DOCUMENTATION
- Home
- Documentation
- Security and Compliance
- Security and Compliance
Security and Compliance
-
Security
This module deals with the overall security and compliance of all apps associated with the Zluri Dashboard. This is because SaaS brings new security and compliance challenges in modern times. Major concerns like Shadow-IT, exposing Personally Identifiable Information (PII), and sharing the company IP with 3rd parties are all just some of the security and compliance concerns your organization should address.
Zluri’s security module lists the critical applications & users based on the sensitive scopes they have access.
-
Critical Apps:
This section basically lists the risky apps as they have a high threat level and may be compromised in terms of security and compliance standards. It is a very simple-to-use list, and you can customise the list based on the following:
Applying filters: On the top of the Critical app list, you will see a button labelled Filter followed by a number which denotes the number of lists applied to the list.
You can add new filters by clicking on the Filter button, and then from the window that opens, click on Add Filters button.
The following set of filters can be applied to Critical apps:
The filters can be selected on the basis of Archive, status (whether active or inactive), Application Name, Application Id, Threat level (is greater than), Critical user count, critical scope count (number of scopes that are under risk associated with the app), risk score and risk level.
Applying Columns: You can customise the list by selecting the columns based on which the security information of an app is to be displayed. just click on the button next to the Filter button to open the Columns menu.
From the above, select the columns you wish to keep and click apply.
-
Security Breakdown of App
Zluri also provides the feature of providing detailed security and compliance information for individual apps. To do so, you can click the app name under the Critical Apps list. This will redirect you to the individual app page under the Applications module.
Once the page opens, click on the Security & Compliance tab. This will take you to the Security & Compliance overview page, where you can view the detailed risk information about the application.
Note: You can access the same app directly from the Applications module by clicking on the app name under the applications menu and selecting the Security & Compliance tab.
On the overview page, you can view the following details about the security and compliance of the app:
Status: Displays the overall risk status of the app as one of High, Medium or Low. Can also be used to reset risk status.
Risk: Displays the current risk level of the app on a scale of 1 to 5. (Low To High Risk)
Threat: Displays the current threat level of the app on a scale of 1 to 5. (Low To High Risk)
Compliance: Shows which security & compliance standards the app is associated with it. Ex: GDPR
Events: This can be found on the right-hand side of the overview page as the first of 4 tabs. It lists any recent events associated with the app’s risk or threat levels and all relevant information.
Data Shared: This shows the current threat-based information associated with the app. For ex: When a user assigns a scope to the app to View and modify but not delete your email.
Security grade: This is the final security rating assigned to the app on a score of 100. The assessment for the same is done based on several security factors. To view the detailed information on the same or to rescan the security assessment for a newer score, click on the Security Probes tab.
-
Critical Users:
Note: You can view the critical user information for a particular app, like risk level or threat associated with a user, by simply clicking on the Users tab under the individual Applications menu.
The critical users' list can be found right next to the critical apps list under the security module in the Zluri Dashboard. Similar to the table of critical apps, the critical users' tab contains the data table of Critical Users within an organization who currently pose a certain level of risk/threat to the organization by harnessing one or many critical apps which pose a risk to the organization.
The data table consists of 5 columns:
Name: Used to identify the name of the critical user.
Status: This shows whether the critical user is currently active or not.
Threat: This denotes the current threat score of the user.
Risk: This is used to denote the current risk level score of the particular critical user.
Critical Apps: This shows the current critical apps which the given persons are using
Applying filters: On the top of the Critical users' list, you will see a button labelled Filter followed by a number that denotes the number of lists applied to the list.
You can add new filters by clicking on the Filter button, and then from the window that opens, click on Add Filters button.
The following set of filters can be applied to the list of critical users:
The filters can be selected based on Archive, status (whether active or inactive), Application Name, Application Id, Threat level (is more significant than), Critical user count, critical scope count (number of scopes that are under risk associated with the app), risk score and risk level.
Applying Columns: You can customise the list by selecting the columns based on which the security information of an app is to be displayed. Just click on the button next to the Filter button to open the Columns menu.
From the above, select the columns you wish to keep and click on apply.