Determine the Risks Posed by a Third-Party Plugin Across All Marketplace Apps

1. Log in to Strata Cloud Manager.
2. Select ConfigurationSaaS SecurityPosture Security 3rd Party Plugins.
3. Navigate to the Plugins tab to review the third-party plugins.

   The Status column of the table identifies which plugins were Not Reviewed yet.

4. Apply one or more filters to the Plugins table to view only the plugins of interest.

   • From the summary information at the top of the page, you can filter the table to show only the High Severity Plugins the were Not Reviewed.
   • Because the recent and rapid proliferation of generative artificial intelligence (GenAI) apps has introduced new vulnerabilities for data leakage or deliberate attacks, the 3rd Party Plugins page highlights GenAI apps. From the summary information at the top of the page, you can filter the table to show only the GenAI Plugins that were Not Reviewed.
   • You can Add Filter to the Plugins table to filter the table by various plugin attributes, such as the type of marketplace app, the risk severity of the plugin, and the plugin's review status.
5. Review each third-party plugin whose Status is Not Reviewed to decide whether you want to allow the plugin in your environment.

   To identify high-risk plugins, examine the information in the Severity and Risk columns of the table.

   The Severity is based on the marketplace app scopes that were granted to the third-party plugin. The greater the access to the marketplace app's data and actions, the higher the Severity. To view the scopes that the third-party plugin can access, click on Plugin Name in the table and, in the Plugin Details panel, navigate to view the plugin's Permissions.

   This Risk column shows the app's risk score. The risk score is between 1 (low risk) and 5 (high risk) and is calculated from over 55 app attributes including compliance attributes, security and privacy attributes, identity access management attributes, and, if applicable, generative AI attributes.
6. To determine the popularity of the plugin in your organization, and the number of users who will be affected if you revoke access to the plugin, examine the information in the Active Users column. For more details about the users, click on Plugin Name in the table and, in the Plugin Details panel, navigate to view the plugin's Users.
7. Take action on the third-party plugin.

   From the Actions column, you can specify that you Reviewed the plugin and will allow its continued use. From the Actions column you can also, in some cases, Revoke Access to the plugin for all active users of the plugin. To revoke access for individual users, click on Plugin Name in the table and, in the Plugin Details panel, navigate to view the plugin's Users. Whether the Revoke Access action is available depends on the level of permission that SSPM has to the marketplace app, and on the capabilities that the marketplace app's API provides. If the Revoke Access action isn’t available, you can instead log in to the SaaS app's administration console, and follow its documentation to remove the plugin.

   Although you can revoke access to a plugin that does not prevent a user from subsequently installing the same plugin. To instruct SSPM to periodically scan marketplace apps for certain plugins, you can create a Plugin Access Control policy. When the policy is enabled, SSPM can notify you when users install plugins that you don’t want in your environment.