Configure Risk Factor Importance

Table of Contents

Configure the overall risk factor importance to customize data, application, and user Data Risk risk factor weights.

On May 7, 2025, Palo Alto Networks is introducing new Evidence Storage and Syslog Forwarding service IP addresses to improve performance and expand availability for these services globally.

You must allow these new service IP addresses on your network to avoid disruptions for these services. Review the Enterprise DLP Release Notes for more information.

Where Can I Use This?	What Do I Need?
NGFW (Managed by Strata Cloud Manager) Prisma Access (Managed by Strata Cloud Manager)	Enterprise Data Loss Prevention (E-DLP) license Review the Supported Platforms for details on the required license for each enforcement point. Or any of the following licenses that include the Enterprise DLP license Prisma Access CASB license Next-Generation CASB for Prisma Access and NGFW (CASB-X) license Data Security license

Data Risk is calculated based on multiple risk factors across data, application, and users for an asset. Configure the overall risk factor importance to customize the risk factor weight for each risk factor when calculating the overall data risk for a data security asset. You can apply the following Importance Levels for each risk factor.

Extremely Important
Very Important
Important
Somewhat Important
Of Little Importance
Not Important

Log in to Strata Cloud Manager.
Select ManageConfigurationData Loss PreventionSettingsData RiskRisk Factor Importance.
Configure the overall Data Application, and User risk factor importance.
- Data
  Data Profile—Predefined and custom Enterprise Data Loss Prevention (E-DLP) data profiles.
  Data Exposure—Exposure of a data asset exposure.
- Application
  Application Tag—Default categorize discovered applications on SaaS Security to monitor users of SaaS apps more efficiently. Applications can be tagged as Sanctioned, Tolerated, Unsanctioned, Unknown, or have custom tags.
  Sanctioned—Applications sanctioned by your organization and being used by employees in your organization.
  Unsanctioned—Applications unsanctioned by your organization for use by employees in your organization.
  Tolerated—Application that is not trusted like a sanctioned app, but that is allowed to be used by employees until your organization is able to replace it with a more secure app so as not to inhibit the productivity of your users.
  Unknown—Default for SaaS applications that are not tagged.
  Application Risk—SaaS Security Inline risk scores assigned to a SaaS application.
  Application Tenant Type—Determines whether a particular instance of an application is Managed, Not Managed, Personal, or Other
  SSPM Posture—SaaS Security Posture Management used to detect and address misconfigured settings in sanctioned SaaS applications.
- Users
  Owner Risk—Risk factor weight for the owner of a data asset that is consumed based on the User Risk information collected from Cloud Identity Engine (CIE)
  Collaborator Risk—Risk Factor weight based on the risk of all collaborators who have access to a data asset
Save Changes.
Configure Severity for Data Profiles.