>
    Strata Copilot
    Take Action on Third-Party Plugins
    Focus
    Download PDF
    Focus
    1. Home
    2. SaaS Security
    3. Remediate Posture Security Risks
    4. Take Action on Third-Party Plugins
    Download PDF
    SaaS Security

    Take Action on Third-Party Plugins

    Table of Contents

    Take Action on Third-Party Plugins

    If you determine that a third-party plugin is a threat, you can block or remove the plugin from the SaaS app. Otherwise, you can mark the plugin as reviewed.
    Where Can I Use This?What Do I Need?
    • Strata Cloud Manager
    • SaaS Security Posture Management license
    Or any of the following licenses that include the Data Security license:
    • CASB-X
    • CASB-PA
    After you assess the risks posed by third-party plugins, you can take action. You can approve or revoke access to the plugin. The specific actions that you can take to revoke access to a plugin depends on the SaaS platform that’s hosting the plugin. Depending on the SaaS platform, you can revoke access within SaaS Security Posture Management for individual users. For some SaaS apps, you must go to the SaaS app's administration console to revoke a plugin's access.
    Although you can revoke access to a plugin that does not prevent a user from subsequently installing the same plugin. To instruct SSPM to periodically scan marketplace apps for certain plugins, you can create a Plugin Access Control policy. When the policy is enabled SSPM can notify you when users install plugins that you don’t want in your environment.
    1. Log in to Strata Cloud Manager.
    2. Select ConfigurationSaaS SecurityPosture Security.
    3. Navigate to the unreviewed third-party plugins for an app. Determine the action to take based on the plugin information provided.
      You can review plugins across all marketplace apps from the 3rd Party Plugins page (Posture Security3rd Party Plugins) or for one marketplace app instance (from the Connected Applications tab of the app's details page).
    4. Take action:
      From the 3rd Party Plugins page, you can take the following actions. To locate the unreviewed plugins, you can Add Filter for plugin Status and filter by Not Reviewed.
      • To indicate that you have reviewed the plugin and you don’t consider the plugin to be a risk:
        1. Locate the plugin in the table.
        2. In the Actions column, select Reviewed.
      • To revoke access to the plugin for all users:
        1. Locate the plugin in the table.
        2. In the Actions column, select Revoke Access.
          Whether the Revoke Access action is available depends on the level of permission that SSPM has to the marketplace app, and on the capabilities that the marketplace app's API provides. If the Revoke Access action isn’t available, you can instead log in to the SaaS app's administration console, and follow its documentation to remove the plugin.
      • To revoke access to a plugin for individual users:
        1. Locate the plugin in the table.
        2. Click on Plugin Name in the table and, in the Plugin Details panel, navigate to view the plugin's Users.
        3. In the Actions column, select the action to take. The available actions depend on the marketplace app.
      • To revoke access to all installed plugins for an individual user, complete the following steps:
        1. On the third-party plugins page, navigate to the Users tab.
        2. Locate the user in the table.
        3. In the Actions column, select the action to take. The available actions depend on the marketplace app.
      From the Connected Applications tab of a marketplace app's details page, you can take the following actions:
      • To indicate that you have reviewed the plugin and you don’t consider the plugin to be a risk:
        1. Select the Connected Applications tab.
        2. From the Actions column for the plugin, select Reviewed.
      • To revoke access to the plugin for an individual user, complete the following steps:
        1. Select the Connected Applications tab.
        2. In the Applications column, click the name of the third-party plugin.
        3. In the details window for the plugin, select the Users tab.
        4. Select the action to Revoke Access for the user.
        You can also revoke a user's access to a plugin from the Users tab.
        1. Select the Users tab.
        2. In the Users column, click the name of the user.
        3. In the details window for the user, select the User Level Applications tab.
        4. Select the action to Revoke Access for the user.
        If the Revoke Access action isn’t available, this means that SSPM does not support revoking access for individual users. Instead, log in to your SaaS app's administration console to remove the plugin.

    © 2026 Palo Alto Networks, Inc. All rights reserved.