This article discusses how to use the App Catalog to get more information about cloud-based and on-premise applications and services.
The App Catalog contains general information, compliance, and security data for thousands of apps and services. You can use the catalog to learn more about an app and decide how to use the app in your organization. All the apps and services can be used in the policies and rulebases in the Cato Management Application. The following screenshot is an example of the Slack app:
The data for each app is an automated process based on a proprietary Cato tool, that is maintained by the Security Research team, which compiles these fields for every app: description, compliance, security, and risk score. For more information, see this blog post.
The App Catalog has these columns:
-
Logo and Name of the app.
Apps are labeled New for 30 days after they are added to the catalog. You can use the Status drop-down menu to filter the catalog to show only new apps.
-
A Description of the app
-
Cato Category that the app belongs to
-
Risk score for the app (Cato provides a risk score for each application between 0 (no risk) and 10 (very high risk). The risk score is calculated based on the analysis of millions of data flows. You can edit the risk score for your account. For more information, see below, Understanding the Risk Score.
-
Sanctioned - Shows if the app has been defined as a sanctioned app. For more about sanctioned vs. unsanctioned apps, see Working with the Cloud Apps Dashboard
-
App Type - Cloud, on-premise, or service
Expand an app to show the following additional information and options:
-
Click Add to Sanctioned Apps to include the app in the Sanctioned Apps category for your organization's Application Control policy. You can also click to remove an app from the Sanctioned Apps category
-
General information about the app and the company that created it
-
Compliance shows which standards the app is compliant with and supports
-
Security shows the security features that the app supports
-
Activities - Shows the granular activities that are available for the app in Application Control rules. If there are fields that can be configured for an activity, they are listed under the activity. For example, the catalog shows that one of the activities you can add to a rule for Slack is Add Reaction, and that you can configure a specific Reaction name for the activity. For more about configuring Application Control rules, see Managing the Application Control Policy.
Cato assigns each app a default risk score between 0 (no risk) to 10 (very high risk) to help you evaluate if the app meets the requirements of your security policy. You can also edit and override the default risk score for your account to customize the score for your organization’s security requirements.
The risk score is divided into the following risk levels:
-
Low - apps with a risk score between 0 - 3
-
Medium - apps with a risk score between 4 - 6
-
High - apps with a risk score between 7 - 10
Risk score is used in event logs, App Analytics and other dashboards, and for Application Control rules that use risk score in the rule criteria.
The security team for Example Corp. assessed acceptable risk levels for the organization, and decided to create an Application Control rule that blocks access to all cloud apps with a risk score of 5 or above. However, the company uses Anthropic AI systems for business-critical activities, and Anthropic has a default risk score of 5. After thorough research, the Example Corp. security team decides that the app entails lower risk than the default score indicates. The team edits the risk score to 2, and the app is no longer blocked by the Application Control policy.
Cato uses an in-house artificial intelligence engine to analyze the relevant data and metrics and generate the risk score, including:
-
General, Compliance, and Security data (shown in the App Catalog)
-
Sentiment analysis (machine learning technique) based on recent news articles regarding the company
-
Information about relevant software vulnerabilities and breaches
-
Internal threat intelligence and domain-related information from the Cato Research Labs
Edit an app risk score from the relevant row in the App Catalog page. When you edit the score, it overrides the Cato-defined default risk level wherever the app risk is used in your account. After an app risk is edited, check which admin edited it and the time it was last modified by clicking the edit icon. You can also use the Edited Risk filter to show only the apps with edited risk scores.
To edit an app risk score:
-
From the navigation menu, select Resources > App Catalog.
-
In the row of the app, hover the mouse in the Risk column and click the edit icon. The Edit Custom Application Risk panel opens.
-
Under Edit Application Risk, enter the risk score.
-
Click Apply. The risk score is updated for the account.
2 comments
Is there an export of the app catalog or a way to export it?
Odis Massey Thanks for your comment. It is not possible to export the App Catalog.
Please sign in to leave a comment.