: New Features Introduced in July 2024
Focus
Focus

New Features Introduced in July 2024

Table of Contents

New Features Introduced in July 2024

Learn about the new features that became available in SaaS Security starting July 2024.
The following new features were introduced for SaaS Security in July 2024. Refer to the Administrator’s Guide for more information on how to use Data Security, SaaS Security Inline, SaaS Security Posture Management (SSPM), and Behavior Threats.

Create Policies in SSPM

This new feature also introduces a change to SSPM terminology. Previously, the term policy referred to a built-in recommendation for securing SaaS applications. Each policy was a grouping of similar settings, related to the recommendation, across all applications. When SSPM detected a misconfigured setting, SSPM would change the associated policy's status to Failed. What was previously called a policy in SSPM is now called a rule. The purpose and behavior of rules are the same as when they were called policies; only the name has changed.
The term policy now refers to an administrator-defined grouping of SaaS application instance settings for SSPM to monitor.
You can now create policies to monitor specific settings for specific application instances. This capability helps you to concentrate your attention on the applications and settings that are most critical to your organization. SSPM displays the status of all policies on a new Security Configurations page (SSPMSecurity Configurations). On the Security Configurations page, you can also view the status of SSPM's predefined rules. While SSPM's predefined rules monitor the status of similar settings across all SaaS applications, administrator-defined policies focus on the applications and settings that are most important to you.
For example, for the subset of applications that are most critical to your organization, enforcing multi-factor authentication (MFA) and limiting session length might be of primary importance to you. In this case, you could create a policy that monitors only these critical applications and only the settings related to MFA and session duration. If SSPM detects a new violation in these settings, SSPM updates the policy status on the Security Configurations page. In this way, SSPM helps you track the status of your most critical applications to maintain a healthy security posture.

Webhook Notifications from SSPM

You can now configure SSPM to send webhook notifications to a channel in Slack or Microsoft Teams. To do this, you first create an incoming webhook in Slack or Microsoft Teams for the channel. To enable SSPM to post its notifications to the Slack or Microsoft Teams channel, you provide SSPM with the webhook URL for that channel. SSPM will send notifications when applications are onboarded or deleted, the first time an application is scanned, and when scans detect changes to an application's configuration settings.

Assess Your Identity Posture in SSPM

SaaS Security Posture Management now includes an Identity Security component to help you identify misconfigurations in your identity posture. Specifically, the Identity Security component gives you visibility into problems with your multi-factor authentication (MFA) implementation. The Identity Security component of SSPM uses information from your identity provider to give you visibility into these problems, which include MFA enrollment and sign-in issues. You can integrate the Identity Security component with either the Microsoft Azure or the Okta identity provider.
To navigate to the Identity Security dashboard, select Posture SecurityIdentity.

Scan Support for ChatGPT Enterprise App

You can connect a ChatGPT Enterprise instance to Data Security to gain visibility into the usage of ChatGPT in your enterprise. Data Asset policies can be defined to create incidents for sensitive data. Onboard your ChatGPT Enterprise app to Data Security.