View 3rd Party Apps

View 3rd Party Apps

In today’s interconnected landscape of online applications, the secure interaction between apps on behalf of users is paramount. SaaS Security Posture Management provides a comprehensive overview of 3rd party app connections to your SaaS applications. A 3rd Party App is software developed by a company or individual other than the original platform creator. For instance, apps downloaded from an app store that are not made by the device manufacturer are considered 3rd Party Apps. These apps enhance device functionality, provide additional features, and integrate with existing services.

SSPM provides visibility into the 3rd Party Apps and also includes risk profiling features to help you identify and manage potential vulnerabilities effectively. See Visibility and Risk Profiling for more information.

To view your 3rd Party Apps, log in to your Netskope tenant and navigate to API-Enabled Protection > Security Posture SaaS > 3rd Party Apps.

The Metrics section on the top provides the following details:

  • 3rd Party Apps: Displays the number of 3rd party apps with a critical risk score compared to the total number of 3rd party apps. It displays the percentage change between today and the average of last week.
  • Connected to Apps: Shows the number of SaaS apps on which 3rd Party Apps have been discovered.

This page aggregates a list of all 3rd party apps with the following details:

  • 3rd Party App: Displays the name of the 3rd party app. Click on the name to view the 3rd Party App Details Panel.
  • App Connected to: Name of the connected SaaS app.
  • Instance Name: Indicates the name of the SaaS app instance to which the 3rd party app belongs.
  • Risk Level: Shows the risk level of the 3rd party app. Refer to the Risk Levels document for more information.
  • Risk Score: Displays the risk score of the 3rd party app. Refer to the Risk Levels document for more information.
  • Verification Status: Indicates the verification status of the 3rd party app. Refer to the Update Verification Status section for more information.
  • Resource ID: Displays the unique identifier for a 3rd Party App within a SaaS application. This column is not shown by default in the table. To add it, refer to the Customize Table Columns section for instructions. See Understanding Resource ID section to know more.

3rd Party App Details Panel

Click on the 3rd party app name to open the Details Panel. The panel displays the following information, although not all 3rd party apps will have every detail:

  • Name of the 3rd Party App.
  • Resource ID: Unique identifier for the 3rd Party App. See Understanding Resource ID section to know more.
  • Risk Level of the 3rd Party App.
  • Approved Details: Email ID or username of the user who approved the 3rd Party App.
  • Verification Status: Specifies the existing status of the verification request.
  • Verification Details: Justification for Updating the Verification State.
  • Permission and scope requested: List of permissions and scopes provided to the 3rd Party App.

Customize Table Columns

You can customize the columns displayed in the 3rd Party Apps page table by following these steps:

  1. Navigate to API-Enabled Protection > Security Posture SaaS > 3rd Party Apps.

  2. Click the settings gear icon and select Customize Columns. This will open the Customize Columns window.

  3. Add or remove columns by moving them into or out of the table.

  4. To revert to the default column settings, click Restore Default.

  5. Click Apply to save your changes.

3rd Party Apps Risk Levels

The 3rd Party Apps page provides a summary of 3rd party apps and risk levels. Netskope calculates risk scores based on the scopes requested by 3rd party apps. For example, a 3rd party app requesting global read-write permissions may have a higher risk score compared to an app requesting read-only permissions for specific functionalities, like accessing a file or user.

3rd Party Apps are categorized into five risk levels:

  • Critical: Risk score of 85-100
  • High: Risk score of 60-84
  • Medium: Risk score of 30-59
  • Low: Risk score of 0-29
  • Unknown: Apps for which risk scoring is not available

Netskope periodically updates risk levels based on new threat research and changes in permissions.

Share this Doc

View 3rd Party Apps

Or copy link

In this topic ...