This article explains how to view and analyze third-party interconnected apps used in your environment to quickly assess their security posture.
Third-party applications, extensions, and plugins can introduce significant risk to corporate SaaS environments. These integrations often request broad permissions and are frequently installed without security oversight, creating visibility gaps and expanding the attack surface.
Using integrations with SaaS provider APIs, the Plugin page, in the Applications dashboard, provides comprehensive visibility and risk insights into third-party plugins connected to sanctioned business-critical applications. With this visibility, you can maintain an up-to-date inventory of interconnected apps and plugins, the users who have used them, assess associated risks, and identify unauthorized integrations or integrations with overly permissive permissions. This enables effective governance and control of your SaaS attack surface.
To provide visibility into the third-party apps interconnected with a business-critical app, a connector is required. For a list of supported SaaS apps and an explanation of how to configure the connector, see Interconnected Apps.
A CASB license is required for the Plugin page. For more information about purchasing a CASB license, please contact your Cato representative.
A security analyst needs to ensure that only approved third-party plugins are connected to corporate Slack. End users may install plugins without a security review, potentially granting excessive permissions or introducing security risks. Using the Plugin Inventory, the analyst identified 30 users using an unsanctioned plugin with a high risk level and overly permissive permissions. The analyst contacts the users and requests that they remove the risky plugin to reduce the attack surface.
The Plugin page is part of the Applications Dashboard and displays a list of apps integrated with SaaS applications.
To access the Plugin page, navigate to Security > Applications. On the Inventory page, click Plugins.
This table explains the widgets in the Summary section.
0 comments
Article is closed for comments.