 and Box apps on Strata Cloud Manager
Data Security supports Selective Scanning for Office 365 and Box apps on Strata Cloud Manager.