SaaS Security Management
Introduction
The SaaS module helps you discover, inventory, and assess the security of cloud applications used across your organization. Identify shadow IT, evaluate app security, and maintain control over your SaaS portfolio.
Key Features
App Discovery
Automatically discover SaaS applications in use across your organization
Shadow IT Detection
Identify unauthorized applications accessing corporate data
Risk Assessment
Evaluate security posture of each application
Usage Analytics
Understand who's using which applications
The SaaS Security Challenge
Growth of SaaS
- Average enterprise uses 100+ SaaS applications
- 80% of employees use non-approved apps
- SaaS sprawl increases security and compliance risk
Risks of Unmanaged SaaS
| Risk | Impact |
|---|---|
| Data Leakage | Sensitive data in unvetted apps |
| Compliance Violation | Unreviewed data processing |
| Access Control | No centralized identity |
| Shadow IT | Unknown security posture |
Module Components
Third-Party Applications
Comprehensive SaaS inventory:
- All discovered applications
- Usage metrics
- Security assessments
- Risk ratings
Learn more about Third-Party Apps →
How Discovery Works
Discovery Methods
| Method | What It Finds |
|---|---|
| SSO Integration | Apps connected via SSO |
| OAuth Tokens | Apps with OAuth access |
| Email Headers | Apps sending to employees |
| Browser Extension | Apps accessed via browser |
Data Sources
Connect these integrations for discovery:
- Google Workspace
- Microsoft 365
- Azure AD
Getting Started
Connect Cloud Services
Enable Google Workspace or Microsoft 365 integration.
Initial Discovery
Bastion scans for connected applications.
Review Apps
Review discovered applications and categorize them.
Assess Risk
Evaluate security posture of each application.
Take Action
Approve, block, or monitor applications.
Best Practices
Maintain an Approved List
Create and maintain a list of approved applications. This sets clear expectations.
Review Regularly
New apps appear constantly. Regular reviews catch shadow IT early.
Involve Business Units
Work with teams to understand their app needs. Blocking without alternatives creates friction.
Assess Before Approving
Require security review for new applications before approval.