- Home
- Solutions
- Security and Compliance
- How Zluri calculates the risk level?
How Zluri calculates the risk level?
Zluri provides you with a 360-degree view of security & compliance with each SaaS application you use in your organization. It considers the following factors while calculating the risk score.
Scope risk levels: Scope risk levels are decided by the sensitivity of the scopes they have access. For example, if an application has access to a scope that allows it to access & delete all your Google Drive files, that is considered a high-risk scope. In comparison, if an application has access to a scope that allows you to access only a user's email ID, that is considered a low-risk scope.
Compliances: The more compliances an application complies with, the more secure the application is. An application such as Slack is compliant with all significant compliances globally. Hence we consider it more secure when compared to an application with a lesser number of compliances.
Security Probes: Zluri collects security-related information from third-party websites like syllabus, Immuniweb, imirhil etc. Then Zluri takes the weighted average of these security grades & presents it on the dashboard on a range from A to F- A representing a highly secure application & F being a lowly secure application.
Recent security breaches: Zluri also constantly monitors the security breaches related to SaaS applications and increases the risk score if a recent security breach related to any application comes to the news.
Based on the above-mentioned factors, zluri assigns a security score rating from 1 to 5, where 1 & 2 means low risk, 3 is medium risk & 4,5 means high risk.
What actions can be taken based on the security scores?
Actions can be taken based on the authorization status of the applications. A few scenarios are explained below.
Suppose a 'restricted' application is identified as a high-risk application. In this case, as an IT admin, you can notify all users of the applications to stop using the application & remove the authentications of the application from the SSO.
If an application comes under 'managed IT' is identified as a high-risk application. In this case, You may notify the users to securely access the application using SSO by enabling 2FA. or look for more secure alternatives to the applications.
Suppose an application that 'needs review' is identified as high-risk. In this case, You may review the application & mark it as either 'managed IT'/'Unmanaged IT'/'Restricted'. Based on the authentication level, you can take appropriate action.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article
Zluri provides you with a 360-degree view of security & compliance with each SaaS application you use in your organization. It considers the following factors while calculating the risk score.
Scope risk levels: Scope risk levels are decided by the sensitivity of the scopes they have access. For example, if an application has access to a scope that allows it to access & delete all your Google Drive files, that is considered a high-risk scope. In comparison, if an application has access to a scope that allows you to access only a user's email ID, that is considered a low-risk scope.
Compliances: The more compliances an application complies with, the more secure the application is. An application such as Slack is compliant with all significant compliances globally. Hence we consider it more secure when compared to an application with a lesser number of compliances.
Security Probes: Zluri collects security-related information from third-party websites like syllabus, Immuniweb, imirhil etc. Then Zluri takes the weighted average of these security grades & presents it on the dashboard on a range from A to F- A representing a highly secure application & F being a lowly secure application.
Recent security breaches: Zluri also constantly monitors the security breaches related to SaaS applications and increases the risk score if a recent security breach related to any application comes to the news.
Based on the above-mentioned factors, zluri assigns a security score rating from 1 to 5, where 1 & 2 means low risk, 3 is medium risk & 4,5 means high risk.
What actions can be taken based on the security scores?
Actions can be taken based on the authorization status of the applications. A few scenarios are explained below.
Suppose a 'restricted' application is identified as a high-risk application. In this case, as an IT admin, you can notify all users of the applications to stop using the application & remove the authentications of the application from the SSO.
If an application comes under 'managed IT' is identified as a high-risk application. In this case, You may notify the users to securely access the application using SSO by enabling 2FA. or look for more secure alternatives to the applications.
Suppose an application that 'needs review' is identified as high-risk. In this case, You may review the application & mark it as either 'managed IT'/'Unmanaged IT'/'Restricted'. Based on the authentication level, you can take appropriate action.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article