This article discusses how to use the App Catalog to get more information about cloud-based and on-premise applications and services.
The App Catalog contains general information, compliance, and security data for thousands of apps and services. You can use the catalog to learn more about an app and decide how to use the app in your organization. All the apps and services can be used in the policies and rulebases in the Cato Management. The following screenshot is an example of the Zoom app:
The App Catalog has these columns:
-
Logo and Name of the app.
Apps are labeled New for 30 days after they are added to the catalog. You can use the Status drop-down menu to filter the catalog to show only new apps.
-
A Description of the app
-
Cato Category that the app belongs to
-
Risk score for the app (Cato provides a risk score for each application between 0 (no risk) to 10 (very high risk). The risk score is calculated based on the analysis of millions of data flows.
-
Sanctioned - Shows if the app has been defined as a sanctioned app. For more about sanctioned vs. unsanctioned apps, see Working with the Cloud Apps Dashboard
-
App Type - Cloud, on-premise, or service
Expand an app to show the following additional information and options:
-
Click Add to Sanctioned Apps to include the app in the Sanctioned Apps category for your organization's Application Control policy. You can also click to remove an app from the Sanctioned Apps category
-
General information about the app and the company that created it
-
Compliance shows which standards the app is compliant with and supports
-
Security shows the security features that the app supports
-
Activities - Shows the granular activities that are available for the app in Application Control rules. If there are fields that can be configured for an activity, they are listed under the activity. For example, the catalog shows that one of the activities you can add to a rule for Slack is Add Reaction, and that you can configure a specific Reaction name for the activity. For more about configuring Application Control rules, see Managing the Application Control Policy.
Cato assigns each app a Risk Score between 0 (no risk) to 10 (very high risk) to help you evaluate if the app meets the requirements of your security policy. Cato uses an in-house artificial intelligence engine to analyze the relevant data and metrics and generate the Risk Score, including:
-
General, Compliance, and Security data (shown in the App Catalog)
-
Sentiment analysis (machine learning technique) based on recent news articles regarding the company
-
Information about relevant software vulnerabilities and breaches
-
Internal threat intelligence and domain related information from the Cato Research Labs
The Risk Score is divided into the following risk levels:
-
Low - apps with a Risk Score between 0 - 3
-
Medium - apps with a Risk Score between 4 - 6
-
High - apps with a Risk Score between 7 - 10
2 comments
Is there an export of the app catalog or a way to export it?
Odis Massey Thanks for your comment. It is not possible to export the App Catalog.
Please sign in to leave a comment.