View Security Posture Overview

View Security Posture Overview

Netskope SaaS Security Posture Management (SSPM) has introduced a brand new Overview page. The Overview page provides a summary of the following:

  • SaaS apps configured in SaaS Security Posture Management.

    Note

    The Applications widget now shows a summary of 3rd-party connected apps.

  • Total number of users across SaaS apps and the past 7 days trend graph.
  • Total number of findings which includes passed and failed rules and findings broken down by severity/apps, and past 7 days trend graph.
  • Compliance standard pass percentage, percentage of passed rules by compliance standard, past 7 days trend graph, and failed findings count by compliance standard.

To view the Overview page, log in to your Netskope tenant and navigate to API-enabled Protection > Security Posture SaaS > Overview.

You can refresh the page and the Result As Of label shows the date and local time.

There are 4 widgets on this page:

  • Applications: This widget displays a summary of all the SaaS apps configured in SaaS Security Posture Management. It also shows the apps that are not configured. For the non-configured apps, you can click the SETUP INSTANCE link at the top-right corner of the Application widget. This takes you to the instance set up page where you can set up the non-configured SaaS apps.

    The widget also shows a summary of 3rd-party connected apps. Connected app is a mechanism to link a 3rd-party application to a SaaS application platform using OAuth for authorization. For example, Box for Salesforce is a connected app that allows Box to access Salesforce resources using an OAuth tokenx. The 3rd-party connected apps are categorized by risk levels. Clicking the donut chart takes you to the Inventory > Resources page to list the 3rd-party connected apps with appropriate risk level filters. However, editing the current filter on the Inventory > Resources page resets the result. This issue will be resolved in a future release. Similarly, when you click the line graph where the app and 3rd-party app count are displayed, the UI takes you to the Inventory > Resources page to list the 3rd-party connected apps with appropriate app and risk level filters.

    Note

    Currently, Netskope supports AzureAD and Salesforce 3rd-party connected apps.


  • Users: This widget displays the total number of users across all configured SaaS apps. The donut chart also gives a breakdown of users by configured SaaS apps. You can click a part of the donut chart or the total users’ count. Once you click, the page redirects to the Inventory > Resources page with preselected filters. You can view the list of users.

    The widget also displays a trend chart. It shows the user trend count in the last 7 days. At the bottom-right, there is a percentage (%) value. This shows the % change between the current date and the past weeks’ average.


  • Findings: This widget displays the total number of raw findings which includes passed and failed rules and findings. On the top-right corner of the widget, you can click VIEW FAILED FINDINGS. This takes you to the Findings > Raw Findings page. You can view all the failed findings.

    You can also click the total, passed, and failed numbers. This takes you to the Findings > Raw Findings page with preselected filters.The donut chart displays the total number of failed findings by severity. You can click a part of the donut chart or the total failed findings. Once you click, the page redirects to the Findings > Raw Findings page with preselected filters.The widget also displays a trend chart. It shows the failed findings trend count in the last 7 days. At the bottom-right of the trend graph, there is a % value. This shows the % change between the current date and the past weeks’ average.At the bottom of the widget, you can see a bar graph that displays the failed findings count categorized by the configured SaaS apps. The failed findings are further classified by severity. You can click a part of the bar graph. Once you click, the page redirects to the Findings > Raw Findings page with preselected filters.

    Findings-Widget.png
  • Compliance: This widget displays the compliance standard pass %, % of passed rules by compliance standard, past 7 days trend graph, and failed findings count by compliance standard. On the tip-right of the widget, you can click VIEW ALL RULES. This takes you to the Findings > Rules page. You can view all the rules.

    You can also click the total rules, pass rate %, passed, and failed numbers. This takes you to the Findings > Rules page with preselected filters. The widget also displays a bar graph consisting of % of passed rules by compliance standard. You can scroll through the list to see all the compliance standards. The % of passed rules are further classified by failed and passed rules.

    Important

    It is important to note that a single rule can be part of multiple compliance standards. Keeping this in mind, though a user has configured a single compliance standard in the policy wizard, the rule(s) may be part of multiple compliance standards. Therefore, the bar graph may display additional compliance standards although the user has configured a single compliance standard.

    The widget also displays a trend chart. It shows the pass % rate trend count in the last 7 days. At the bottom-right of the trend graph, there is a % value. This shows the % change between the current date and the past weeks’ average. At the bottom of the widget, you can see a bar graph that displays the failed findings count by compliance standard. You can scroll through the list to see all the compliance standards. The failed findings are further classified by severity. You can click a part of the bar graph. Once you click, the page redirects to the Findings > Raw Findings page with preselected filters.

Share this Doc

View Security Posture Overview

Or copy link

In this topic ...