SPM Risk Levels

The Application widget shows the summary of 3rd-party connected apps. Connected app is a mechanism to link a 3rd-party application to a SaaS application platform using OAuth for authorization. For example, Box for Salesforce is a connected app that allows Box to access Salesforce resources using an OAuth token. The 3rd-party connected apps are categorized by risk levels depending on the risk score.

Netskope calculates the risk score based on the risk levels associated with the permissions requested by the 3rd party application. For example, a 3rd-party connected app requesting a read-write permission at a global level will have a high risk score versus an app requesting a read-only permission for specific functionality like reading a file or user.

The 3rd-party connected apps are categorized under 5 risk levels:

• Critical: 3rd-party connected apps with a risk score ranging from 85-100. 
• High: 3rd-party connected apps with a risk score ranging from 60-84. 
• Medium: 3rd-party connected apps with a risk score ranging from 30-59. 
• Low: 3rd-party connected apps with a risk score ranging from 0-29. 
• Unknown : 3rd-party connected apps for which SSPM isn’t able to score risk. 

Netskope periodically updates the risk levels associated with the permission when threat research discovers new critical threats or new permissions.

Clicking the donut chart takes you to the Inventory > Resources page to list the 3rd-party connected apps with appropriate risk level filters. Similarly, when you click the line graph where the app and 3rd-party app count are displayed, the UI takes you to the Inventory > Resources page to list the 3rd-party connected apps with appropriate app and risk level filters.

You can see the resource risk and permissions in the Resource Details panel. See View Security Posture Inventory for more information.