How Zluri calculates the risk level & what actions you can take on the basis of the risk level value?

Zluri provides a 360-degree view of security & compliance with each SaaS application you use in your organization.

You can visit each application's 'Security & compliance' tab to get a detailed view of its security. The tab consists of 4 sections.

  • Events - Updates about recent events relevant to the security of the application, including the date of the event and an assessment of the impact of the event on the security of the application
     

  • Data Shared - This tab presents the information that is shared between your SSO & and the application when you authorize the application with SSO. Every application is given a threat score based on the sensitivity of the data the application has access to and the action it can perform on that data.

Threat level is determined by an average of the different security threats posed by the data shared by the application.

  • Compliance - This tab lists all the compliance certifications of the application. Zluri tracks the application's compliance status over 50 global compliance standards and presents it in this tab. You can also add a compliance if it's missing here.

  • Security Probes - This tab gives the assessment of the security of the application by different independent entities that provide scores based on the application's performance across parameters such as cookies, HTTPS protocol, etc.

    • Zluri collects the security analysis scores from the below-mentioned websites and presents them in this tab.

      • HTTP Observatory

      • TLS Observatory

      • SSL Labs

      • Immuniweb

      • HSTS Preload

      • Security Headers

      • Imirhill


The security score of any application is calculated by taking a weighted average of the security probe score & compliance score. Then multipliers are added to it based on the threat score (obtained from data shared), the impact of the event (with a cool-off period) & the number of users using the application. Security score is a score between 0 to 100.


The risk level is determined by the security score. If the security score is between 80 to 100, the risk level is 1; if the security score is below 20, the risk level is 5.

Zluri also gives an option to manually set the risk for each application in case the IT admin wants to manually assign the risk to each app.


The consolidated view of each application's security can be viewed in the security module of Zluri, which lists the critical applications and users.



What actions can be taken based on the security scores?

Actions can be taken based on the authorization status of the applications. A few scenarios are explained below.

  1. Suppose a 'restricted' application is identified as a high-risk application. In this case, as an IT admin, you can notify all users of the applications to stop using the application & remove the authentications of the application from the SSO.

  2. If an application comes under 'managed IT' and is identified as a high-risk application - In this case, You may notify the users to securely access the application using SSO by enabling 2FA. Or you may also look for alternatives to the applications which are more secure.

  3. Suppose an application which 'needs review' is identified as a high-risk application. In this case, You may review the application & mark it as either 'managed IT'/' Unmanaged IT'/'Restricted'. Based on the authentication level, you can take appropriate action.


Can’t find what you are looking for? Let us help you!

How Zluri calculates the risk level & what actions you can take on the basis of the risk level value?

Modified on Wed, 22 Nov 2023 at 08:29 PM

Zluri provides a 360-degree view of security & compliance with each SaaS application you use in your organization.

You can visit each application's 'Security & compliance' tab to get a detailed view of its security. The tab consists of 4 sections.

  • Events - Updates about recent events relevant to the security of the application, including the date of the event and an assessment of the impact of the event on the security of the application
     

  • Data Shared - This tab presents the information that is shared between your SSO & and the application when you authorize the application with SSO. Every application is given a threat score based on the sensitivity of the data the application has access to and the action it can perform on that data.

Threat level is determined by an average of the different security threats posed by the data shared by the application.

  • Compliance - This tab lists all the compliance certifications of the application. Zluri tracks the application's compliance status over 50 global compliance standards and presents it in this tab. You can also add a compliance if it's missing here.

  • Security Probes - This tab gives the assessment of the security of the application by different independent entities that provide scores based on the application's performance across parameters such as cookies, HTTPS protocol, etc.

    • Zluri collects the security analysis scores from the below-mentioned websites and presents them in this tab.

      • HTTP Observatory

      • TLS Observatory

      • SSL Labs

      • Immuniweb

      • HSTS Preload

      • Security Headers

      • Imirhill


The security score of any application is calculated by taking a weighted average of the security probe score & compliance score. Then multipliers are added to it based on the threat score (obtained from data shared), the impact of the event (with a cool-off period) & the number of users using the application. Security score is a score between 0 to 100.


The risk level is determined by the security score. If the security score is between 80 to 100, the risk level is 1; if the security score is below 20, the risk level is 5.

Zluri also gives an option to manually set the risk for each application in case the IT admin wants to manually assign the risk to each app.


The consolidated view of each application's security can be viewed in the security module of Zluri, which lists the critical applications and users.



What actions can be taken based on the security scores?

Actions can be taken based on the authorization status of the applications. A few scenarios are explained below.

  1. Suppose a 'restricted' application is identified as a high-risk application. In this case, as an IT admin, you can notify all users of the applications to stop using the application & remove the authentications of the application from the SSO.

  2. If an application comes under 'managed IT' and is identified as a high-risk application - In this case, You may notify the users to securely access the application using SSO by enabling 2FA. Or you may also look for alternatives to the applications which are more secure.

  3. Suppose an application which 'needs review' is identified as a high-risk application. In this case, You may review the application & mark it as either 'managed IT'/' Unmanaged IT'/'Restricted'. Based on the authentication level, you can take appropriate action.


Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select atleast one of the reasons

Feedback sent

We appreciate your effort and will try to fix the article