Next Generation API Data Protection Inventory

Next Generation API Data Protection Inventory

The Next Generation API Data Protection Inventory page provides deep insights on various entities supported by the SaaS apps. Administrators can use the personalized dashboard to perform ad hoc, real-time queries that can quickly group, filter, and drill-down on contextualized data and transactions across an enterprise organization’s cloud activities at a scale and granularity.

After your SaaS app account and Next Generation API Data Protection are set up on the Netskope tenant, the Next Generation API Data Protection inventory page is automatically populated with the relevant files, folders, user data, wiki, page, comment, and entities.

Once you log in to the Netskope UI tenant, click API-enabled Protection > SAAS (NEXT GEN) > Inventory on the left navigation pane to view the inventory page.

The Inventory page includes the following entity types:

Content

The Content tab displays a list of comments, emails, files, messages, and Confluence page entities from the connected cloud storage SaaS apps.

The Content tab includes:

• Comments: List of comments added, edited, or deleted on a Confluence page.

• Emails: Email related activities of your email account. You can click an entry to get additional information like sender email, mailbox owner, email resource ID, folder, attachment, external recipients, exposure, DLP violations, and more. You can also download an email.

• Files: List of files in your connected SaaS apps.

• Messages: Message content in your collaboration and messenger SaaS apps.

• Pages: List of Atlassian Confluence pages created, edited, or deleted.

You can filter the data based on:

• Resource Name: Name of the file.

• File Type: Also known as a file format, refers to the structure and organization of data within a computer file. File types are identified by their file extensions, which are the three or four letters that follow the period in a file’s name. For example, a file named “document.docx” has the file extension “.docx” indicating that it is a Microsoft Word document file type.

• Exposure: The exposure of the file i.e.:

  • Public: Entities shared publicly.

  • External: Entities can be accessed by specific users outside of the organization.

  • Org-wide: Entities can be accessed by all users inside the organization.

  • Internal: Entities can be accessed by specific users inside the organization.

  • Private: Entities can be accessed by the owner only.

• File Owner: Name or email address of the owner of the file.

The Content tab displays the following data:

• Name: Name of the file.

• App Suite: An application suite is a collection of multiple software applications that are designed to work together and complement each other to provide a comprehensive set of tools and functionalities for a specific purpose. For example, Google App, Office 365.

• App: Name of the connected SaaS app.

• App Category: Type of SaaS app solution clubbed together. For e.g., Cloud Storage, Collaboration, Development Tool, HR, etc.

• Instance: Name of the SaaS app instance configured under Settings > Configure App Access > Next Gen > CASB API.

• File Type: Also known as a file format, refers to the structure and organization of data within a computer file. File types are identified by their file extensions, which are the three or four letters that follow the period in a file’s name. For example, a file named “document.docx” has the file extension “.docx” indicating that it is a Microsoft Word document file type.

• File Size: The size of the file in bytes, kilobytes, or megabytes.

• File Owner: Name or email address of the owner of the file.

• Resource ID: Resource ID is an unique ID to identify a resource (a file, folder, repository, user, etc.) in the system. It is generated by the corresponding SaaS apps. Including or excluding a specific resource to filter can be specified using Resource ID.

• Exposure: The exposure of the file i.e.:

  • Public: Entities shared publicly.

  • External: Entities can be accessed by specific users outside of the organization.

  • Org-wide: Entities can be accessed by all users inside the organization.

  • Internal: Entities can be accessed by specific users inside the organization.

  • Private: Entities can be accessed by the owner only.

• Last Modified Time: The date and time this entity got modified.

In addition, you can click the name entry in the table to get a detailed view of the entity.

The Inventory page has introduced two new sections on the side panel details – Sharing and Links. 

• Sharing: Displays a list of user email addresses with whom the file is shared and the corresponding permission access level.

• Links: Displays a list of file exposure level, permission access level, link expiry date, and the shared link

Content Collections

The Content Collections tab displays a list of channels from messenger apps, folders from cloud storage apps, repositories from development tools apps (like GitHub), and wikis from collaboration apps like Atlassian Confluence. You can toggle between Content Collections, Channels, Folders, Repository, and Wikis drop-down menu. The Content Collections tab displays a combination of channels, folders, repositories, and wikis from the connected SaaS apps. The Folders tab lists all the folders (collections of files) from the connected cloud storage SaaS apps. The Repository tab lists all the repositories (collections of commits) from the connected development tools SaaS apps.

• The Channels tab lists the name of channels from a messenger app like Microsoft Yammer or Zoom. This table also displays the exposure type.

• The Folders tab lists all the folders (collections of files) from the connected cloud storage SaaS apps.

• The Repository tab lists all the repositories (collections of commits) from the connected development tools SaaS apps.

• The Wikis tab lists the Confluence wiki spaces including exposure, and other details.

In addition to the filters available in Users, User Groups, and Content tabs, you can filter the data based on:

• Resource Type: Type of resource like a folder or repository.

The Content Collections, Folders, and Repository tabs displays the following data:

• Name: Name of the SaaS app entity (folder, repository).

• App Suite: An application suite is a collection of multiple software applications that are designed to work together and complement each other to provide a comprehensive set of tools and functionalities for a specific purpose. For example, Google App, Office 365.

• App: Name of the connected SaaS app.

• App Category: Type of SaaS app solution clubbed together. For e.g., Cloud Storage, Collaboration, Development Tool, HR, etc.

• Instance: Name of the SaaS app instance configured under Settings > Configure App Access > Next Gen > CASB API.

• Resource Type: Type of resource like a folder or repository.

• Resource ID: Resource ID is an unique ID to identify a resource (a file, folder, repository, user, etc.) in the system. It is generated by the corresponding SaaS apps. Including or excluding a specific resource to filter can be specified using Resource ID.

• Last Modified Time: The date and time this entity got modified.

The following data is specific to the Repository tab:

• Owner: Name of the owner of the repository.

• Repository URL: URL link of the repository.

• Exposure: The exposure of the repository i.e.:

  • Public: Entities shared publicly.

  • Internal: Entities can be accessed by specific users inside the organization.

  • Private: Entities can be accessed by the owner only.

In addition, you can click the name entry in the table to get a detailed view of the entity.

Users

The Users tab displays a list of external collaborators and all users from the connected SaaS apps.

You can filter the data based on:

• User name: Name of the user and email address.

• App: Name of the connected SaaS app.

• Instance: Name of the SaaS app instance configured under Settings > Configure App Access > Next Gen > CASB API.

• App Suite: An application suite is a collection of multiple software applications that are designed to work together and complement each other to provide a comprehensive set of tools and functionalities for a specific purpose. For example, Google App, Office 365.

• App Category: Type of SaaS app solution clubbed together. For e.g., Cloud Storage, Collaboration, Development Tool, HR, etc.

• User Type: Exposure of the user i.e., internal, external.

• User Status: Indicates the status of the user i.e., active, deleted, suspended, unspecified.

• Resource ID: Resource ID is an unique ID to identify a resource (a file, folder, repository, user, etc.) in the system. It is generated by the corresponding SaaS apps. Including or excluding a specific resource to filter can be specified using Resource ID.

The Users tab displays the following data:

• User name: Name of the user and email address.

• App Suite: An application suite is a collection of multiple software applications that are designed to work together and complement each other to provide a comprehensive set of tools and functionalities for a specific purpose. For example, Google App, Office 365.

• App: Name of the connected SaaS app.

• Instance: Name of the SaaS app instance configured under Settings > Configure App Access > Next Gen > CASB API.

• App Category: Type of SaaS app solution clubbed together. For e.g., Cloud Storage, Collaboration, Development Tool, HR, etc.

• User Type: Exposure of the user i.e., internal, external.

• Resource ID: Resource ID is an unique ID to identify a resource (a file, folder, repository, user, etc.) in the system. It is generated by the corresponding SaaS apps. Including or excluding a specific resource to filter can be specified using Resource ID.

• User Status: Indicates the status of the user i.e., active, deleted, suspended, unspecified.

• Last Modified Time: The date and time this entity got modified.

In addition, you can click the user name entry in the table to get a detailed view of the entity.

The Users tab also displays external collaborators or domains. You can toggle between Users, and External Collaborators drop-down. However, the External Collaborators tab is a subset of Users. What you see under this tab is the same as under the Users tab.

User Groups

The User Groups tab displays a list of all the user groups from the connected SaaS apps. An administrator can create users, groups, and assign users to a group in most of SaaS apps. Netskope retrieves these data from the SaaS apps.

In addition to the filters available in Users tab, you can filter the data based on:

• Resource Name: Name of the user group.

The User Groups tab displays the following data:

• Name: Name of the user group.

• App Suite: An application suite is a collection of multiple software applications that are designed to work together and complement each other to provide a comprehensive set of tools and functionalities for a specific purpose. For example, Google App, Office 365.

• App: Name of the connected SaaS app.

• Instance: Name of the SaaS app instance configured under Settings > Configure App Access > Next Gen > CASB API.

• App Category: Type of SaaS app solution clubbed together. For e.g., Cloud Storage, Collaboration, Development Tool, HR, etc.

• Resource ID: Resource ID is an unique ID to identify a resource (a file, folder, repository, user, etc.) in the system. It is generated by the corresponding SaaS apps. Including or excluding a specific resource to filter can be specified using Resource ID.

• Last Modified Time: The date and time this entity got modified.

In addition, you can click the name entry in the table to get a detailed view of the entity.

Manual Remediation Actions

In addition to providing deep insights on various entities supported by the SaaS apps, you can take remediation action for certain types of entities in the SaaS app. The available remediation actions are as follows:

• Change owner to a specific user: This action changes the owner of the file to a specific user. On clicking this option, the UI prompts you to enter the email address of the specific user. Click Proceed.

• Restrict access to owner: This action restricts the access of the file to the owner only.

• Restrict access to internal collaborators: This action restricts the access of the file to users within the organization and domains as defined under Settings > Administration > Internal Domains.

• Restrict access to specific domains and internal collaborators: This action restricts the access of the file to selected domain(s) and internal collaborators as defined in the previous bullet item. On clicking this option, the UI prompts you to enter the domain profile name. Click Proceed.

  If you do not have a domain profile defined, click Manage Domain Profiles to create a new domain profile.

• Revoke organization-wide sharing: This action removes any kind of organization-wide sharing links and access.

• Revoke specific domains: This action removes access for users matching the specified domain profile. On clicking this option, the UI prompts you to enter the domain profile name. Click Proceed.

  If you do not have a domain profile defined, click Manage Domain Profiles to create a new domain profile.

In addition to taking remediation action, you can send an email notification too. To do so, click an app entry. In the details page, under the Take Action drop-down, select an option. A pop-up window opens. Select the Notify Users checkbox and the available options to send an email notification.

The list of available remediation actions are determined by:

• App capability check (same as in policy wizard).

• Resource type check, currently only enabled for file type.

• For bulk actions, only actions supported by all selections are enabled.